diff --git a/TODO b/TODO index 178506a..6e9488b 100644 --- a/TODO +++ b/TODO @@ -1,2 +1,3 @@ * Translate PHP interface in French * Support VPN without certificates (only login) -- need tests +* Add license headers diff --git a/manifest.json b/manifest.json index bb42e0b..f6f5faf 100644 --- a/manifest.json +++ b/manifest.json @@ -39,46 +39,6 @@ }, "example": "access.ldn-fai.net", "default": "access.ldn-fai.net" - }, - { - "name": "crt_client", - "ask": { - "en": "Select the local path of your client certificate (will be moved ; leave empty if not necessary or if you want to upload it later through the web admin)", - "fr": "Sélectionnez le chemin local de votre certificat client (le fichier sera déplacé ; laisser vide si non-nécessaire ou que vous souhaitez le téléverser plus tard via l'admin web)" - }, - "example": "/tmp/user.crt" - }, - { - "name": "crt_client_key", - "ask": { - "en": "Select the local path of your client certificate key (will be moved ; leave empty if not necessary or if you want to upload it later through the web admin)", - "fr": "Sélectionnez le chemin local de la clé de votre certificat client (le fichier sera déplacé ; laisser vide si non-nécessaire ou que vous souhaitez le téléverser plus tard via l'admin web)" - }, - "example": "/tmp/user.key" - }, - { - "name": "crt_server_ca", - "ask": { - "en": "Select the local path of the server CA (will be moved ; leave empty for uploading it later through the web admin)", - "fr": "Sélectionnez le chemin local du CA du serveur (le fichier sera déplacé ; laisser vide pour le téléverser plus tard via l'admin web)" - }, - "example": "/tmp/ca-server.crt" - }, - { - "name": "credentials_user", - "ask": { - "en": "Select your VPN username (leave empty if not necessary)", - "fr": "Sélectionnez votre nom d'utilisateur VPN (laisser vide si non-nécessaire)" - }, - "example": "michu" - }, - { - "name": "credentials_passphrase", - "ask": { - "en": "Select your VPN password (leave empty if not necessary)", - "fr": "Sélectionnez votre mot de passe VPN (laisser vide si non-nécessaire)" - }, - "example": "XVCwSbDkxnqQ" } ] } diff --git a/manifest.json.options b/manifest.json.options new file mode 100644 index 0000000..bb42e0b --- /dev/null +++ b/manifest.json.options @@ -0,0 +1,85 @@ +{ + "name": "VPN Client", + "id": "vpnclient", + "description": { + "en": "VPN Client", + "fr": "Client VPN" + }, + "license": "AGPL-3", + "developer": { + "name": "Julien Vaubourg", + "email": "julien@vaubourg.com", + "url": "http://julien.vaubourg.com" + }, + "multi_instance": "false", + "arguments": { + "install" : [ + { + "name": "domain", + "ask": { + "en": "Choose a domain for the web administration", + "fr": "Choisissez un domaine pour l'administration web" + }, + "example": "domain.org" + }, + { + "name": "path", + "ask": { + "en": "Choose a path for the web administration", + "fr": "Choissez un chemin pour l'administration web" + }, + "example": "/vpnadmin", + "default": "/vpnadmin" + }, + { + "name": "server_name", + "ask": { + "en": "Select a VPN server", + "fr": "Sélectionnez un serveur VPN" + }, + "example": "access.ldn-fai.net", + "default": "access.ldn-fai.net" + }, + { + "name": "crt_client", + "ask": { + "en": "Select the local path of your client certificate (will be moved ; leave empty if not necessary or if you want to upload it later through the web admin)", + "fr": "Sélectionnez le chemin local de votre certificat client (le fichier sera déplacé ; laisser vide si non-nécessaire ou que vous souhaitez le téléverser plus tard via l'admin web)" + }, + "example": "/tmp/user.crt" + }, + { + "name": "crt_client_key", + "ask": { + "en": "Select the local path of your client certificate key (will be moved ; leave empty if not necessary or if you want to upload it later through the web admin)", + "fr": "Sélectionnez le chemin local de la clé de votre certificat