gmarth/VPNTray
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fbacfde9f27cdfa10f9585d740f6cbc1558c7477
VPNTray/CLAUDE.md
Alexander Thiess fbacfde9f2 stuff
2025-09-07 23:33:55 +02:00

313 lines
15 KiB
Markdown
Raw Blame History

# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Common Commands
### Running the Application
- `uv run python main.py` - Start the VPN manager GUI application
- `uv run python main.py &` - Start the application in background for testing
- The application runs as a system tray application and can be minimized to the tray
### Managing Running Instances
- `ps aux | grep "python main.py" | grep -v grep` - Check for running instances
- `pkill -f "uv run python main.py"` - Kill running instances (recommended)
- Note: `KillBash` only kills the shell, not the spawned uv process - use `pkill` instead
### Development Environment
- This project uses `uv` for Python package management
- `uv sync` - Install dependencies from pyproject.toml
- Python 3.13+ required
- Dependencies: PyGObject (GTK3), pystray, Pillow, PyYAML
### Configuration Management
- `python init_config.py` - Initialize configuration directory with examples
- `python data_loader.py --init` - Alternative way to create example files
- Configuration location: `~/.vpntray/customers/`
- Each customer gets their own YAML file (e.g., `customer_name.yaml`)
## Code Architecture
### Core Components
**main.py** - Main GUI application entry point
- `VPNManagerWindow` class: Primary PyGObject/GTK3-based GUI application
- Two-column layout: active customers (left) vs inactive customers (right)
- Features system tray integration using `pystray`
- Uses GNOME-style theming with CSS card styling
- Includes comprehensive logging system with collapsible log view
- HeaderBar for native GNOME look and feel
- Current location tracking and enhanced display with network topology
**models.py** - Type-safe data model definitions using dataclasses and enums
- `ServiceType`: Enum for service types (SSH, Web GUI, RDP, VNC, SMB, Database, FTP)
- `HostType`: Enum for host types (Linux, Windows, Windows Server, Proxmox, ESXi, Router, Switch)
- `VPNType`: Enum for VPN types (OpenVPN, WireGuard, IPSec)
- `Service`: Individual services on hosts with type-safe enums and port numbers
- `Host`: Physical/virtual machines with multiple IP addresses, services, and recursive sub-hosts (VMs)
- `Location`: Customer locations with VPN configurations and host infrastructure
- `CustomerService`: Customer's cloud/web services (O365, CRM, etc.)
- `Customer`: Top-level entities containing services and locations
- Each model includes comprehensive helper methods for common operations
**data_loader.py** - YAML-based data management layer
- `load_customers()`: Loads customer configurations from `~/.vpntray/customers/*.yaml` files
- `save_customer()`: Saves customer data back to YAML files with proper enum serialization
- `initialize_example_customers()`: Creates example configuration files
- Robust parsing with enum conversion, error handling, and graceful fallbacks
- Falls back to demo data if no configuration files exist
- Supports both `.yaml` and `.yml` file extensions
**views/** - High-level UI view management (MVC pattern)
- `active_view.py`: `ActiveView` class for displaying active locations with full interaction
- `inactive_view.py`: `InactiveView` class for search results (inactive locations)
- Clean separation of concerns with dedicated view controllers
- `__init__.py`: View exports for clean imports
**widgets/** - Modular UI components using PyGObject
- `customer_card.py`: `ActiveCustomerCard` and `InactiveCustomerCard` classes
- **Compact tree-like design**: Hierarchical layout with expand/collapse arrows
- **Card styling**: Customer cards contain location subcards with proper visual hierarchy
- **Multi-column layout**: Fixed-width columns for proper alignment (name, IP, actions)
- **Service action icons**: Direct access buttons for SSH, RDP, Web GUI with tooltips
- **Multiple IP support**: Display primary IP with hover tooltip showing all addresses
- Active cards: Full interaction with connection controls and infrastructure details
- Inactive cards: Activation buttons and current location setting
- `location_card.py`: `ActiveLocationCard` and `InactiveLocationCard` classes
- Active cards: Connection controls, deactivation (X button), and infrastructure details
- Inactive cards: Current location setting and activation buttons
- `host_item.py`: `HostItem` class for displaying hosts and their services
- Hierarchical display supporting hypervisors with sub-hosts (VMs)
- Service buttons for direct access to SSH, Web GUI, RDP services
- `__init__.py`: Widget exports for clean imports
**services/** - VPN and credential management (modular architecture)
- `vpn_manager.py`: NetworkManager (nmcli) integration with .ovpn file support
- `passbolt_client.py`: Passbolt CLI client for secure credential management
- `connection_manager.py`: High-level orchestrator combining VPN and credentials
