Улучши удаление и строку статуса VPN

2026-05-19 14:13:33 +03:00
parent 4187cb6544
commit 417138b3b1
6 changed files with 224 additions and 40 deletions
--- a/uninstall.sh
+++ b/uninstall.sh
@@ -16,6 +16,42 @@ REMOVE_KEYCHAIN=0
 REMOVE_TOUCHID_HELPER=0
 REMOVE_OPENCONNECT_LITE=0

+if [ -t 1 ] && [ -z "${NO_COLOR:-}" ] && [ "${TERM:-}" != "dumb" ]; then
+  C_RESET="$(printf '\033[0m')"
+  C_BOLD="$(printf '\033[1m')"
+  C_DIM="$(printf '\033[2m')"
+  C_RED="$(printf '\033[31m')"
+  C_GREEN="$(printf '\033[32m')"
+  C_YELLOW="$(printf '\033[33m')"
+  C_BLUE="$(printf '\033[34m')"
+  C_CYAN="$(printf '\033[36m')"
+else
+  C_RESET=""
+  C_BOLD=""
+  C_DIM=""
+  C_RED=""
+  C_GREEN=""
+  C_YELLOW=""
+  C_BLUE=""
+  C_CYAN=""
+fi
+
+if [ "${LEMANA_VPN_NO_EMOJI:-0}" = "1" ]; then
+  E_STEP=">"
+  E_INFO="i"
+  E_OK="+"
+  E_WARN="!"
+  E_SKIP="-"
+  E_ERROR="x"
+else
+  E_STEP="➡️"
+  E_INFO="ℹ️"
+  E_OK="✅"
+  E_WARN="⚠️"
+  E_SKIP="⏭️"
+  E_ERROR="❌"
+fi
+
 usage() {
  cat <<'USAGE'
 Usage:
@@ -60,6 +96,41 @@ log() {
  printf '%s\n' "$*"
 }

+color_line() {
+  color="$1"
+  shift
+  printf '%s%s%s\n' "$color" "$*" "$C_RESET"
+}
+
+log_step() {
+  color_line "$C_BOLD$C_CYAN" "$E_STEP $*"
+}
+
+log_info() {
+  color_line "$C_BLUE" "$E_INFO $*"
+}
+
+log_detail() {
+  color_line "$C_DIM" "   $*"
+}
+
+log_ok() {
+  color_line "$C_GREEN" "$E_OK $*"
+}
+
+log_warn() {
+  color_line "$C_YELLOW" "$E_WARN $*"
+}
+
+log_skip() {
+  color_line "$C_DIM" "$E_SKIP $*"
+}
+
+die() {
+  printf '%s%s ERROR: %s%s\n' "$C_RED" "$E_ERROR" "$*" "$C_RESET" >&2
+  exit 1
+}
+
 run() {
  if [ "$DRY_RUN" -eq 1 ]; then
    printf '+'
@@ -84,23 +155,30 @@ restore_openconnect_lite_patch() {
  backup="$CONFIG_DIR/patch-backups/webengine_process.py.before-lemana-vpn"
  wep="$(find_webengine_process)"

+  log_step "Проверяю runtime-патчи openconnect-lite"
+  log_detail "Если Lemana VPN менял webengine_process.py, перед удалением возвращаем исходник из backup."
+
  if [ ! -f "$backup" ]; then
-    log "No openconnect-lite patch backup found; patch rollback skipped."
+    log_skip "No openconnect-lite patch backup found; patch rollback skipped."
    return 0
  fi

  if [ -z "$wep" ] || [ ! -f "$wep" ]; then
-    log "openconnect-lite source not found; patch rollback skipped."
+    log_warn "openconnect-lite source not found; patch rollback skipped."
    return 0
  fi

-  log "Restoring openconnect-lite source from patch backup"
+  log_info "Restoring openconnect-lite source from patch backup"
  run cp "$backup" "$wep"
+  log_ok "openconnect-lite patch rollback completed"
 }

 remove_zshrc_block() {
  zshrc="$HOME/.zshrc"
-  [ -f "$zshrc" ] || return 0
+  if [ ! -f "$zshrc" ]; then
+    log_skip "~/.zshrc not found; shell aliases skipped."
+    return 0
+  fi

  tmp="$(mktemp)"
  if [ "$DRY_RUN" -eq 1 ]; then
@@ -115,39 +193,61 @@ remove_zshrc_block() {
    skip != 1 { print }
  ' "$zshrc" > "$tmp"
  mv "$tmp" "$zshrc"
+  log_ok "Shell aliases removed from $zshrc"
 }

 remove_keychain_entries() {
-  [ "$REMOVE_KEYCHAIN" -eq 1 ] || return 0
+  if [ "$REMOVE_KEYCHAIN" -ne 1 ]; then
+    log_skip "Keychain cleanup disabled; LDAP/TOTP and Bitwarden cached entries are kept."
+    return 0
+  fi

