jakub holý

building the right thing, building it right, fast

Connect Tunnelblick to VPN automatically after wake up

2014-12-12 12:33:22Tools

Need: Make sure that VPN is always running except when at work.

Partial solution: Make sure VPN is always running with "connect when computer starts" and using an AppleScript to connect after waking up from sleep. Disconnect manually when at work.

Future: Check the current location (wifi name? IP?) and do not connect when at work.



Tunnelblick config



Select "When computer starts" for the VPN config option "Connect".

(Re)Connect to VPN after wake up from sleep



Wake-up script



Create the AppleScript ~/wake.sh to connect VPN and display a notification about it (OS X 10.9+):


#!/usr/bin/osascript
# Start Tunnelblick VPN after wakeup (run via sleepwatcher)
# See /Users/me/Library/LaunchAgents/de.bernhard-baehr.sleepwatcher-20compatibility.plist

tell application "Tunnelblick" connect "MY_VPN" ## Uncomment v to wait until the connection is establieshed: # get state of first configuration where name = "MY_VPN" # repeat until result = "CONNECTED" # delay 1 # get state of first configuration where name = "MY_VPN" # end repeat end tell

display notification "(See ~/wake.sh)" with title "Tunneblick connecting..."


Running the wake-up script



We will use sleepwatcher, install it f.ex. via brew:

brew install sleepwatcher


And create a launch agent to start it with the wake script, based on the example provided by brew when installing (/usr/local/Cellar/sleepwatcher/2.2/de.bernhard-baehr.sleepwatcher-20compatibility-localuser.plist, renamed and modified) - ~/Library/LaunchAgents/de.bernhard-baehr.sleepwatcher.plist:


...
<!--string>-s ~/.sleep</string-->
<string>-w ~/wake.sh</string>


Testing it



Start the launch agent:

launchctl load ~/Library/LaunchAgents/de.bernhard-baehr.sleepwatcher.plist


Now make your computer sleep, wake it up and see if you get the notification (click on the notification icon if it doesn't show up) and if VPN starts.

Troubleshooting - run the wake.sh manually from the command line (provided that you chmod +x it first).

Resources