- Support for flexible credential storage (direct username/password or Passbolt UUIDs)
**views/** - Comprehensive logging system
- `log_view.py`: `LogView` class with collapsible interface
- **Command logging**: Real-time capture of nmcli and system command output
- **Color-coded levels**: Info, success, warning, error with visual distinction
- **Auto-scroll**: Automatic scrolling to latest entries with manual override
- **Expandable/collapsible**: Bottom panel that can be hidden to save space
**Configuration Files**
- `init_config.py`: Helper script to initialize user configuration with examples
- `example_customer.yaml`: Complete example showing YAML schema with all features
- User config: `~/.vpntray/customers/*.yaml` - One file per customer
### Key Architecture Patterns
**Hierarchical Data Structure**: Customer → Location → Host → Service
- Customers have cloud services (accessible anywhere) and multiple physical locations
- Each location has VPN configuration, connection state, and host infrastructure
- Hosts can have sub-hosts (VMs under hypervisors) with recursive nesting
- Services represent endpoints (SSH, Web GUI, RDP, etc.) with specific ports
**Location State Management**:
- **Active/Inactive**: Locations can be activated for VPN management
- **Current Location**: User's physical location (separate from VPN connections)
- **Connection State**: VPN connection status independent of location activation
- **Network Topology**: Each location includes internal networks and external endpoints
- **Credential Management**: Flexible credential storage (direct or Passbolt UUID)
- Automatic UI updates based on state changes with immediate feedback
**Two-Column Layout Architecture**:
- **Left column**: Active customers with full location details and infrastructure
- **Right column**: Inactive customers available for activation
- **Compact design**: Tree-like hierarchy with proper indentation and alignment
- **Real-time filtering**: Search affects both columns simultaneously
- **Dynamic reorganization**: Customers move between columns based on location state
**Widget-Based Component System**:
- Modular widget classes handle their own GTK widget creation and event handling
- Callback system for widget-to-main-window communication
- Clear separation between data models and UI representation
- Different widget behavior for active vs inactive states
**Type-Safe Configuration System**:
- Comprehensive enum usage for all categorical data
- YAML-based configuration with robust parsing and validation
- Graceful error handling and fallback mechanisms
- Easy extensibility for new service types, host types, and VPN protocols
### Current Location Tracking
The application tracks two distinct location concepts:
- **Current Location**: Where the user physically is (set via "Set as Current" button)
- **Active Locations**: Locations available for VPN connections
**Enhanced Current Location Display**:
- **Prominent info box** with customer name, location, and VPN type
- **Host count summary** with VM breakdown (e.g., "3 hosts (7 total with VMs)")
- **Collapsible infrastructure section** with detailed host and VM information
- **Network topology display**: Internal networks and external endpoints
- **Visual host type icons** (🐧 Linux, 🪟 Windows, 📦 Proxmox, 🌐 Router, etc.)
- **Hierarchical VM display** with service counts and multiple IP addresses
- **Multi-interface support**: Hosts can have multiple IP addresses (firewalls, routers)
- Users can set current location from inactive location cards without activating VPN
### Search and Discovery Features
**Advanced Search Functionality**:
- Real-time search across customers, locations, hosts, and services
- **Wildcard support**: Type `*` to show all inactive locations
- **Smart filtering**: Search includes IP addresses, service types, and port numbers
- **Context switching**: Empty search shows active view, any text shows search results
- **Auto-clear**: Activating a location automatically clears search and returns to active view
### Data Flow
1. **Initialization**: `data_loader.load_customers()` loads configurations from YAML files in `~/.vpntray/customers/`
2. **UI Setup**: Creates views and widgets using callback architecture
3. **Search/Filter**: Real-time filtering with wildcard support and smart matching
4. **View Management**: `Gtk.Stack` manages smooth transitions between active/inactive views
5. **User Interactions**: Callbacks update dataclass attributes with immediate UI feedback
6. **Persistence**: Changes can be saved back to YAML files using `save_customer()`
7. **State Updates**: Location activation, connection changes, and current location updates
### UI Layout Structure
**Modern Two-Column Design**:
- HeaderBar with title and current location display
- **Enhanced current location info box** with network topology and collapsible infrastructure
- Search entry with real-time filtering across both columns
- **Left column**: Active customers with full interaction (connections, services, infrastructure)
