Update OpenVPN config and add openvpn_rm option

This commit is contained in:
Julien Vaubourg
2015-09-29 14:11:00 +02:00
parent 224b3e6026
commit 3f0bb7ed56
5 changed files with 76 additions and 41 deletions

View File

@@ -14,6 +14,7 @@ dev tun
tun-ipv6 tun-ipv6
keepalive 10 30 keepalive 10 30
comp-lzo adaptive comp-lzo adaptive
resolv-retry infinite
# Authentication by login # Authentication by login
<TPL:LOGIN_COMMENT>auth-user-pass /etc/openvpn/keys/credentials <TPL:LOGIN_COMMENT>auth-user-pass /etc/openvpn/keys/credentials
@@ -25,6 +26,7 @@ comp-lzo adaptive
tls-client tls-client
<TPL:TA_COMMENT>tls-auth /etc/openvpn/keys/user_ta.key 1 <TPL:TA_COMMENT>tls-auth /etc/openvpn/keys/user_ta.key 1
remote-cert-tls server remote-cert-tls server
ns-cert-type server
ca /etc/openvpn/keys/ca-server.crt ca /etc/openvpn/keys/ca-server.crt
<TPL:CERT_COMMENT>cert /etc/openvpn/keys/user.crt <TPL:CERT_COMMENT>cert /etc/openvpn/keys/user.crt
<TPL:CERT_COMMENT>key /etc/openvpn/keys/user.key <TPL:CERT_COMMENT>key /etc/openvpn/keys/user.key

View File

@@ -84,10 +84,6 @@ function readAutoConf($file) {
$config['crt_client_ta'] = str_replace('|', "\n", $config['crt_client_ta']); $config['crt_client_ta'] = str_replace('|', "\n", $config['crt_client_ta']);
} }
if(!empty($config['openvpn_add'])) {
$config['openvpn_add'] = str_replace('|', "\n", $config['openvpn_add']);
}
return $config; return $config;
} }
@@ -126,14 +122,20 @@ dispatch_put('/settings', function() {
$config = $_POST; $config = $_POST;
$autoconf = false; $autoconf = false;
if($_FILES['cubefile']['error'] == UPLOAD_ERR_OK) {
$config = readAutoConf($_FILES['cubefile']['tmp_name']);
$autoconf = true;
}
$ip6_net = empty($config['ip6_net']) ? 'none' : $config['ip6_net'];
$ip6_addr = 'none';
try { try {
if($_FILES['cubefile']['error'] == UPLOAD_ERR_OK) {
$config = readAutoConf($_FILES['cubefile']['tmp_name']);
if(is_null($config)) {
throw new Exception(_('Json Syntax Error, please check your dot cube file'));
}
$autoconf = true;
}
$ip6_net = empty($config['ip6_net']) ? 'none' : $config['ip6_net'];
$ip6_addr = 'none';
if(empty($config['server_name']) || empty($config['server_port']) || empty($config['server_proto'])) { if(empty($config['server_name']) || empty($config['server_port']) || empty($config['server_proto'])) {
throw new Exception(_('The Server Address, the Server Port and the Protocol cannot be empty')); throw new Exception(_('The Server Address, the Server Port and the Protocol cannot be empty'));
} }
@@ -207,9 +209,32 @@ dispatch_put('/settings', function() {
if($autoconf) { if($autoconf) {
copy('/etc/openvpn/client.conf.tpl.restore', '/etc/openvpn/client.conf.tpl'); copy('/etc/openvpn/client.conf.tpl.restore', '/etc/openvpn/client.conf.tpl');
if(!empty($config['openvpn_rm'])) {
$raw_openvpn = explode("\n", file_get_contents('/etc/openvpn/client.conf.tpl'));
$fopenvpn = fopen('/etc/openvpn/client.conf.tpl', 'w');
foreach($raw_openvpn AS $opt) {
$filtered = false;
if(!preg_match('/^#/', $opt) && !preg_match('/<TPL:/', $opt)) {
foreach($config['openvpn_rm'] AS $filter) {
if(preg_match("/$filter/i", $opt)) {
$filtered = true;
}
}
}
if(!$filtered) {
fwrite($fopenvpn, "$opt\n");
}
}
fclose($fopenvpn);
}
if(!empty($config['openvpn_add'])) { if(!empty($config['openvpn_add'])) {
$raw_openvpn = file_get_contents('/etc/openvpn/client.conf.tpl'); $raw_openvpn = file_get_contents('/etc/openvpn/client.conf.tpl');
$raw_openvpn .= "\n# Custom\n".$config['openvpn_add']; $raw_openvpn .= "\n# Custom\n".implode("\n", $config['openvpn_add']);
file_put_contents('/etc/openvpn/client.conf.tpl', $raw_openvpn); file_put_contents('/etc/openvpn/client.conf.tpl', $raw_openvpn);
} }

