Procházet zdrojové kódy

create/remove vpn

master
Robin Thoni před 8 roky
rodič
revize
d3ef05cb23
4 změnil soubory, kde provedl 57 přidání a 17 odebrání
  1. 6
    8
      vpngen-cli.py
  2. 43
    5
      vpngen.py
  3. 2
    2
      vpngen/default.conf
  4. 6
    2
      vpngen/vpngen.json

+ 6
- 8
vpngen-cli.py Zobrazit soubor

@@ -12,17 +12,15 @@ def eprint(*args, **kwargs):
12 12
 
13 13
 
14 14
 def create_variables(variables, defaults):
15
-    variables_set = {}
15
+    variables_set = defaults.copy()
16 16
     for variable in variables:
17 17
         if variable == 'name':
18 18
             continue
19
-        default = defaults[variable] if variable in defaults else ''
20
-        print("Enter a value for '%s' ['%s']: " % (variable, default), end='', flush=True)
21
-        value = sys.stdin.readline()
22
-        value = value[:-1]
23
-        if value == '':
24
-            value = default
25
-        variables_set[variable] = value
19
+        default = variables_set[variable] if variable in variables_set else ''
20
+        print("Enter a value for '%s' [%s]: " % (variable, default), end='', flush=True)
21
+        value = sys.stdin.readline()[:-1]
22
+        if value != '':
23
+            variables_set[variable] = value
26 24
     return variables_set
27 25
 
28 26
 

+ 43
- 5
vpngen.py Zobrazit soubor

@@ -3,6 +3,7 @@ import os
3 3
 import os.path
4 4
 import re
5 5
 import shutil
6
+from subprocess import call
6 7
 
7 8
 
8 9
 class VpnGenError(Enum):
@@ -19,9 +20,9 @@ class VpnGen:
19 20
     ovpn_config_path = ""
20 21
 
21 22
     def __init__(self, default_config_path, ovpn_config_path):
22
-        self.default_config_base_dir = default_config_path
23
-        self.default_config_file = "%s.conf" % default_config_path
24
-        self.ovpn_config_path = ovpn_config_path
23
+        self.default_config_base_dir = os.path.abspath(default_config_path)
24
+        self.default_config_file = "%s.conf" % self.default_config_base_dir
25
+        self.ovpn_config_path = os.path.abspath(ovpn_config_path)
25 26
 
26 27
     def f7(self, seq):
27 28
         seen = set()
@@ -60,12 +61,49 @@ class VpnGen:
60 61
         os.rmdir(base_dir)
61 62
         shutil.copytree(self.default_config_base_dir, base_dir)
62 63
 
63
-
64
+        curdir = os.curdir
65
+        easyrsadir = base_dir + os.sep + "easy-rsa" + os.sep
66
+        pkitool = easyrsadir + "pkitool"
67
+        os.chdir(easyrsadir)
68
+
69
+        os.environ["KEY_COUNTRY"] = variables['KEY_COUNTRY']
70
+        os.environ["KEY_PROVINCE"] = variables['KEY_PROVINCE']
71
+        os.environ["KEY_CITY"] = variables['KEY_CITY']
72
+        os.environ["KEY_ORG"] = variables['KEY_ORG']
73
+        os.environ["KEY_OU"] = variables['KEY_ORG']
74
+        os.environ["KEY_CN"] = variables['KEY_ORG']
75
+        os.environ["KEY_NAME"] = variables['KEY_ORG']
76
+        os.environ["KEY_EMAIL"] = variables['KEY_EMAIL']
77
+        os.environ["KEY_SIZE"] = variables['KEY_SIZE']
78
+        os.environ["CA_EXPIRE"] = variables['CA_EXPIRE']
79
+        os.environ["KEY_EXPIRE"] = variables['KEY_EXPIRE']
80
+
81
+        os.environ["EASY_RSA"] = easyrsadir
82
+        os.environ["OPENSSL"] = "openssl"
83
+        os.environ["PKCS11TOOL"] = "pkcs11-tool"
84
+        os.environ["GREP"] = "grep"
85
+        os.environ["KEY_CONFIG"] = easyrsadir + "openssl.cnf"
86
+        os.environ["KEY_DIR"] = easyrsadir + "keys"
87
+        os.environ["PKCS11_MODULE_PATH"] = "dummy"
88
+        os.environ["PKCS11_PIN"] = "dummy"
89
+
90
+        call(["./clean-all"])
91
+        call([pkitool, "--initca"])
92
+        call([pkitool, "server"])
93
+        call(["./build-dh"])
94
+
95
+        os.chdir(curdir)
64 96
 
65 97
         return VpnGenError.Success
66 98
 
67 99
     def remove_vpn(self, vpn_name):
68
-        return VpnGenError.ClientDoesNotExists
100
+        base_dir = "%s%s%s" % (self.ovpn_config_path, os.sep, vpn_name)
101
+        conf_file = "%s.conf" % base_dir
102
+        if not os.path.exists(base_dir) and not os.path.exists(conf_file):
103
+            return VpnGenError.VpnDoesNotExists
104
+        os.remove(conf_file)
105
+        shutil.rmtree(base_dir)
106
+        return VpnGenError.Success
69 107
 
70 108
     def create_client(self, vpn_name, client_name, variables):
71 109
         return VpnGenError.ClientDoesNotExists

+ 2
- 2
vpngen/default.conf Zobrazit soubor

@@ -27,8 +27,8 @@ keepalive 10 120
27 27
 #push "redirect-gateway def1 bypass-dhcp"
28 28
 
29 29
 # Security
30
-user www-data
31
-group ovpn-manager
30
+user ${user}
31
+group ${group}
32 32
 persist-key
33 33
 persist-tun
34 34
 comp-lzo

+ 6
- 2
vpngen/vpngen.json Zobrazit soubor

@@ -11,18 +11,22 @@
11 11
 
12 12
   "defaults": {
13 13
     "vpn": {
14
-      "name": "my_vpn",
15 14
       "port": "4242",
16 15
       "hostname": "vpn.example.com",
17 16
       "net": "10.0.0.0",
18 17
       "mask": "255.255.255.0",
19 18
       "dev": "tap",
19
+      "user": "root",
20
+      "group": "root",
20 21
 
21 22
       "KEY_COUNTRY": "COUNTRY",
22 23
       "KEY_PROVINCE": "state",
23 24
       "KEY_CITY": "City",
24 25
       "KEY_ORG": "example",
25
-      "KEY_EMAIL": "root@example.com"
26
+      "KEY_EMAIL": "root@example.com",
27
+      "KEY_SIZE": "1024",
28
+      "CA_EXPIRE": "3650",
29
+      "KEY_EXPIRE": "3650"
26 30
     },
27 31
     "client": {
28 32
 

Načítá se…
Zrušit
Uložit