client (le fichier sera déplacé ; laisser vide si non-nécessaire ou que vous souhaitez le téléverser plus tard via l'admin web)" + }, + "example": "/tmp/user.key" + }, + { + "name": "crt_server_ca", + "ask": { + "en": "Select the local path of the server CA (will be moved ; leave empty for uploading it later through the web admin)", + "fr": "Sélectionnez le chemin local du CA du serveur (le fichier sera déplacé ; laisser vide pour le téléverser plus tard via l'admin web)" + }, + "example": "/tmp/ca-server.crt" + }, + { + "name": "credentials_user", + "ask": { + "en": "Select your VPN username (leave empty if not necessary)", + "fr": "Sélectionnez votre nom d'utilisateur VPN (laisser vide si non-nécessaire)" + }, + "example": "michu" + }, + { + "name": "credentials_passphrase", + "ask": { + "en": "Select your VPN password (leave empty if not necessary)", + "fr": "Sélectionnez votre mot de passe VPN (laisser vide si non-nécessaire)" + }, + "example": "XVCwSbDkxnqQ" + } + ] + } +} diff --git a/scripts/install b/scripts/install index 914ceab..06b3358 100644 --- a/scripts/install +++ b/scripts/install @@ -4,11 +4,17 @@ domain=${1} url_path=${2} server_name=${3} -crt_client_path=${4} -crt_client_key_path=${5} -crt_server_ca_path=${6} -login_user=${7} -login_passphrase=${8} + +## +## These arguments are optional but YunoHost is not yet able to handle them with the web installer +## See manifest.json.options +## +# +#crt_client_path=${4} +#crt_client_key_path=${5} +#crt_server_ca_path=${6} +#login_user=${7} +#login_passphrase=${8} # Check arguments if [ -z "${server_name}" ]; then @@ -16,39 +22,39 @@ if [ -z "${server_name}" ]; then exit 1 fi -if [ \( -z "${crt_client_path}" -a ! -z "${crt_client_key_path}" \)\ - -o \( ! -z "${crt_client_path}" -a -z "${crt_client_key_path}" \) ]; then - - echo "ERROR: A client certificate is needed when you suggest a key (or vice versa)" >&2 - exit 1 -fi - -if [ ! -z "${crt_client_key_path}" -a -z "${crt_server_ca_path}" ]; then - echo "ERROR: If you can suggest a local path for the client certificates, you probably can suggest one other for the (mandatory) CA server" >&2 - exit 1 -fi - -if [ \( -z "${login_user}" -a ! -z "${login_passphrase}" \)\ - -o \( ! -z "${login_user}" -a -z "${login_passphrase}" \) ]; then - - echo "ERROR: A login password is needed when you suggest a login user (or vice versa)" >&2 - exit 1 -fi - -if [ ! -z "${crt_client_path}" -a ! -f "${crt_client_path}" ]; then - echo "ERROR: The local path <${crt_client_path}> does not exist" >&2 - exit 1 -fi - -if [ ! -z "${crt_client_key_path}" -a ! -f "${crt_client_key_path}" ]; then - echo "ERROR: The local path <${crt_client_key_path}> does not exist" >&2 - exit 1 -fi - -if [ ! -z "${crt_server_ca_path}" -a ! -f "${crt_server_ca_path}" ]; then - echo "ERROR: The local path <${crt_server_ca_path}> does not exist" >&2 - exit 1 -fi +#if [ \( -z "${crt_client_path}" -a ! -z "${crt_client_key_path}" \)\ +# -o \( ! -z "${crt_client_path}" -a -z "${crt_client_key_path}" \) ]; then +# +# echo "ERROR: A client certificate is needed when you suggest a key (or vice versa)" >&2 +# exit 1 +#fi +# +#if [ ! -z "${crt_client_key_path}" -a -z "${crt_server_ca_path}" ]; then +# echo "ERROR: If you can suggest a local path for the client certificates, you probably can suggest one other for the (mandatory) CA server" >&2 +# exit 1 +#fi +# +#if [ \( -z "${login_user}" -a ! -z "${login_passphrase}" \)\ +# -o \( ! -z "${login_user}" -a -z "${login_passphrase}" \) ]; then +# +# echo "ERROR: A login password is needed when you suggest a login user (or vice versa)" >&2 +# exit 1 +#fi +# +#if [ ! -z "${crt_client_path}" -a ! -f "${crt_client_path}" ]; then +# echo "ERROR: The local path <${crt_client_path}> does not exist" >&2 +# exit 1 +#fi +# +#if [ ! -z "${crt_client_key_path}" -a ! -f "${crt_client_key_path}" ]; then +# echo "ERROR: The local path <${crt_client_key_path}> does not exist" >&2 +# exit 1 +#fi +# +#if [ ! -z "${crt_server_ca_path}" -a ! -f "${crt_server_ca_path}" ]; then +# echo "ERROR: The local path <${crt_server_ca_path}> does not exist" >&2 +# exit 1 +#fi # Check domain/path availability sudo yunohost app checkurl ${domain}${url_path} -a vpnclient @@ -57,11 +63,13 @@ if [ ! $? -eq 0 ]; then fi # Install packages -#sudo apt-get update -sudo apt-get --assume-yes --force-yes install openvpn php5-fpm +packages='php5-fpm sipcalc openvpn' +sudo apt-get --assume-yes --force-yes install ${packages} -# Extra packages -sudo apt-get --assume-yes --force-yes install sipcalc +if [ $? -ne 0 ]; then + sudo apt-get update + sudo apt-get --assume-yes --force-yes install ${packages} +fi # Save arguments sudo yunohost app setting vpnclient server_name -v "${server_name}" @@ -97,28 +105,25 @@ sudo find /var/www/vpnadmin/ -type d -exec chmod +x {} \; sudo mkdir -pm 0770 /etc/openvpn/keys/ sudo chown root:admins /etc/openvpn/keys/ -[ ! -z "${crt_client_path}" ] &&\ - sudo install -b -o root -g admins -m 0660 "${crt_client_path}" /etc/openvpn/keys/user.crt - -[ ! -z "${crt_client_key_path}" ] &&\ - sudo install -b -o root -g admins -m 0660 "${crt_client_key_path}" /etc/openvpn/keys/user.key - -[ ! -z "${crt_server_ca_path}" ] &&\ - sudo install -b -o root -g admins -m 0660 "${crt_server_ca_path}" /etc/openvpn/keys/ca-server.crt - -sudo rm -f "${crt_client_path}" "${crt_client_key_path}" "${crt_server_ca_path}" +#[ ! -z "${crt_client_path}" ] &&\ +# sudo install -b -o root -g admins -m 0660 "${crt_client_path}" /etc/openvpn/keys/user.crt +# +#[ ! -z "${crt_client_key_path}" ] &&\ +# sudo install -b -o root -g admins -m 0660 "${crt_client_key_path}" /etc/openvpn/keys/user.key +# +#[ ! -z "${crt_server_ca_path}" ] &&\ +# sudo install -b -o root -g admins -m 0660 "${crt_server_ca_path}" /etc/openvpn/keys/ca-server.crt +# +#sudo rm -f "${crt_client_path}" "${crt_client_key_path}" "${crt_server_ca_path}" # Credentials file for (optional) login -sudo cat << EOF > /etc/openvpn/keys/credentials -${login_user} -${login_passphrase} -EOF - -sudo chown -R root:admins /etc/openvpn/keys/credentials -sudo chmod 0460 /etc/openvpn/keys/credentials - -# Create user for the web admin -sudo useradd -MUr vpnadmin +#sudo cat << EOF > /etc/openvpn/keys/credentials +#${login_user} +#${login_passphrase} +#EOF +# +#sudo chown -R root:admins /etc/openvpn/keys/credentials +#sudo chmod 0460 /etc/openvpn/keys/credentials # Fix confs ## nginx diff --git a/scripts/remove b/scripts/remove index 8d8c412..9cf65d5 100644 --- a/scripts/remove +++ b/scripts/remove @@ -25,12 +25,8 @@ sudo service nginx reload # Remove sources sudo rm -rf /var/www/vpnadmin/ -# Remove user -sudo userdel -f vpnadmin - # Remove packets # The yunohost policy is currently to not uninstall packets (dependency problems) -## sudo apt-get --assume-yes --force-yes remove openvpn php5-fpm -## sudo apt-get --assume-yes --force-yes remove sipcalc +## sudo apt-get --assume-yes --force-yes remove openvpn php5-fpm sipcalc exit 0 diff --git a/sources/public/js/custom.js b/sources/public/js/custom.js index b705afe..3e80993 100644 --- a/sources/public/js/custom.js +++ b/sources/public/js/custom.js @@ -37,12 +37,13 @@ $(document).ready(function() { $('input[type="file"]').change(function() { var choosertxtid = '#' + $(this).attr('id') + '_choosertxt'; - $(choosertxtid).val($(this).val()); + $(choosertxtid).val($(this).val().replace(/^.*[\/\\]/, '')); }); $('#save').click(function() { $(this).prop('disabled', true); $('#save-loading').show(); + $('#form').submit(); }); $('#status .close').click(function() { diff --git a/sources/views/settings.html.php b/sources/views/settings.html.php index 8d9c7fe..b5a1568 100644 --- a/sources/views/settings.html.php +++ b/sources/views/settings.html.php @@ -16,7 +16,7 @@
-
+