WEBLIB.RE/vpnclient_ynh
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity

Compare commits

merge into: WEBLIB.RE:master
Branches Tags
WEBLIB.RE:master WEBLIB.RE:master_upstream WEBLIB.RE:master_myfork WEBLIB.RE:testing WEBLIB.RE:develop WEBLIB.RE:fix-get-date-without-ntpd-port WEBLIB.RE:fix-1016-vpn-firewall-residual
WEBLIB.RE:v1.4.2 WEBLIB.RE:1.4.1 WEBLIB.RE:1.4.0 WEBLIB.RE:1.3.0 WEBLIB.RE:1.0.1 WEBLIB.RE:1.0.0
...
pull from: WEBLIB.RE:fix-1016-vpn-firewall-residual
Branches Tags
WEBLIB.RE:master WEBLIB.RE:master_upstream WEBLIB.RE:master_myfork WEBLIB.RE:testing WEBLIB.RE:develop WEBLIB.RE:fix-get-date-without-ntpd-port WEBLIB.RE:fix-1016-vpn-firewall-residual
WEBLIB.RE:v1.4.2 WEBLIB.RE:1.4.1 WEBLIB.RE:1.4.0 WEBLIB.RE:1.3.0 WEBLIB.RE:1.0.1 WEBLIB.RE:1.0.0

9 Commits
master ... fix-1016-v

Author SHA1 Message Date
ljf (zamentur)
19e83122f5 [fix] Let VPN mount 2018-05-12 02:26:58 +02:00
agentcobra
05878ea230 Merge pull request #34 from keomabrun/master 
using new helpers and script formatting
 2018-04-25 20:18:55 +02:00
Keoma Brun
809dc19c80 using new helpers and script formatting 2018-04-09 16:11:08 +02:00
ljf (zamentur)
35f38ec86c [enh] Update version number 2018-04-08 13:55:09 +02:00
ljf (zamentur)
a642a01029 [fix] Add fake-hwclock to avoid RTC 1970 date 
A20 Allwinner seems to have a RTC but i think this one can't work when the board is shutdown (during several minutes/hours/days ?).  This package register the last date and set it early in the boot process.
 2018-04-08 13:55:09 +02:00
ljf (zamentur)
5654b6d0b2 [fix] ntpd blocked cause firewall to strict 2018-04-08 13:54:28 +02:00
agentcobra
b34644c729 Update upgrade 
quick fix for ci building failling
 2018-04-06 13:09:02 +02:00
Sebastien Badia
c9d7537387 cr: Update notifications settings 2018-03-23 10:29:24 +01:00
agentcobra
8aab3c7dd2 Package improvement (#31) 
* fix manifest

* fix tabs

* add Services section in manifest

* Fix invalid JSON
open an issue https://dev.yunohost.org/issues/1097

* fix "Impossible de satisfaire les pré-requis pour vpnclient : Paquet «
yunohost-moulinette » inconnu"

* finalisation manifest.json et harmonisation avec
https://yunohost.org/#/packaging_apps_manifest_fr

* ajout de du CI avec .travis.yml

* Update README.md

* lifting manifest.json

* remove exit 0 from scrits and add .gitignore

* fix lint error with exit

* fix #31

* refix #31
 2018-03-23 09:23:57 +01:00
12 changed files with 215 additions and 83 deletions
Expand all files Collapse all files

3
.gitignore vendored Normal file
View File

@@ -0,0 +1,3 @@
# Created from https://github.com/YunoHost/example_ynh/blob/master/.gitignore
*~
*.sw[op]

13
.travis.yml Normal file
View File

@@ -0,0 +1,13 @@
language: php
before_script:
- git clone --depth 1 git://github.com/YunoHost/package_linter ../package_linter && cd ../package_linter
- mv ../vpnclient_ynh vpnclient_ynh
script:
- ./package_linter.py vpnclient_ynh
notifications:
email: false
irc:
on_success: always
on_failure: always
channels:
- "irc.geeknode.org#labriqueinter.net-dev"

1
README.md
View File

@@ -1,4 +1,5 @@
# VPN Client # VPN Client
[![Build Status](https://travis-ci.org/labriqueinternet/vpnclient_ynh.svg?branch=master)](https://travis-ci.org/labriqueinternet/vpnclient_ynh)
## Overview ## Overview
VPN Client app for [YunoHost](http://yunohost.org/). VPN Client app for [YunoHost](http://yunohost.org/).

