Attempt to add multiclient changes to VPN models
diff --git a/xos/services/vpn/admin.py b/xos/services/vpn/admin.py
index 1f10083..609afa4 100644
--- a/xos/services/vpn/admin.py
+++ b/xos/services/vpn/admin.py
@@ -7,6 +7,7 @@
from django import forms
from django.contrib import admin
from services.vpn.models import VPN_KIND, VPNService, VPNTenant
+from xos.exceptions import XOSProgrammingError
class VPNServiceAdmin(ReadOnlyAwareAdmin):
@@ -38,9 +39,33 @@
'top',
'administration'),)
+ form = VPNServiceForm
+
def queryset(self, request):
return VPNService.get_service_objects_by_user(request.user)
+class VPNServiceForm(forms.ModelForm):
+ """The form used to create and edit a VPNService."""
+
+
+ def __init__(self, *args, **kwargs):
+ super(VPNServiceForm, self).__init__(*args, **kwargs)
+
+ def save(self, commit=True):
+ if (not self.instance.ca):
+ self.instance.ca = self.generate_ca
+
+ return super(VPNServiceForm, self).save(commit=commit)
+
+ def generate_ca(self):
+ """str: Generates a CA certificate."""
+ proc = Popen("./ca.sh", shell=True, stdout=PIPE)
+ (stdout, stderr) = proc.communicate()
+ return stdout
+
+ class Meta:
+ model = VPNService
+
class VPNTenantForm(forms.ModelForm):
"""The form used to create and edit a VPNTenant.
@@ -106,6 +131,11 @@
if (not self.instance.server_key):
self.instance.server_key = self.generate_VPN_key()
+ if (self.instance.provider_service):
+ self.instance.ca = self.instance.provider_service.ca
+ else:
+ raise XOSProgrammingError("VPN Tenant does not have provider service)
+
return super(VPNTenantForm, self).save(commit=commit)
def generate_VPN_key(self):
diff --git a/xos/services/vpn/ca.sh b/xos/services/vpn/ca.sh
new file mode 100644
index 0000000..7c62d4e
--- /dev/null
+++ b/xos/services/vpn/ca.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+rm -f /usr/share/easy-rsa/vars
+cp -r /usr/share/easy-rsa/* .
+source ./vars
+./clean-all
+./build-ca --batch
+cat keys/ca.crt
diff --git a/xos/services/vpn/models.py b/xos/services/vpn/models.py
index aa63dde..0876dcb 100644
--- a/xos/services/vpn/models.py
+++ b/xos/services/vpn/models.py
@@ -14,6 +14,15 @@
app_label = "vpn"
verbose_name = "VPN Service"
+ @property
+ def ca(self):
+ """str: the string for the ca certificate"""
+ return self.get_attribute("ca", None)
+
+ @ca.setter
+ def ca(self, value):
+ self.set_attribute("ca", value)
+
class VPNTenant(TenantWithContainer):
"""Defines the Tenant for creating VPN servers."""
@@ -31,7 +40,8 @@
'client_address': '10.8.0.2',
'can_view_subnet': False,
'is_persistent': True,
- 'script': None}
+ 'script': None,
+ 'ca': None}
def __init__(self, *args, **kwargs):
vpn_services = VPNService.get_service_objects().all()
@@ -145,6 +155,15 @@
def script(self, value):
self.set_attribute("script", value)
+ @property
+ def ca(self):
+ """str: the string for the ca certificate"""
+ return self.get_attribute("ca", self.default_attributes['ca'])
+
+ @ca.setter
+ def ca(self, value):
+ self.set_attribute("ca", value)
+
def model_policy_vpn_tenant(pk):
"""Manages the contain for the VPN Tenant."""
diff --git a/xos/services/vpn/vars b/xos/services/vpn/vars
new file mode 100644
index 0000000..2cdc9b2
--- /dev/null
+++ b/xos/services/vpn/vars
@@ -0,0 +1,29 @@
+export EASY_RSA="`pwd`"
+
+export OPENSSL="openssl"
+export PKCS11TOOL="pkcs11-tool"
+export GREP="grep"
+
+export KEY_CONFIG=`$EASY_RSA/whichopensslcnf $EASY_RSA`
+
+export KEY_DIR="/users/root/"
+
+# PKCS11 fixes
+export PKCS11_MODULE_PATH="dummy"
+export PKCS11_PIN="dummy"
+
+export KEY_SIZE=2048
+
+export CA_EXPIRE=3650
+
+export KEY_EXPIRE=3650
+
+export KEY_COUNTRY="US"
+export KEY_PROVINCE="AZ"
+export KEY_CITY="Tucson"
+export KEY_ORG="XOS"
+export KEY_EMAIL="devel@xosproject.org"
+export KEY_OU="Development"
+
+# X509 Subject Field
+export KEY_NAME="server"