Background
I'm working on an App that can manage its own VPN tunnel. The app uses a sysex Network Extension for Developer ID builds and an apex for App Store builds.
I'm observing the VPN's status through NEVPNStatusDidChangeNotification
notifications, and starting and stopping it directly from the main App through a NETunnelProviderManager
.
The next step is to create a status bar menu within a Login Item / Agent app, so that we have a VPN menu that stays visible even if our main app is closed.
The documentation I'm reading seems to point to the fact that I can only observe NEVPNStatusDidChangeNotification
notifications and start / stop the VPN from the main App.
My not-so-ideal solution
For observing VPN status changes I'm considering posting distributed notifications from my NEPacketTunnelProvider
.
For controlling the VPN I'm considering launching a hidden copy of my main app using NSWorkspace.shared.open
.
Question
Neither of these look like clean approaches to me, so I'm wondering if there's a recommended approach for what I'm trying to do.
Additional notes
- I considered having the Login Item own the VPN and using XPC to let the main app access it, but if the user decides to turn off my login item, the main app would be unable to interact with the VPN.
- I considered doing it the other way around, but my login item can't rely on the main app being open at all times.