-  log "Removing VPN-related Keychain entries"
-  run security delete-generic-password -s openconnect-lite -a "$USERNAME" >/dev/null 2>&1 || true
-  run security delete-generic-password -s openconnect-lite -a "totp/$USERNAME" >/dev/null 2>&1 || true
-  run security delete-generic-password -s vpn-lemanapro -a bw-session >/dev/null 2>&1 || true
-  run security delete-generic-password -s vpn-lemanapro -a bw-master >/dev/null 2>&1 || true
+  log_step "Удаляю VPN-записи из macOS Keychain"
+  log_detail "Удаляются только записи openconnect-lite для пользователя $USERNAME и кэш Bitwarden Lemana VPN."
+  if [ "$DRY_RUN" -eq 1 ]; then
+    run security delete-generic-password -s openconnect-lite -a "$USERNAME"
+    run security delete-generic-password -s openconnect-lite -a "totp/$USERNAME"
+    run security delete-generic-password -s vpn-lemanapro -a bw-session
+    run security delete-generic-password -s vpn-lemanapro -a bw-master
+  else
+    security delete-generic-password -s openconnect-lite -a "$USERNAME" >/dev/null 2>&1 || true
+    security delete-generic-password -s openconnect-lite -a "totp/$USERNAME" >/dev/null 2>&1 || true
+    security delete-generic-password -s vpn-lemanapro -a bw-session >/dev/null 2>&1 || true
+    security delete-generic-password -s vpn-lemanapro -a bw-master >/dev/null 2>&1 || true
+  fi
+  log_ok "Keychain cleanup completed"
 }

 main() {
-  [ "$(uname -s)" = "Darwin" ] || {
-    echo "This uninstaller supports macOS only" >&2
-    exit 1
-  }
+  [ "$(uname -s)" = "Darwin" ] || die "This uninstaller supports macOS only"
+
+  log_step "Начинаю удаление Lemana VPN"
+  log_detail "По умолчанию удаляются скрипты, sudoers, DNS wrapper, config, aliases и приложение."
+  log_detail "Shared-зависимости Homebrew не удаляются; openconnect-lite удаляется только с --remove-openconnect-lite."

  restore_openconnect_lite_patch

-  log "Removing installed scripts"
+  log_step "Удаляю CLI-скрипты"
+  log_detail "Убираю vpn-lemanapro.sh и локальный uninstall helper из $INSTALL_BIN_DIR."
  run rm -f "$INSTALL_BIN_DIR/vpn-lemanapro.sh"
  run rm -f "$INSTALL_BIN_DIR/uninstall-lemana-vpn.sh"
+  log_ok "CLI scripts removed"
  if [ "$REMOVE_TOUCHID_HELPER" -eq 1 ]; then
+    log_info "Removing Touch ID helper: $INSTALL_BIN_DIR/keychain-fingerprint"
    run rm -f "$INSTALL_BIN_DIR/keychain-fingerprint"
+  else
+    log_skip "Touch ID helper kept; use --remove-touchid-helper to remove it."
  fi

-  log "Removing sudoers and DNS cleanup wrapper"
+  log_step "Удаляю sudoers и DNS cleanup wrapper"
+  log_detail "macOS может запросить sudo-пароль, потому что эти файлы принадлежат root."
  run sudo rm -f /etc/sudoers.d/lemana-vpn-openconnect /etc/sudoers.d/lemana-vpn-dns
  run sudo rm -f "$DNS_CLEANUP"
+  log_ok "sudoers and DNS cleanup wrapper removed"

  if [ "$KEEP_APP" -eq 0 ]; then
-    log "Removing Menu Bar app"
+    log_step "Удаляю Menu Bar app"
+    log_detail "Сначала отключаю LaunchAgent, затем удаляю $APP_DIR."
    if [ "$DRY_RUN" -eq 0 ]; then
      launchctl unload "$LAUNCH_AGENT" >/dev/null 2>&1 || true
    else
@@ -155,29 +255,45 @@ main() {
    fi
    run rm -f "$LAUNCH_AGENT"
    run rm -rf "$APP_DIR"
+    log_ok "Menu Bar app removed"
+  else
+    log_skip "Menu Bar app kept because --keep-app is set."
  fi

-  log "Removing shell aliases"
+  log_step "Удаляю shell aliases"
+  log_detail "Из ~/.zshrc удаляется только блок между # >>> lemana-vpn и # <<< lemana-vpn."
  remove_zshrc_block

-  log "Removing openconnect-lite config"
+  log_step "Удаляю openconnect-lite config"
+  log_detail "Удаляется профиль SSO, который был создан установщиком Lemana VPN."
  run rm -f "$OC_CONFIG_DIR/config.toml"
+  log_ok "openconnect-lite config removed"

  if [ "$KEEP_CONFIG" -eq 0 ]; then
-    log "Removing Lemana VPN config"
+    log_step "Удаляю Lemana VPN config"
+    log_detail "Удаляется $CONFIG_DIR, включая backup runtime-патчей после их отката."
    run rm -rf "$CONFIG_DIR"
+    log_ok "Lemana VPN config removed"
+  else
+    log_skip "Lemana VPN config kept because --keep-config is set."
  fi

  remove_keychain_entries

  if [ "$REMOVE_OPENCONNECT_LITE" -eq 1 ]; then
    if command -v pipx >/dev/null 2>&1; then
-      log "Removing openconnect-lite from pipx"
+      log_step "Удаляю openconnect-lite из pipx"
+      log_detail "Это опционально: пакет может использоваться не только Lemana VPN."
      run pipx uninstall openconnect-lite
+      log_ok "openconnect-lite removed from pipx"
+    else
+      log_warn "pipx not found; openconnect-lite package removal skipped."
    fi
+  else
+    log_skip "openconnect-lite kept; use --remove-openconnect-lite to uninstall it from pipx."
  fi

-  log "Done."
+  log_ok "Done."
 }

 main "$@"