Initial set up to use script in VPN service
diff --git a/xos/observers/vpn/steps/sync_vpntenant.py b/xos/observers/vpn/steps/sync_vpntenant.py
index c7c3c9d..5d04c14 100644
--- a/xos/observers/vpn/steps/sync_vpntenant.py
+++ b/xos/observers/vpn/steps/sync_vpntenant.py
@@ -23,7 +23,7 @@
objs = VPNTenant.get_tenant_objects().filter(
Q(enacted__lt=F('updated')) | Q(enacted=None), Q(lazy_blocked=False))
for tenant in objs:
- tenant.client_conf = self.generate_client_conf(tenant)
+ self.create_client_script(tenant)
else:
objs = VPNTenant.get_deleted_tenant_objects()
@@ -36,6 +36,25 @@
"server_address": o.server_address,
"client_address": o.client_address}
+ def create_client_script(self, tenant):
+ script = open(tenant.file_name, 'w')
+ # write the key portion
+ script.write("printf \"")
+ for line in tenant.server_key.splitlines():
+ script.write(line + r"\n")
+ script.write("\" > static.key\n")
+ # write the configuration portion
+ script.write("printf \"")
+ for line in self.generate_client_conf(tenant).splitlines():
+ script.write(line + r"\n")
+ script.write("\" > client.conf\n")
+ # make sure openvpn is installed
+ script.write("apt-get update\n")
+ script.write("apt-get install openvpn\n")
+ script.write("openvpn client.conf &")
+ # close the script
+ script.close()
+
def generate_client_conf(self, tenant):
"""str: Generates the client configuration to use to connect to this VPN server.
diff --git a/xos/services/vpn/admin.py b/xos/services/vpn/admin.py
index ceb59dc..f6d233f 100644
--- a/xos/services/vpn/admin.py
+++ b/xos/services/vpn/admin.py
@@ -1,4 +1,4 @@
-
+import time
from subprocess import PIPE, Popen
from core.admin import ReadOnlyAwareAdmin, SliceInline
@@ -56,20 +56,20 @@
"""
creator = forms.ModelChoiceField(queryset=User.objects.all())
- server_key = forms.CharField(required=False, widget=forms.Textarea)
- client_conf = forms.CharField(required=False, widget=forms.Textarea)
+ server_key = forms.CharField(required=True, widget=forms.Textarea)
server_address = forms.GenericIPAddressField(
protocol='IPv4', required=True)
client_address = forms.GenericIPAddressField(
protocol='IPv4', required=True)
is_persistent = forms.BooleanField(required=False)
can_view_subnet = forms.BooleanField(required=False)
+ file_name = forms.CharField(required=True)
def __init__(self, *args, **kwargs):
super(VPNTenantForm, self).__init__(*args, **kwargs)
self.fields['kind'].widget.attrs['readonly'] = True
self.fields['server_key'].widget.attrs['readonly'] = True
- self.fields['client_conf'].widget.attrs['readonly'] = True
+ self.fields['file_name'].widget.attrs['readonly'] = True
self.fields[
'provider_service'].queryset = VPNService.get_service_objects().all()
@@ -78,7 +78,6 @@
if self.instance:
self.fields['creator'].initial = self.instance.creator
self.fields['server_key'].initial = self.instance.server_key
- self.fields['client_conf'].initial = self.instance.client_conf
self.fields[
'server_address'].initial = self.instance.server_address
self.fields[
@@ -86,6 +85,7 @@
self.fields['is_persistent'].initial = self.instance.is_persistent
self.fields[
'can_view_subnet'].initial = self.instance.can_view_subnet
+ self.fields['file_name'].initial = self.instance.file_name
if (not self.instance) or (not self.instance.pk):
self.fields['creator'].initial = get_request().user
@@ -94,6 +94,7 @@
self.fields['client_address'].initial = "10.8.0.2"
self.fields['is_persistent'].initial = True
self.fields['can_view_subnet'].initial = False
+ self.fields['file_name'].initial = time.time() + ".vpn"
if VPNService.get_service_objects().exists():
self.fields["provider_service"].initial = VPNService.get_service_objects().all()[
0]
@@ -104,10 +105,12 @@
self.instance.server_address = self.cleaned_data.get("server_address")
self.instance.client_address = self.cleaned_data.get("client_address")
self.instance.is_persistent = self.cleaned_data.get('is_persistent')
+ self.instance.file_name = self.cleaned_data.get('file_name')
self.instance.can_view_subnet = self.cleaned_data.get(
'can_view_subnet')
return super(VPNTenantForm, self).save(commit=commit)
+
def generate_VPN_key(self):
"""str: Generates a VPN key using the openvpn command."""
proc = Popen("openvpn --genkey --secret /dev/stdout",
@@ -125,7 +128,7 @@
list_display_links = ('id', 'backend_status_icon', 'instance')
fieldsets = [(None, {'fields': ['backend_status_text', 'kind',
'provider_service', 'instance', 'creator',
- 'server_key', 'client_conf',
+ 'server_key', 'file_name',
'server_address', 'client_address',
'is_persistent', 'can_view_subnet'],
'classes': ['suit-tab suit-tab-general']})]
diff --git a/xos/services/vpn/models.py b/xos/services/vpn/models.py
index 8b2c5d8..2cdb5b9 100644
--- a/xos/services/vpn/models.py
+++ b/xos/services/vpn/models.py
@@ -27,11 +27,11 @@
sync_attributes = ("nat_ip", "nat_mac",)
default_attributes = {'server_key': 'Error key not found',
- 'client_conf': 'Configuration not found',
'server_address': '10.8.0.1',
'client_address': '10.8.0.2',
'can_view_subnet': False,
- 'is_persistent': True}
+ 'is_persistent': True,
+ 'file_name': 'Not found'}
def __init__(self, *args, **kwargs):
vpn_services = VPNService.get_service_objects().all()
@@ -115,17 +115,6 @@
self.set_attribute("client_address", value)
@property
- def client_conf(self):
- """str: The client configuration for the client to connect to this server."""
- return self.get_attribute(
- "client_conf",
- self.default_attributes['client_conf'])
-
- @client_conf.setter
- def client_conf(self, value):
- self.set_attribute("client_conf", value)
-
- @property
def is_persistent(self):
"""bool: True if the VPN connection is persistence, false otherwise."""
return self.get_attribute(
@@ -147,6 +136,14 @@
def can_view_subnet(self, value):
self.set_attribute("can_view_subnet", value)
+ @property
+ def file_name(self):
+ self.get_attribute("file_name", self.default_attributes['file_name'])
+
+ @file_name.setter
+ def file_name(self, value):
+ self.set_attribute('file_name', value)
+
def model_policy_vpn_tenant(pk):
"""Manages the contain for the VPN Tenant."""