xah30
1635190797
The v0.1 GUI's Connect button was broken in practice: the Tauri app launched from /Applications runs as the desktop user, so `Command::new(aura).spawn()` started aura without root. aura died in ms with EPERM at TUN creation, faster than the 1.5 s status poller could catch — the UI just silently flipped back to "disconnected" with no clue. ## Fix * `cli_proc::spawn_client` now prepends `sudo -n` on Unix. After spawn it blocks for 1.5 s and checks `try_wait`; if the child already exited, it reads the stderr ring's last 20 lines and returns an anyhow Error with that tail + a hint list of common causes. The Tauri command surfaces it to the frontend's `error` state where the UI renders it as a multi-line `<pre>` block instead of the previous single-line text. * `ClientHandle::kill` no longer uses `Child::kill` (SIGKILL) on its sudo parent — that would have left aura orphaned with the TUN lingering. Sends SIGTERM to sudo, which sudo forwards to aura, giving the inner `OsRouteGuard::Drop` 2 s to run cleanup. Falls back to SIGKILL only after the grace period. ## One-click NOPASSWD installer Two new Tauri commands plus a UI banner: * `check_admin_access` — runs `sudo -n aura --help` and returns whether the sudoers entry is in place. Used by the React side to decide whether to show the banner. * `install_sudoers_admin` — runs `osascript ... with administrator privileges` which surfaces the native macOS auth dialog, then writes `/etc/sudoers.d/aura-gui` scoped to `<aura> client *` only (not arbitrary aura invocations), runs `visudo -c` for syntax validation, and reports success or the syntax error. The frontend shows a yellow "One-time setup needed" banner above the profile list whenever `adminReady === false`. Clicking the button pops the Mac password dialog once; from then on Connect is a single click with no prompt. ## UI feedback * "Connecting…" disabled state on the Connect button while spawn_client's 1.5 s wait is in progress * Errors render as monospace `<pre>` so the multi-line stderr tail is readable * `.error` and `.admin-banner` CSS classes added to App.css 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
aura-gui — desktop client for AuraVPN
A Tauri 2 + React TypeScript app that runs in the system tray. It's the GUI front-end for the
existing aura CLI: import a provisioned bundle (.tgz), pick a profile, hit Connect, watch
the live tunnel status. No clash-verge replacement and no protocol patching — just a thin
manager around the existing CLI.
Status
v0.1 (MVP) — scaffolding + core flows. Working:
- ✅ Profile list / import / delete (drop in a
provision-client.tgzand you're set) - ✅ Connect / Disconnect (spawns / kills
aura clientper profile) - ✅ Live status panel (peer, tx/rx packets, default action, rules) via admin socket
- ✅ System tray with Open / Disconnect / Quit menu
- ✅ Close button hides to tray (app stays alive in background)
Deferred for v0.2:
- Auto-start at login (launchd plist / systemd user unit / Windows Run key)
- Code signing + notarization (macOS) / Authenticode (Windows)
- Per-profile route overrides editor
- Live log streaming (currently polled, frontend tails the in-memory ring)
- Admin status query on Windows (uses Unix sockets today; need named pipe support)
Layout
aura-gui/
├── src-tauri/ (Rust 2 backend, separate Cargo manifest)
│ ├── src/
│ │ ├── lib.rs (Tauri commands + tray + window plumbing)
│ │ ├── profiles.rs ([app_data]/profiles/ I/O + .tgz import)
│ │ ├── cli_proc.rs (spawns aura client + stderr ring buffer)
│ │ └── admin.rs (JSON-line admin socket client)
│ ├── Cargo.toml
│ └── tauri.conf.json
├── src/ (React TS frontend)
│ ├── App.tsx
│ └── App.css
├── package.json
└── README.md (this file)
The src-tauri/ crate is intentionally excluded from the workspace at the repo root
(workspace.exclude = ["aura-gui"]) so cargo check --workspace from the project root keeps
checking just the protocol crates and doesn't pull tauri/wry/webview into every CI run.
Build
# Backend deps come down with cargo at build time
cd aura-gui
npm install # ~10 s, downloads vite + React 19
npm run build # frontend tsc + vite build → dist/
npm run tauri build # full bundle: .dmg / .deb / .msi / .AppImage
For dev:
npm run tauri dev
The first build downloads ~200 MB of native deps (tauri, wry, webview) — subsequent builds are fast (incremental).
Profile storage
Per-platform app-data dir:
| OS | Path |
|---|---|
| macOS | ~/Library/Application Support/ru.undergr0und.aura/profiles/ |
| Linux | ~/.config/AuraVPN/profiles/ |
| Windows | %APPDATA%\AuraVPN\profiles\ |
Each profile is a directory with the same shape as aura provision-client emits:
profiles/<id>/
├── client.toml
├── ca.crt
├── client.crt
├── client.key
└── bridges.signed (optional, v3.3+)
The id is the basename of the imported .tgz (e.g. client-1.tgz → profiles/client-1/).
Aura binary path
The GUI shells out to aura client for each connection. It defaults to:
/Users/xah30/AuraVPN/target/release/auraif present (dev convenience),/usr/local/bin/auraon Unix,C:\Program Files\AuraVPN\aura.exeon Windows.
Change it at runtime via the "Change…" button at the bottom of the window. The setting is session-only for now (persisting it to a config file is a v0.2 todo).
Sudo / admin privileges
aura client creates a TUN device, which needs root on Unix and Administrator on Windows.
Currently the GUI does not run with elevated privileges — the operator must launch it from
a privileged shell, or via sudo open -a aura-gui on macOS, etc.
v0.2 will add a polkit / authorization-services prompt for the privileged step.
Why not just patch clash-verge?
We thought about it. AuraVPN is an L3 IP-tunnel (like WireGuard); clash-verge / mihomo / sing-box outbounds are L4 per-flow proxies (like Trojan / VLESS / Hysteria). Bridging the two requires either a user-space TCP/IP stack inside the outbound (gVisor) or extensive mihomo patching. Neither was a small lift, and a self-contained tray app turned out to be the shortest path to "vpn that always-on in a clash-verge-ish UX".
A v0.3 stretch goal is to ship a local SOCKS5 listener alongside the TUN, so clash-verge users who already use SOCKS5 outbounds can point at AuraVPN as a SOCKS5 proxy. That requires the gVisor netstack — separate piece of work.