create/remove vpn

vpngen-cli.py

 
 
 def create_variables(variables, defaults):
-    variables_set = {}
+    variables_set = defaults.copy()
     for variable in variables:
         if variable == 'name':
             continue
-        default = defaults[variable] if variable in defaults else ''
-        print("Enter a value for '%s' ['%s']: " % (variable, default), end='', flush=True)
-        value = sys.stdin.readline()
-        value = value[:-1]
-        if value == '':
-            value = default
-        variables_set[variable] = value
+        default = variables_set[variable] if variable in variables_set else ''
+        print("Enter a value for '%s' [%s]: " % (variable, default), end='', flush=True)
+        value = sys.stdin.readline()[:-1]
+        if value != '':
+            variables_set[variable] = value
     return variables_set
 
 

vpngen.py

 import os.path
 import re
 import shutil
+from subprocess import call
 
 
 class VpnGenError(Enum):
     ovpn_config_path = ""
 
     def __init__(self, default_config_path, ovpn_config_path):
-        self.default_config_base_dir = default_config_path
-        self.default_config_file = "%s.conf" % default_config_path
-        self.ovpn_config_path = ovpn_config_path
+        self.default_config_base_dir = os.path.abspath(default_config_path)
+        self.default_config_file = "%s.conf" % self.default_config_base_dir
+        self.ovpn_config_path = os.path.abspath(ovpn_config_path)
 
     def f7(self, seq):
         seen = set()
         os.rmdir(base_dir)
         shutil.copytree(self.default_config_base_dir, base_dir)
 
-
+        curdir = os.curdir
+        easyrsadir = base_dir + os.sep + "easy-rsa" + os.sep
+        pkitool = easyrsadir + "pkitool"
+        os.chdir(easyrsadir)
+
+        os.environ["KEY_COUNTRY"] = variables['KEY_COUNTRY']
+        os.environ["KEY_PROVINCE"] = variables['KEY_PROVINCE']
+        os.environ["KEY_CITY"] = variables['KEY_CITY']
+        os.environ["KEY_ORG"] = variables['KEY_ORG']
+        os.environ["KEY_OU"] = variables['KEY_ORG']
+        os.environ["KEY_CN"] = variables['KEY_ORG']
+        os.environ["KEY_NAME"] = variables['KEY_ORG']
+        os.environ["KEY_EMAIL"] = variables['KEY_EMAIL']
+        os.environ["KEY_SIZE"] = variables['KEY_SIZE']
+        os.environ["CA_EXPIRE"] = variables['CA_EXPIRE']
+        os.environ["KEY_EXPIRE"] = variables['KEY_EXPIRE']
+
+        os.environ["EASY_RSA"] = easyrsadir
+        os.environ["OPENSSL"] = "openssl"
+        os.environ["PKCS11TOOL"] = "pkcs11-tool"
+        os.environ["GREP"] = "grep"
+        os.environ["KEY_CONFIG"] = easyrsadir + "openssl.cnf"
+        os.environ["KEY_DIR"] = easyrsadir + "keys"
+        os.environ["PKCS11_MODULE_PATH"] = "dummy"
+        os.environ["PKCS11_PIN"] = "dummy"
+
+        call(["./clean-all"])
+        call([pkitool, "--initca"])
+        call([pkitool, "server"])
+        call(["./build-dh"])
+
+        os.chdir(curdir)
 
         return VpnGenError.Success
 
     def remove_vpn(self, vpn_name):
-        return VpnGenError.ClientDoesNotExists
+        base_dir = "%s%s%s" % (self.ovpn_config_path, os.sep, vpn_name)
+        conf_file = "%s.conf" % base_dir
+        if not os.path.exists(base_dir) and not os.path.exists(conf_file):
+            return VpnGenError.VpnDoesNotExists
+        os.remove(conf_file)
+        shutil.rmtree(base_dir)
+        return VpnGenError.Success
 
     def create_client(self, vpn_name, client_name, variables):
         return VpnGenError.ClientDoesNotExists

vpngen/default.conf

 #push "redirect-gateway def1 bypass-dhcp"
 
 # Security
-user www-data
-group ovpn-manager
+user ${user}
+group ${group}
 persist-key
 persist-tun
 comp-lzo

vpngen/vpngen.json

 
   "defaults": {
     "vpn": {
-      "name": "my_vpn",
       "port": "4242",
       "hostname": "vpn.example.com",
       "net": "10.0.0.0",
       "mask": "255.255.255.0",
       "dev": "tap",
+      "user": "root",
+      "group": "root",
 
       "KEY_COUNTRY": "COUNTRY",
       "KEY_PROVINCE": "state",
       "KEY_CITY": "City",
       "KEY_ORG": "example",
-      "KEY_EMAIL": "root@example.com"
+      "KEY_EMAIL": "root@example.com",
+      "KEY_SIZE": "1024",
+      "CA_EXPIRE": "3650",
+      "KEY_EXPIRE": "3650"
     },
     "client": {