View File

@@ -8,8 +8,8 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: data 2\n" "Project-Id-Version: data 2\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2015-09-29 02:43+0200\n" "POT-Creation-Date: 2015-09-29 14:09+0200\n"
"PO-Revision-Date: 2015-09-29 02:45+0200\n" "PO-Revision-Date: 2015-09-29 14:10+0200\n"
"Last-Translator: samy boutayeb <samy@langues-etcetera.fr>\n" "Last-Translator: samy boutayeb <samy@langues-etcetera.fr>\n"
"Language-Team: none\n" "Language-Team: none\n"
"Language: fr\n" "Language: fr\n"
@@ -19,62 +19,66 @@ msgstr ""
"Plural-Forms: nplurals=2; plural=(n > 1);\n" "Plural-Forms: nplurals=2; plural=(n > 1);\n"
"X-Generator: Poedit 1.8.4\n" "X-Generator: Poedit 1.8.4\n"
#: sources/controller.php:138 #: sources/controller.php:130
msgid "Json Syntax Error, please check your dot cube file"
msgstr "Error de syntaxe Json, merci de vérifier votre fichier .cube"
#: sources/controller.php:140
msgid "The Server Address, the Server Port and the Protocol cannot be empty" msgid "The Server Address, the Server Port and the Protocol cannot be empty"
msgstr "" msgstr ""
"L'adresse du serveur, le port du serveur et le protocole ne peuvent pas être " "L'adresse du serveur, le port du serveur et le protocole ne peuvent pas être "
"vides" "vides"
#: sources/controller.php:142 #: sources/controller.php:144
msgid "The Server Port must be only composed of digits" msgid "The Server Port must be only composed of digits"
msgstr "Le port du serveur ne peut correspondre qu'à des chiffres" msgstr "Le port du serveur ne peut correspondre qu'à des chiffres"
#: sources/controller.php:146 #: sources/controller.php:148
msgid "The Protocol must be \"udp\" or \"tcp\"" msgid "The Protocol must be \"udp\" or \"tcp\""
msgstr "Le protocole ne peut correspondre qu'à \"udp\" ou \"tcp\"" msgstr "Le protocole ne peut correspondre qu'à \"udp\" ou \"tcp\""
#: sources/controller.php:150 #: sources/controller.php:152
msgid "You need to define two DNS resolver addresses" msgid "You need to define two DNS resolver addresses"
msgstr "Vous devez définir deux adresses de résolveur DNS" msgstr "Vous devez définir deux adresses de résolveur DNS"
#: sources/controller.php:154 #: sources/controller.php:156
msgid "A Password is needed when you suggest a Username, or vice versa" msgid "A Password is needed when you suggest a Username, or vice versa"
msgstr "" msgstr ""
"Un mot de passe est nécessaire si vous proposez un nom d'utilisateur, et " "Un mot de passe est nécessaire si vous proposez un nom d'utilisateur, et "
"inversement" "inversement"
#: sources/controller.php:161 #: sources/controller.php:163
msgid "A Client Certificate is needed when you suggest a Key, or vice versa" msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
msgstr "" msgstr ""
"Un certificat client est nécessaire si vous proposez une clé, et inversement" "Un certificat client est nécessaire si vous proposez une clé, et inversement"
#: sources/controller.php:165 #: sources/controller.php:167
msgid "You need a Server CA." msgid "You need a Server CA."
msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur" msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur"
#: sources/controller.php:169 #: sources/controller.php:171
msgid "You need either a Client Certificate, either a Username, or both" msgid "You need either a Client Certificate, either a Username, or both"
msgstr "" msgstr ""
"Vous devez avoir soit un certificat client, soit un nom d'utilisateur, soit " "Vous devez avoir soit un certificat client, soit un nom d'utilisateur, soit "
"les deux" "les deux"
#: sources/controller.php:176 #: sources/controller.php:178
msgid "The IPv6 Delegated Prefix format looks bad" msgid "The IPv6 Delegated Prefix format looks bad"
msgstr "Le format du préfixe IPv6 délégué semble incorrect" msgstr "Le format du préfixe IPv6 délégué semble incorrect"
#: sources/controller.php:187 #: sources/controller.php:189
msgid "configuration not updated" msgid "configuration not updated"
msgstr "configuration non-mise à jour" msgstr "configuration non-mise à jour"
#: sources/controller.php:285 #: sources/controller.php:310
msgid "Configuration updated and service successfully reloaded" msgid "Configuration updated and service successfully reloaded"
msgstr "Configuration mise à jour et service correctement rechargé" msgstr "Configuration mise à jour et service correctement rechargé"
#: sources/controller.php:287 #: sources/controller.php:312
msgid "Configuration updated but service reload failed" msgid "Configuration updated but service reload failed"
msgstr "Configuration mise à jour mais le rechargement du service a échoué" msgstr "Configuration mise à jour mais le rechargement du service a échoué"
#: sources/controller.php:291 #: sources/controller.php:316
msgid "Service successfully disabled" msgid "Service successfully disabled"
msgstr "Service désactivé avec succès" msgstr "Service désactivé avec succès"

