Home/stef-openclaw-skills
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add mac wireguard nordvpn backend

Browse Source
This commit is contained in:
Stefano Fiorini
2026-03-11 23:44:22 -05:00
parent b326153d26
commit 4a539a33c9
7 changed files with 700 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
docs/nordvpn-client.md
View File

@@ -4,9 +4,9 @@ Cross-platform NordVPN lifecycle skill for macOS and Linux.
## What it does
- Probes whether NordVPN is already installed
- Bootstraps NordVPN if missing
- Handles login bootstrap
- Probes whether NordVPN is already installed or automation-ready
- Bootstraps the required backend if missing
- Handles login/bootstrap
- Connects to a country or city target
- Disconnects and reports status
- Verifies public IP and geolocation after connect
@@ -29,12 +29,15 @@ node skills/nordvpn-client/scripts/nordvpn-client.js disconnect
### macOS
- install path: `brew install --cask nordvpn`
- probe order:
- `nordvpn` CLI if present
- `NordVPN.app`
- if the installed package exposes a usable CLI, the skill uses it
- otherwise it opens the app and returns a clear manual-action-required result for login/connect/disconnect
- preferred backend: NordLynx/WireGuard
- install path: `brew install wireguard-go wireguard-tools`
- automation requirements:
- `NORDVPN_TOKEN` or `NORDVPN_TOKEN_FILE`
- `wireguard-go`
- `wireguard-tools`
- non-interactive `sudo` for `wg-quick`
- `NordVPN.app` may stay installed but is only the manual fallback
- the app login is not reused by the automated WireGuard backend
### Linux
@@ -60,7 +63,7 @@ Do not put secrets in the skill docs or repo.
- platform
- install state
- control mode (`cli` vs `app-manual`)
- control mode (`cli`, `wireguard`, `app-manual`)
- auth state
- connection state
- requested target
@@ -74,6 +77,6 @@ After `connect`, the intended workflow is:
## Limitations
- Linux city targeting is attempted through the CLI target string and then validated by public IP/location checks.
- macOS app-only fallback cannot guarantee non-interactive control if the app does not expose a CLI.
- On macOS, the Homebrew cask may install only the GUI app. That is still a supported install state; `status` reports `controlMode: "app-manual"` so agents should continue with the app flow instead of concluding NordVPN is unavailable.
- Linux behavior still depends on the official `nordvpn` CLI.
- macOS automated connects require token-based WireGuard setup; GUI-app login alone is insufficient.
- The Homebrew `nordvpn` app does not need to be uninstalled.