- **Right column**: Inactive customers with activation and current location setting
- **Compact tree-like cards** with customer cards containing location subcards
- **Fixed-width columns**: Proper alignment of host names, IP addresses, and action icons
- **Collapsible log view**: Bottom panel for command output and system logs
- GNOME-style cards with CSS theming, proper spacing, and visual hierarchy
- System tray integration for minimize-to-tray behavior
**Customer Card Features**:
- **Active cards**: Start expanded, show full location details and services
- **Inactive cards**: Start collapsed to save space during search
- **Location count badges**: Show number of locations in parentheses
- **Smooth expand/collapse**: Click arrow buttons to toggle content visibility
### GTK3/PyGObject Specific Features
- **CSS styling**: GNOME-style cards with borders, shadows, and adaptive theming
- **Native widgets**: HeaderBar, SearchEntry, ScrolledWindow, Stack with crossfade transitions
- **Proper GNOME HIG compliance**: Spacing, margins, typography, and layout
- **Button styling**: suggested-action and destructive-action classes for clear visual hierarchy
- **Thread-safe integration**: System tray using GLib.idle_add for thread safety
- **Responsive design**: Proper scrolling and adaptive layouts
### Mock Implementation Status
- Currently a UI mockup with no actual VPN functionality
- All VPN operations (connect, disconnect, routes) are placeholder methods
- Button actions update UI state but don't perform real network operations
- Rich configuration system ready for real VPN client integration
- Comprehensive infrastructure modeling supports complex network topologies
### YAML Configuration Schema
Customer files in `~/.vpntray/customers/` follow this structure:
```yaml
name: Customer Name
# Cloud/web services (always accessible)
services:
- name: Service Name
url: https://service.url
service_type: Service Category
description: Optional description
# Physical locations with VPN and infrastructure
locations:
- name: Location Name
vpn_type: OpenVPN|WireGuard|IPSec
vpn_config: /path/to/config/file
# VPN credentials (three options):
# Option 1: Dictionary with username/password
vpn_credentials:
username: vpnuser
password: password123
# Option 2: Passbolt UUID (for future implementation)
# vpn_credentials: "550e8400-e29b-41d4-a716-446655440000"
# Option 3: Omit or set to null if no credentials needed
# vpn_credentials: null
# Note: active and connected are runtime state (not stored in config)
# Network topology information
external_addresses: [vpn.domain.com, backup.domain.com] # VPN endpoints
networks: [192.168.1.0/24, 10.0.1.0/24] # Internal networks
hosts:
- name: Host Name
ip_addresses: [192.168.1.10, 10.0.1.10] # Multiple interfaces supported
host_type: Linux|Windows|Windows Server|Proxmox|ESXi|Router|Switch
description: Optional description
services:
- name: Service Name
service_type: SSH|Web GUI|RDP|VNC|SMB|Database|FTP
port: Port Number
sub_hosts: # Optional VMs/containers (recursive structure)
- name: VM Name
ip_addresses: [192.168.1.20] # VMs can also have multiple IPs
host_type: Linux|Windows|Windows Server
services: # Same structure as parent host
- name: Service Name
service_type: SSH|Web GUI|RDP
port: Port Number
```
### Future Extensibility
**VPN Integration Ready**:
- Implement actual VPN connection logic in placeholder methods
- Add real-time VPN status monitoring and automatic reconnection
- Support for multiple VPN clients (OpenVPN, WireGuard, IPSec)
- Integration with system network management
**Configuration Management**:
- Import/export functionality for customer configurations
- Configuration validation with detailed error reporting
- Backup and restore capabilities
- Multi-user configuration support
**UI Enhancements**:
- Settings panel for application preferences
- Connection logs and monitoring
- Network diagnostics and troubleshooting tools
- Custom themes and layout preferences
- Notification system for connection status changes
**Advanced Features**:
- Auto-discovery of network services and hosts
- Integration with network monitoring tools
- SSH key management and authentication
- Bookmark system for frequently accessed services
- Connection history and analytics
## Development Notes
**Code Quality**:
- Type hints throughout codebase for better IDE support
- Comprehensive error handling with graceful degradation
- Clean separation of concerns (MVC pattern)
- Extensive use of dataclasses and enums for type safety
**Testing Strategy**:
- Configuration can be tested with example YAML files
- UI components are modular and independently testable
- Mock data system allows UI testing without VPN dependencies
**Performance Considerations**:
- Efficient YAML loading with caching
- Minimal UI updates with smart re-rendering
- Background thread for system tray to prevent UI blocking
- Lazy loading of complex widget hierarchies
Reference in New Issue View Git Blame Copy Permalink