Update OpenVPN config and add openvpn_rm option

This commit is contained in:
Julien Vaubourg
2015-09-29 14:11:00 +02:00
parent 224b3e6026
commit 3f0bb7ed56
5 changed files with 76 additions and 41 deletions

View File

@@ -14,6 +14,7 @@ dev tun
tun-ipv6
keepalive 10 30
comp-lzo adaptive
resolv-retry infinite
# Authentication by login
<TPL:LOGIN_COMMENT>auth-user-pass /etc/openvpn/keys/credentials
@@ -25,6 +26,7 @@ comp-lzo adaptive
tls-client
<TPL:TA_COMMENT>tls-auth /etc/openvpn/keys/user_ta.key 1
remote-cert-tls server
ns-cert-type server
ca /etc/openvpn/keys/ca-server.crt
<TPL:CERT_COMMENT>cert /etc/openvpn/keys/user.crt
<TPL:CERT_COMMENT>key /etc/openvpn/keys/user.key

View File

@@ -84,10 +84,6 @@ function readAutoConf($file) {
$config['crt_client_ta'] = str_replace('|', "\n", $config['crt_client_ta']);
}
if(!empty($config['openvpn_add'])) {
$config['openvpn_add'] = str_replace('|', "\n", $config['openvpn_add']);
}
return $config;
}
@@ -126,14 +122,20 @@ dispatch_put('/settings', function() {
$config = $_POST;
$autoconf = false;
if($_FILES['cubefile']['error'] == UPLOAD_ERR_OK) {
$config = readAutoConf($_FILES['cubefile']['tmp_name']);
$autoconf = true;
}
$ip6_net = empty($config['ip6_net']) ? 'none' : $config['ip6_net'];
$ip6_addr = 'none';
try {
if($_FILES['cubefile']['error'] == UPLOAD_ERR_OK) {
$config = readAutoConf($_FILES['cubefile']['tmp_name']);
if(is_null($config)) {
throw new Exception(_('Json Syntax Error, please check your dot cube file'));
}
$autoconf = true;
}
$ip6_net = empty($config['ip6_net']) ? 'none' : $config['ip6_net'];
$ip6_addr = 'none';
if(empty($config['server_name']) || empty($config['server_port']) || empty($config['server_proto'])) {
throw new Exception(_('The Server Address, the Server Port and the Protocol cannot be empty'));
}
@@ -207,9 +209,32 @@ dispatch_put('/settings', function() {
if($autoconf) {
copy('/etc/openvpn/client.conf.tpl.restore', '/etc/openvpn/client.conf.tpl');
if(!empty($config['openvpn_rm'])) {
$raw_openvpn = explode("\n", file_get_contents('/etc/openvpn/client.conf.tpl'));
$fopenvpn = fopen('/etc/openvpn/client.conf.tpl', 'w');
foreach($raw_openvpn AS $opt) {
$filtered = false;
if(!preg_match('/^#/', $opt) && !preg_match('/<TPL:/', $opt)) {
foreach($config['openvpn_rm'] AS $filter) {
if(preg_match("/$filter/i", $opt)) {
$filtered = true;
}
}
}
if(!$filtered) {
fwrite($fopenvpn, "$opt\n");
}
}
fclose($fopenvpn);
}
if(!empty($config['openvpn_add'])) {
$raw_openvpn = file_get_contents('/etc/openvpn/client.conf.tpl');
$raw_openvpn .= "\n# Custom\n".$config['openvpn_add'];
$raw_openvpn .= "\n# Custom\n".implode("\n", $config['openvpn_add']);
file_put_contents('/etc/openvpn/client.conf.tpl', $raw_openvpn);
}