6
conf/ynh-vpnclient
View File

@@ -129,6 +129,10 @@ start_openvpn() {
[ "${ynh_server_proto}" == tcp ] && proto=tcp-client [ "${ynh_server_proto}" == tcp ] && proto=tcp-client
fi fi
# Unset firewall to let DNS and NTP resolution works
# Firewall is reset after vpn is mounted (more details on #1016)
unset_firewall
sync_time sync_time
cp /etc/openvpn/client.conf{.tpl,} cp /etc/openvpn/client.conf{.tpl,}
@@ -199,7 +203,7 @@ stop_openvpn() {
sync_time() { sync_time() {
systemctl stop ntp systemctl stop ntp
ntpd -qg &> /dev/null timeout 20 ntpd -qg &> /dev/null
systemctl start ntp systemctl start ntp
} }

30
manifest.json
View File

@@ -1,32 +1,46 @@
{ {
"name": "VPN Client", "name": "VPN Client",
"id": "vpnclient", "id": "vpnclient",
"packaging_format": 1,
"description": { "description": {
"en": "VPN Client", "en": "VPN Client",
"fr": "Client VPN" "fr": "Client VPN"
}, },
"license": "AGPL-3", "url": "https://github.com/labriqueinternet/vpnclient_ynh",
"developer": { "version": "1.1.0",
"license": "AGPL-3.0",
"maintainer": {
"name": "Julien Vaubourg", "name": "Julien Vaubourg",
"email": "julien@vaubourg.com", "email": "julien@vaubourg.com",
"url": "http://julien.vaubourg.com" "url": "http://julien.vaubourg.com"
}, },
"multi_instance": "false", "requirements": {
"yunohost": ">= 2.2.0",
"moulinette": ">= 2.4.0"
},
"multi_instance": false,
"services": [
"nginx",
"php5-fpm",
"ynh-vpnclient"
],
"arguments": { "arguments": {
"install" : [ "install": [
{ {
"name": "domain", "name": "domain",
"type": "domain",
"ask": { "ask": {
"en": "Choose a domain for the web administration", "en": "Choose a domain for the web administration",
"fr": "Choisissez un domaine pour l'administration web" "fr": "Choisissez un domaine pour l'administration web"
}, },
"example": "domain.org" "example": "domain.org"
}, },
{ {
"name": "path", "name": "path",
"type": "path",
"ask": { "ask": {
"en": "Choose a path for the web administration", "en": "Choose a path for the web administration",
"fr": "Choisissez un chemin pour l'administration web" "fr": "Choisissez un chemin pour l'administration web"
}, },
"example": "/vpnadmin", "example": "/vpnadmin",
"default": "/vpnadmin" "default": "/vpnadmin"

10
scripts/helpers → scripts/_common.sh
View File

@@ -1,8 +1,11 @@
#!/bin/bash #!/bin/bash
source /usr/share/yunohost/helpers
# #
# Common variables
#
pkg_dependencies="php5-fpm sipcalc dnsutils openvpn curl fake-hwclock"
# Helper to start/stop/.. a systemd service from a yunohost context, # Helper to start/stop/.. a systemd service from a yunohost context,
# *and* the systemd service itself needs to be able to run yunohost # *and* the systemd service itself needs to be able to run yunohost
# commands. # commands.
@@ -37,3 +40,4 @@ function ynh_systemctl()
# Restore the old lock # Restore the old lock
mv $LOCKFILE.bkp.$$ $LOCKFILE mv $LOCKFILE.bkp.$$ $LOCKFILE
} }

