vpn autoconnect on network connection not home

etc/NetworkManager/dispatcher.d/vpn-up

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+VPN_NAME="wg0"
+HOME_ESSID="Alex's Vault"
+
+interface=$1
+status=$2
+
+CURRENT_ESSID=$(iwgetid -r)
+
+case $status in
+  up|vpn-down)
+    if [[ "$CURRENT_ESSID" != "$HOME_ESSID" ]]; then
+      logger "[vpn-dispatch] Connected to '$CURRENT_ESSID'. Starting VPN '$VPN_NAME'."
+      systemctl start wg-quick@$VPN_NAME
+    else
+      logger "[vpn-dispatch] On home network '$CURRENT_ESSID'. VPN not started."
+    fi
+    ;;
+  down)
+    if [[ "$CURRENT_ESSID" != "$HOME_ESSID" ]]; then
+      if nmcli connection show --active | grep -q "$VPN_NAME"; then
+        logger "[vpn-dispatch] Disconnected from '$CURRENT_ESSID'. Stopping VPN '$VPN_NAME'."
+        systemctl stop wg-quick@$VPN_NAME
+      fi
+    else
+      logger "[vpn-dispatch] On home network '$CURRENT_ESSID'. No VPN to stop."
+    fi
+    ;;
+esac

install.bash

@@ -28,7 +28,7 @@ ln -s ~/dotfiles/.conf/environment.d ~/.config/environment.d
 pacman -S uwsm hyprland xdg-desktop-portal-hyprland hyprpaper qt5-wayland
 
 # Basic essentials
-pacman -S waybar dunst libnotify wofi pipewire brightnessctl man-db man-pages 
+pacman -S waybar dunst libnotify wofi pipewire brightnessctl wireless_tools man-db man-pages 
 
 # Yazi dependencies (but also useful otherwise)
 pacman -S yazi ffmpeg poppler fd p7zip
@@ -49,6 +49,13 @@ sudo pacman -S pacman-contrib
 # Run networkmanager with "nmcli dev wifi connect 'ssid' password 'password'"
 pacman -S networkmanager wpa_supplicant
 
+# Waybar: https://github.com/sejjy/mechabar/tree/classic
+# Dependencies: 
+# wireplumber is Session/policy manager implementation for PipeWire
+pacman -S cava bluez-utils bluez pipewire-pulse ttf-jetbrains-mono-nerd wireplumber
+yay -S rofi-lbonn-wayland-git bluetui
+systemctl enable --now bluetooth.service
+
 ###################################################################
 # TINKERING
 ###################################################################
@@ -64,19 +71,14 @@ systemctl enable --now NetworkManager-dispatcher.service
 systemctl mask systemd-rfkill.service # Needed for auto-disable of BT on boot by TLP
 systemctl mask systemd-rfkill.socket # Also needed for auto-disable BT
 
-# Make wireguard connection persistent in /etc/wireguard
+# Make wireguard connection persistent in /etc/wireguard 
+#   and ensure wireguard restarts when network is re-established after loss
 echo "PersistentKeepalive = 25" >> /etc/wireguard/home.conf
-
+cp ~/dotfiles/etc/NetworkManager/dispatcher.d/* /etc/NetworkManager/dispatcher.d/
-# After installing Anki, force Anki to use Wayland by replacing Exec= in /usr/local/share/applications/anki.desktop
-# Exec=env ANKI_WAYLAND=1 anki %f
 
 ###################################################################
 # MANUAL CONFIGURATION REQUIRED
 ###################################################################
 
-# Waybar: https://github.com/sejjy/mechabar/tree/classic
+# After installing Anki, force Anki to use Wayland by replacing Exec= in /usr/local/share/applications/anki.desktop
-# Dependencies: 
+# Exec=env ANKI_WAYLAND=1 anki %f
-# wireplumber is Session/policy manager implementation for PipeWire
-pacman -S cava bluez-utils bluez pipewire-pulse ttf-jetbrains-mono-nerd wireplumber
-yay -S rofi-lbonn-wayland-git bluetui
-systemctl enable --now bluetooth.service