fix: simplify mac nordvpn tailscale coordination
This commit is contained in:
Stefano Fiorini
@@ -36,8 +36,11 @@ node skills/nordvpn-client/scripts/nordvpn-client.js disconnect
|
||||
- `wireguard-go`
|
||||
- `wireguard-tools`
|
||||
- non-interactive `sudo` for `~/.openclaw/workspace/skills/nordvpn-client/scripts/nordvpn-wireguard-helper.sh`
|
||||
- the macOS WireGuard config intentionally omits `DNS = ...`
|
||||
- reason: `wg-quick` on macOS rewrites system DNS across services when `DNS` is present, which can break connectivity and other tunnels
|
||||
- the macOS WireGuard config uses NordVPN DNS directly:
|
||||
- `103.86.96.100`
|
||||
- `103.86.99.100`
|
||||
- before connect, the skill automatically suspends Tailscale if it is active
|
||||
- after disconnect, or after a failed connect, the skill brings Tailscale back up if it suspended it
|
||||
- `NordVPN.app` may stay installed but is only the manual fallback
|
||||
- the app login is not reused by the automated WireGuard backend
|
||||
|
||||
@@ -94,4 +97,5 @@ After `connect`, the intended workflow is:
|
||||
|
||||
- Linux behavior still depends on the official `nordvpn` CLI.
|
||||
- macOS automated connects require token-based WireGuard setup; GUI-app login alone is insufficient.
|
||||
- macOS automated connects intentionally suspend Tailscale for the duration of the NordVPN session.
|
||||
- The Homebrew `nordvpn` app does not need to be uninstalled.
|
||||
|
||||
Reference in New Issue
Block a user