9
scripts/backup
View File

@@ -1,9 +1,16 @@
#!/bin/bash #!/bin/bash
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
ynh_abort_if_errors # Stop script if an error is detected
#=================================================
backup_dir="${1}/apps/vpnclient" backup_dir="${1}/apps/vpnclient"
mkdir -p "${backup_dir}/" mkdir -p "${backup_dir}/"
sudo cp -a /etc/openvpn/keys/ "${backup_dir}/" sudo cp -a /etc/openvpn/keys/ "${backup_dir}/"
sudo cp -a /etc/openvpn/client.conf.tpl "${backup_dir}/" sudo cp -a /etc/openvpn/client.conf.tpl "${backup_dir}/"
exit 0

110
scripts/install
View File

@@ -17,45 +17,83 @@
# You should have received a copy of the GNU Affero General Public License # You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
# This is an upgrade? #=================================================
upgrade=$([ "${VPNCLIENT_UPGRADE}" == 1 ] && echo true || echo false) # GENERIC START
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# RETRIEVE ARGUMENTS FROM THE MANIFEST
#=================================================
# Retrieve arguments # Retrieve arguments
domain=${1} domain=$YNH_APP_ARG_DOMAIN
url_path=${2} path_url=$YNH_APP_ARG_PATH
if ! $upgrade; then app=$YNH_APP_INSTANCE_NAME
source ./helpers
source ./prerequisites
fi
# Check domain/path availability #=================================================
ynh_webpath_register vpnclient $domain $url_path || exit 1 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
#=================================================
# Install packages # Check destination directory
packages='php5-fpm sipcalc dnsutils openvpn curl' final_path="/var/www/$app"
export DEBIAN_FRONTEND=noninteractive test ! -e "$final_path" || ynh_die "This path already contains a folder"
sudo apt-get --assume-yes --force-yes install ${packages} # Normalize the url path syntax
path_url=$(ynh_normalize_url_path "$path_url")
if [ $? -ne 0 ]; then # Check web path availability
sudo apt-get update ynh_webpath_available "$domain" "$path_url"
sudo apt-get --assume-yes --force-yes install ${packages} # Register (book) web path
fi ynh_webpath_register "$app" "$domain" "$path_url"
#=================================================
# STORE SETTINGS FROM MANIFEST
#=================================================
ynh_app_setting_set "$app" domain "$domain"
ynh_app_setting_set "$app" final_path "$final_path"
#=================================================
# STANDARD MODIFICATIONS
#=================================================
# INSTALL DEPENDENCIES
#=================================================
ynh_install_app_dependencies "$pkg_dependencies"
#=================================================
# SPECIFIC SETUP
#=================================================
# This is an upgrade?
upgrade=$([ -z ${VPNCLIENT_UPGRADE+x} ] && echo true || echo false)
if ! $upgrade; then if ! $upgrade; then
# Save arguments # Save arguments
sudo yunohost app setting vpnclient service_enabled -v 0 ynh_app_setting_set $app service_enabled 0
sudo yunohost app setting vpnclient server_name -v none ynh_app_setting_set $app server_name none
sudo yunohost app setting vpnclient server_port -v 1194 ynh_app_setting_set $app server_port 1194
sudo yunohost app setting vpnclient server_proto -v udp ynh_app_setting_set $app server_proto udp
