Revert "Improve synchronizer"
This reverts commit 4df566b2841fc1b8bf14981a72ef0596abab54bd.
diff --git a/xos/services/vpn/admin.py b/xos/services/vpn/admin.py
index d346ddf..26887078 100644
--- a/xos/services/vpn/admin.py
+++ b/xos/services/vpn/admin.py
@@ -173,6 +173,7 @@
VPNService.get_service_objects().all()[0])
def save(self, commit=True):
+ result = super(VPNTenantForm, self).save(commit=commit)
self.instance.creator = self.cleaned_data.get("creator")
self.instance.is_persistent = self.cleaned_data.get('is_persistent')
self.instance.vpn_subnet = self.cleaned_data.get("vpn_subnet")
@@ -191,8 +192,35 @@
self.instance.use_ca_from[:] = []
self.instance.use_ca_from.append(self.cleaned_data.get('use_ca_from'))
+ result.save() # Need to do this so that we know the ID
- return super(VPNTenantForm, self).save(commit=commit)
+ self.instance.pki_dir = (
+ VPNService.OPENVPN_PREFIX + "server-" + str(result.id))
+
+ if (not os.path.isdir(self.instance.pki_dir)):
+ VPNService.execute_easyrsa_command(
+ self.instance.pki_dir, "init-pki")
+ if (self.instance.use_ca_from[0]):
+ shutil.copy2(
+ self.instance.use_ca_from[0].pki_dir + "/ca.crt",
+ self.instance.pki_dir)
+ shutil.copy2(
+ self.instance.use_ca_from[0].pki_dir + "/private/ca.key",
+ self.instance.pki_dir + "/private")
+ else:
+ VPNService.execute_easyrsa_command(
+ self.instance.pki_dir, "--req-cn=XOS build-ca nopass")
+ elif (self.instance.use_ca_from[0]):
+ shutil.copy2(
+ self.instance.use_ca_from[0].pki_dir + "/ca.crt",
+ self.instance.pki_dir)
+ shutil.copy2(
+ self.instance.use_ca_from[0].pki_dir + "/private/ca.key",
+ self.instance.pki_dir + "/private")
+
+ result.ca_crt = self.generate_ca_crt()
+
+ return result
def generate_ca_crt(self):
"""str: Generates the ca cert by reading from the ca file"""
diff --git a/xos/synchronizers/vpn/steps/sync_vpntenant.py b/xos/synchronizers/vpn/steps/sync_vpntenant.py
index 7538628..58a9287 100644
--- a/xos/synchronizers/vpn/steps/sync_vpntenant.py
+++ b/xos/synchronizers/vpn/steps/sync_vpntenant.py
@@ -1,5 +1,4 @@
import os
-import shutil
import sys
from django.db.models import F, Q
@@ -19,46 +18,8 @@
template_name = "sync_vpntenant.yaml"
service_key_name = "/opt/xos/synchronizers/vpn/vpn_private_key"
-
- def sync_fields(self, tenant, fields):
- tenant.pki_dir = (
- VPNService.OPENVPN_PREFIX + "server-" + str(result.id))
-
- if (not os.path.isdir(tenant.pki_dir)):
- VPNService.execute_easyrsa_command(
- tenant.pki_dir, "init-pki")
- if (tenant.use_ca_from[0]):
- shutil.copy2(
- tenant.use_ca_from[0].pki_dir + "/ca.crt",
- tenant.pki_dir)
- shutil.copy2(
- tenant.use_ca_from[0].pki_dir + "/private/ca.key",
- tenant.pki_dir + "/private")
- else:
- VPNService.execute_easyrsa_command(
- tenant.pki_dir, "--req-cn=XOS build-ca nopass")
- elif (tenant.use_ca_from[0]):
- shutil.copy2(
- tenant.use_ca_from[0].pki_dir + "/ca.crt",
- tenant.pki_dir)
- shutil.copy2(
- tenant.use_ca_from[0].pki_dir + "/private/ca.key",
- tenant.pki_dir + "/private")
-
- tenant.ca_crt = tenant.generate_ca_crt()
-
- if (not os.path.isfile(tenant.pki_dir + "/issued/server.crt")):
- VPNService.execute_easyrsa_command(
- tenant.pki_dir, "build-server-full server nopass")
-
- if (not os.path.isfile(tenant.pki_dir + "crl.pem")):
- VPNService.execute_easyrsa_command(tenant.pki_dir, "gen-crl")
-
- if (not os.path.isfile(tenant.pki_dir + "dh.pem")):
- VPNService.execute_easyrsa_command(tenant.pki_dir, "gen-dh")
-
- # will call run_playbook
- super(SyncVPNTenant, self).sync_fields(tenant, fields)
+ def __init__(self, *args, **kwargs):
+ super(SyncVPNTenant, self).__init__(*args, **kwargs)
def fetch_pending(self, deleted):
if (not deleted):
@@ -80,3 +41,11 @@
"protocol": tenant.protocol,
"pki_dir": tenant.pki_dir
}
+
+ def run_playbook(self, o, fields):
+ # Generate the server files
+ if (not os.path.isfile(o.pki_dir + "/issued/server.crt")):
+ VPNService.execute_easyrsa_command(
+ o.pki_dir, "build-server-full server nopass")
+ VPNService.execute_easyrsa_command(o.pki_dir, "gen-crl")
+ super(SyncVPNTenant, self).run_playbook(o, fields)
diff --git a/xos/synchronizers/vpn/steps/sync_vpntenant.yaml b/xos/synchronizers/vpn/steps/sync_vpntenant.yaml
index 556212c..7bf1a25 100644
--- a/xos/synchronizers/vpn/steps/sync_vpntenant.yaml
+++ b/xos/synchronizers/vpn/steps/sync_vpntenant.yaml
@@ -39,7 +39,7 @@
copy: src={{ pki_dir }}/crl.pem dest={{ pki_dir }}/crl.pem
- name: get dh
- copy: src={{ pki_dir }}/dh.pem dest={{ pki_dir }}/dh.pem
+ copy: src=/opt/openvpn/init_pki/dh.pem dest={{ pki_dir }}/dh.pem
- name: erase config
shell: rm -f {{ pki_dir }}/server.conf