View File

@@ -8,7 +8,7 @@ msgid ""
msgstr "" msgstr ""
"Project-Id-Version: PACKAGE VERSION\n" "Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n" "Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2015-09-29 02:43+0200\n" "POT-Creation-Date: 2015-09-29 14:09+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n" "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n" "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -17,55 +17,59 @@ msgstr ""
"Content-Type: text/plain; charset=CHARSET\n" "Content-Type: text/plain; charset=CHARSET\n"
"Content-Transfer-Encoding: 8bit\n" "Content-Transfer-Encoding: 8bit\n"
#: sources/controller.php:138 #: sources/controller.php:130
msgid "Json Syntax Error, please check your dot cube file"
msgstr ""
#: sources/controller.php:140
msgid "The Server Address, the Server Port and the Protocol cannot be empty" msgid "The Server Address, the Server Port and the Protocol cannot be empty"
msgstr "" msgstr ""
#: sources/controller.php:142 #: sources/controller.php:144
msgid "The Server Port must be only composed of digits" msgid "The Server Port must be only composed of digits"
msgstr "" msgstr ""
#: sources/controller.php:146 #: sources/controller.php:148
msgid "The Protocol must be \"udp\" or \"tcp\"" msgid "The Protocol must be \"udp\" or \"tcp\""
msgstr "" msgstr ""
#: sources/controller.php:150 #: sources/controller.php:152
msgid "You need to define two DNS resolver addresses" msgid "You need to define two DNS resolver addresses"
msgstr "" msgstr ""
#: sources/controller.php:154 #: sources/controller.php:156
msgid "A Password is needed when you suggest a Username, or vice versa" msgid "A Password is needed when you suggest a Username, or vice versa"
msgstr "" msgstr ""
#: sources/controller.php:161 #: sources/controller.php:163
msgid "A Client Certificate is needed when you suggest a Key, or vice versa" msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
msgstr "" msgstr ""
#: sources/controller.php:165 #: sources/controller.php:167
msgid "You need a Server CA." msgid "You need a Server CA."
msgstr "" msgstr ""
#: sources/controller.php:169 #: sources/controller.php:171
msgid "You need either a Client Certificate, either a Username, or both" msgid "You need either a Client Certificate, either a Username, or both"
msgstr "" msgstr ""
#: sources/controller.php:176 #: sources/controller.php:178
msgid "The IPv6 Delegated Prefix format looks bad" msgid "The IPv6 Delegated Prefix format looks bad"
msgstr "" msgstr ""
#: sources/controller.php:187 #: sources/controller.php:189
msgid "configuration not updated" msgid "configuration not updated"
msgstr "" msgstr ""
#: sources/controller.php:285 #: sources/controller.php:310
msgid "Configuration updated and service successfully reloaded" msgid "Configuration updated and service successfully reloaded"
msgstr "" msgstr ""
#: sources/controller.php:287 #: sources/controller.php:312
msgid "Configuration updated but service reload failed" msgid "Configuration updated but service reload failed"
msgstr "" msgstr ""
#: sources/controller.php:291 #: sources/controller.php:316
msgid "Service successfully disabled" msgid "Service successfully disabled"
msgstr "" msgstr ""