sudo yunohost app setting vpnclient ip6_addr -v none ynh_app_setting_set $app ip6_addr none
sudo yunohost app setting vpnclient ip6_net -v none ynh_app_setting_set $app ip6_net none
sudo yunohost app setting vpnclient login_user -v "${login_user}" ynh_app_setting_set $app login_user "${login_user}"
sudo yunohost app setting vpnclient login_passphrase -v "${login_passphrase}" ynh_app_setting_set $app login_passphrase "${login_passphrase}"
sudo yunohost app setting vpnclient dns0 -v 89.234.141.66 ynh_app_setting_set $app dns0 89.234.141.66
sudo yunohost app setting vpnclient dns1 -v 2001:913::8 ynh_app_setting_set $app dns1 2001:913::8
fi fi
@@ -91,20 +129,25 @@ sudo find /var/www/vpnadmin/ -type d -exec chmod +x {} \;
sudo mkdir -pm 0770 /etc/openvpn/keys/ sudo mkdir -pm 0770 /etc/openvpn/keys/
sudo chown root:admins /etc/openvpn/keys/ sudo chown root:admins /etc/openvpn/keys/
# Fix confs #=================================================
## nginx # NGINX CONFIGURATION
sudo sed "s|<TPL:NGINX_LOCATION>|${url_path}|g" -i "/etc/nginx/conf.d/${domain}.d/vpnadmin.conf" #=================================================
sudo sed "s|<TPL:NGINX_LOCATION>|${path_url}|g" -i "/etc/nginx/conf.d/${domain}.d/vpnadmin.conf"
sudo sed 's|<TPL:NGINX_REALPATH>|/var/www/vpnadmin/|g' -i "/etc/nginx/conf.d/${domain}.d/vpnadmin.conf" sudo sed 's|<TPL:NGINX_REALPATH>|/var/www/vpnadmin/|g' -i "/etc/nginx/conf.d/${domain}.d/vpnadmin.conf"
sudo sed 's|<TPL:PHP_NAME>|vpnadmin|g' -i "/etc/nginx/conf.d/${domain}.d/vpnadmin.conf" sudo sed 's|<TPL:PHP_NAME>|vpnadmin|g' -i "/etc/nginx/conf.d/${domain}.d/vpnadmin.conf"
## php-fpm #=================================================
# PHP-FPM CONFIGURATION
#=================================================
sudo sed 's|<TPL:PHP_NAME>|vpnadmin|g' -i /etc/php5/fpm/pool.d/vpnadmin.conf sudo sed 's|<TPL:PHP_NAME>|vpnadmin|g' -i /etc/php5/fpm/pool.d/vpnadmin.conf
sudo sed 's|<TPL:PHP_USER>|admin|g' -i /etc/php5/fpm/pool.d/vpnadmin.conf sudo sed 's|<TPL:PHP_USER>|admin|g' -i /etc/php5/fpm/pool.d/vpnadmin.conf
sudo sed 's|<TPL:PHP_GROUP>|admins|g' -i /etc/php5/fpm/pool.d/vpnadmin.conf sudo sed 's|<TPL:PHP_GROUP>|admins|g' -i /etc/php5/fpm/pool.d/vpnadmin.conf
sudo sed 's|<TPL:NGINX_REALPATH>|/var/www/vpnadmin/|g' -i /etc/php5/fpm/pool.d/vpnadmin.conf sudo sed 's|<TPL:NGINX_REALPATH>|/var/www/vpnadmin/|g' -i /etc/php5/fpm/pool.d/vpnadmin.conf
# Fix sources # Fix sources
sudo sed "s|<TPL:NGINX_LOCATION>|${url_path}|g" -i /var/www/vpnadmin/config.php sudo sed "s|<TPL:NGINX_LOCATION>|${path_url}|g" -i /var/www/vpnadmin/config.php
# Copy init script # Copy init script
sudo install -o root -g root -m 0755 ../conf/ynh-vpnclient /usr/local/bin/ sudo install -o root -g root -m 0755 ../conf/ynh-vpnclient /usr/local/bin/
@@ -150,4 +193,3 @@ fi
sudo yunohost app ssowatconf sudo yunohost app ssowatconf
exit 0

8
scripts/prerequisites
View File

@@ -1,8 +0,0 @@
# Source me
# Check YunoHost version (firewall hook in Moulinette)
ynh_version=$(sudo dpkg -l yunohost | grep ii | awk '{ print $3 }' | sed 's/\.//g')
if [ "${ynh_version}" -lt 240 ]; then
echo "WARN: You need a YunoHost's version equals or greater than 2.4.0 for activating the firewalling" >&2
fi