View File

@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: data 2\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2015-09-29 02:43+0200\n"
"PO-Revision-Date: 2015-09-29 02:45+0200\n"
"POT-Creation-Date: 2015-09-29 14:09+0200\n"
"PO-Revision-Date: 2015-09-29 14:10+0200\n"
"Last-Translator: samy boutayeb <samy@langues-etcetera.fr>\n"
"Language-Team: none\n"
"Language: fr\n"
@@ -19,62 +19,66 @@ msgstr ""
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
"X-Generator: Poedit 1.8.4\n"
#: sources/controller.php:138
#: sources/controller.php:130
msgid "Json Syntax Error, please check your dot cube file"
msgstr "Error de syntaxe Json, merci de vérifier votre fichier .cube"
#: sources/controller.php:140
msgid "The Server Address, the Server Port and the Protocol cannot be empty"
msgstr ""
"L'adresse du serveur, le port du serveur et le protocole ne peuvent pas être "
"vides"
#: sources/controller.php:142
#: sources/controller.php:144
msgid "The Server Port must be only composed of digits"
msgstr "Le port du serveur ne peut correspondre qu'à des chiffres"
#: sources/controller.php:146
#: sources/controller.php:148
msgid "The Protocol must be \"udp\" or \"tcp\""
msgstr "Le protocole ne peut correspondre qu'à \"udp\" ou \"tcp\""
#: sources/controller.php:150
#: sources/controller.php:152
msgid "You need to define two DNS resolver addresses"
msgstr "Vous devez définir deux adresses de résolveur DNS"
#: sources/controller.php:154
#: sources/controller.php:156
msgid "A Password is needed when you suggest a Username, or vice versa"
msgstr ""
"Un mot de passe est nécessaire si vous proposez un nom d'utilisateur, et "
"inversement"
#: sources/controller.php:161
#: sources/controller.php:163
msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
msgstr ""
"Un certificat client est nécessaire si vous proposez une clé, et inversement"
#: sources/controller.php:165
#: sources/controller.php:167
msgid "You need a Server CA."
msgstr "Vous ne pouvez pas ne pas avoir de CA de serveur"
#: sources/controller.php:169
#: sources/controller.php:171
msgid "You need either a Client Certificate, either a Username, or both"
msgstr ""
"Vous devez avoir soit un certificat client, soit un nom d'utilisateur, soit "
"les deux"
#: sources/controller.php:176
#: sources/controller.php:178
msgid "The IPv6 Delegated Prefix format looks bad"
msgstr "Le format du préfixe IPv6 délégué semble incorrect"
#: sources/controller.php:187
#: sources/controller.php:189
msgid "configuration not updated"
msgstr "configuration non-mise à jour"
#: sources/controller.php:285
#: sources/controller.php:310
msgid "Configuration updated and service successfully reloaded"
msgstr "Configuration mise à jour et service correctement rechargé"
#: sources/controller.php:287
#: sources/controller.php:312
msgid "Configuration updated but service reload failed"
msgstr "Configuration mise à jour mais le rechargement du service a échoué"
#: sources/controller.php:291
#: sources/controller.php:316
msgid "Service successfully disabled"
msgstr "Service désactivé avec succès"

View File

@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2015-09-29 02:43+0200\n"
"POT-Creation-Date: 2015-09-29 14:09+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@@ -17,55 +17,59 @@ msgstr ""
"Content-Type: text/plain; charset=CHARSET\n"
"Content-Transfer-Encoding: 8bit\n"
#: sources/controller.php:138
#: sources/controller.php:130
msgid "Json Syntax Error, please check your dot cube file"
msgstr ""
#: sources/controller.php:140
msgid "The Server Address, the Server Port and the Protocol cannot be empty"
msgstr ""
#: sources/controller.php:142
#: sources/controller.php:144
msgid "The Server Port must be only composed of digits"
msgstr ""
#: sources/controller.php:146
#: sources/controller.php:148
msgid "The Protocol must be \"udp\" or \"tcp\""
msgstr ""
#: sources/controller.php:150
#: sources/controller.php:152
msgid "You need to define two DNS resolver addresses"
msgstr ""
#: sources/controller.php:154
#: sources/controller.php:156
msgid "A Password is needed when you suggest a Username, or vice versa"
msgstr ""
#: sources/controller.php:161
#: sources/controller.php:163
msgid "A Client Certificate is needed when you suggest a Key, or vice versa"
msgstr ""
#: sources/controller.php:165
#: sources/controller.php:167
msgid "You need a Server CA."
msgstr ""
#: sources/controller.php:169
#: sources/controller.php:171
msgid "You need either a Client Certificate, either a Username, or both"
msgstr ""
#: sources/controller.php:176
#: sources/controller.php:178
msgid "The IPv6 Delegated Prefix format looks bad"
msgstr ""
#: sources/controller.php:187
#: sources/controller.php:189
msgid "configuration not updated"
msgstr ""
#: sources/controller.php:285
#: sources/controller.php:310
msgid "Configuration updated and service successfully reloaded"
msgstr ""
#: sources/controller.php:287
#: sources/controller.php:312
msgid "Configuration updated but service reload failed"
msgstr ""
#: sources/controller.php:291
#: sources/controller.php:316
msgid "Service successfully disabled"
msgstr ""