fix(zsh): fix RH functions

As the previous way of connecting to the VPN and obtaining Kerberos ticket is not safe (keeping both password and TOTP together), it has not been used for a long time. Refactor the aliases to allow for safer, yet somewhat automated way of connecting and obtaining Kerberos ticket. Signed-off-by: Matej Focko <me@mfocko.xyz>
2024-11-28 09:40:01 +01:00 · 2024-11-28 09:40:01 +01:00 · f49b40428c
commit f49b40428c
parent 6ae61103c4
1 changed files with 14 additions and 3 deletions
--- a/roles/shell/zsh/templates/zshrc
+++ b/roles/shell/zsh/templates/zshrc
@ -143,9 +143,20 @@ function ls_links() {
 }

 ### Red Hat ###
-alias rh_vpn='echo "$(bw get password Red\ Hat\ -\ SSO)$(bw get totp Red\ Hat\ -\ SSO)" | nmcli --ask connection up Brno\ \(BRQ\)'
-alias rh_vpn_rdu2='echo "$(bw get password Red\ Hat\ -\ SSO)$(bw get totp Red\ Hat\ -\ SSO)" | nmcli --ask connection up Raleigh\ \(RDU2\)'
-alias rh_wifi='echo -e "\n$(bw get password Red\ Hat\ -\ SSO)$(bw get totp Red\ Hat\ -\ SSO)" | nmcli --ask connection up Red\ Hat'
+function _rh_pass() {
+    local PIN=$(bw get password "Red Hat - SSO")
+    local TOKEN=$(kdialog --password 'Token for Red Hat - SSO')
+    echo "$PIN$TOKEN"
+}
+
+export RH_VPN_ENDPOINT="Brno (BRQ)"
+function rh_vpn() {
+  PASS=$(_rh_pass)
+  echo $PASS | nmcli --ask connection up "$RH_VPN_ENDPOINT"
+}
+function rh_vpn_rdu2() {
+    RH_VPN_ENDPOINT="Raleigh (RDU2)" rh_vpn
+}
 alias rh_ticket='echo "$(bw get password Red\ Hat\ -\ Kerberos)" | kinit mfocko@REDHAT.COM'

 ### Fedora ###