20
scripts/remove
View File

@@ -17,11 +17,24 @@
# You should have received a copy of the GNU Affero General Public License # You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>. # along with this program. If not, see <http://www.gnu.org/licenses/>.
source ./helpers #=================================================
# GENERIC STARTING
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
# Retrieve arguments source _common.sh
domain=$(sudo yunohost app setting vpnclient domain) source /usr/share/yunohost/helpers
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
#=================================================
# The End # The End
ynh_systemctl stop ynh-vpnclient-checker.service ynh_systemctl stop ynh-vpnclient-checker.service
sudo systemctl disable ynh-vpnclient-checker.service sudo systemctl disable ynh-vpnclient-checker.service
@@ -50,4 +63,3 @@ sudo systemctl reload nginx
# Remove sources # Remove sources
sudo rm -rf /var/www/vpnadmin/ sudo rm -rf /var/www/vpnadmin/
exit 0

20
scripts/restore
View File

@@ -1,5 +1,24 @@
#!/bin/bash #!/bin/bash
#=================================================
# IMPORT GENERIC HELPERS
#=================================================
if [ ! -e _common.sh ]; then
# Fetch helpers file if not in current directory
cp ../settings/scripts/_common.sh ./_common.sh
chmod a+rx _common.sh
fi
source _common.sh
source /usr/share/yunohost/helpers
#=================================================
# MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
backup_dir="${1}/apps/vpnclient" backup_dir="${1}/apps/vpnclient"
sudo mkdir -p /etc/openvpn/ sudo mkdir -p /etc/openvpn/
@@ -18,4 +37,3 @@ bash ./upgrade
sudo rm -r "${tmpdir}/" sudo rm -r "${tmpdir}/"
exit 0

44
scripts/upgrade
View File

@@ -1,18 +1,41 @@
#!/bin/bash #!/bin/bash
ynh_setting() { #=================================================
app=${1} # GENERIC STARTING
setting=${2} #=================================================
# IMPORT GENERIC HELPERS
#=================================================
sudo grep "^${setting}:" "/etc/yunohost/apps/${app}/settings.yml" | sed s/^[^:]\\+:\\s*[\"\']\\?// | sed s/\\s*[\"\']\$// source _common.sh
} source /usr/share/yunohost/helpers
source ./helpers #=================================================
source ./prerequisites # MANAGE SCRIPT FAILURE
#=================================================
# Exit if an error occurs during the execution of the script
ynh_abort_if_errors
#=================================================
# LOAD SETTINGS
#=================================================
app=$YNH_APP_INSTANCE_NAME
domain=$(ynh_app_setting_get $app domain)
path_url=$(ynh_app_setting_get $app path)
is_public=$(ynh_app_setting_get $app is_public)
final_path=$(ynh_app_setting_get $app final_path)
server_name=$(ynh_app_setting_get $app server_name)
#=================================================
# CHECK VERSION
#=================================================
ynh_abort_if_up_to_date
#=================================================
domain=$(ynh_setting vpnclient domain)
path=$(ynh_setting vpnclient path)
server_name=$(ynh_setting vpnclient server_name)
sudo mkdir -m 0700 -p /var/cache/labriqueinternet/vpnclient/ sudo mkdir -m 0700 -p /var/cache/labriqueinternet/vpnclient/
sudo tar czf "/var/cache/labriqueinternet/vpnclient/rollback_$(date +%Y-%m-%d-%H%M%S).tgz" /etc/openvpn/ /etc/yunohost/apps/vpnclient/ &> /dev/null sudo tar czf "/var/cache/labriqueinternet/vpnclient/rollback_$(date +%Y-%m-%d-%H%M%S).tgz" /etc/openvpn/ /etc/yunohost/apps/vpnclient/ &> /dev/null
@@ -44,4 +67,3 @@ fi
ynh_systemctl start ynh-vpnclient ynh_systemctl start ynh-vpnclient
exit 0