From 91fb33ab21f259430b33fb5d7fc7b7e5a56c7b8b Mon Sep 17 00:00:00 2001
From: Yan Lin <github@yanlincs.com>
Date: Mon, 15 Sep 2025 13:30:34 +0200
Subject: [PATCH] Add ssh-based tunnel functions to darwin hosts

---
 hosts/darwin/home-default.nix | 64 +++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)

diff --git a/hosts/darwin/home-default.nix b/hosts/darwin/home-default.nix
index f2609a9..e8c1183 100644
--- a/hosts/darwin/home-default.nix
+++ b/hosts/darwin/home-default.nix
@@ -50,6 +50,7 @@
       preview = "open -a Preview";
       slide = "open -a SlidePilot";
       inkscape = "open -a Inkscape";
+      
   };
 
   # Darwin-specific zsh functions
@@ -77,6 +78,69 @@
         fi
       fi
     }
+
+    # SSH tunnel functions for easy VPN-like functionality
+    function tunnel-on() {
+      if [[ -z "$1" ]]; then
+        echo "Usage: tunnel-on <host>"
+        return 1
+      fi
+      
+      local host="$1"
+      local port=1080  # Use port 1080 (standard SOCKS port)
+      
+      # Check if there's already an active tunnel
+      local existing_tunnel=$(ps aux | grep -E "ssh -D $port" | grep -v grep)
+      if [[ -n "$existing_tunnel" ]]; then
+        echo "Existing tunnel detected. Switching to $host..."
+        echo "Stopping current tunnel..."
+        pkill -f "ssh -D $port"
+        sleep 1
+      fi
+      
+      echo "Starting SOCKS tunnel to $host on port $port..."
+      
+      # Start SSH tunnel in background
+      ssh -D $port -N -f "$host"
+      if [[ $? -eq 0 ]]; then
+        echo "Tunnel established. Configuring system proxy..."
+        
+        # Configure system proxy
+        networksetup -setsocksfirewallproxy "Wi-Fi" localhost $port
+        networksetup -setsocksfirewallproxystate "Wi-Fi" on
+        
+        echo "✓ System proxy enabled on Wi-Fi (localhost:$port -> $host)"
+      else
+        echo "✗ Failed to establish tunnel to $host"
+        return 1
+      fi
+    }
+
+    function tunnel-off() {
+      local port=1080
+      echo "Disabling system proxy..."
+      networksetup -setsocksfirewallproxystate "Wi-Fi" off
+      echo "✓ System proxy disabled"
+      
+      echo "Stopping SSH tunnels..."
+      pkill -f "ssh -D $port"
+      echo "✓ SSH tunnels stopped"
+    }
+
+    function tunnel-status() {
+      local port=1080
+      echo "=== System Proxy Status ==="
+      networksetup -getsocksfirewallproxy "Wi-Fi" | grep -E "Enabled|Server|Port"
+      
+      echo ""
+      echo "=== Active SSH Tunnels ==="
+      local tunnels=$(ps aux | grep -E "ssh -D $port" | grep -v grep)
+      if [[ -n "$tunnels" ]]; then
+        echo "$tunnels"
+      else
+        echo "No active SSH tunnels"
+      fi
+    }
   '';
 
   home.packages = with pkgs; [