[wip] start config panel

config_panel.toml

@@ -0,0 +1,199 @@
+version = "1.0"
+
+[main]
+name = "Auto-configuration"
+
+    [main.service]
+    name = "Service"
+    optional = false
+        
+        [main.service.status]
+        ask = "The status of your VPN is unknown."
+        type = "alert"
+        style = "info"
+        
+        [main.service.service_enabled]
+        ask = "Enable Hotspot"
+        type = "boolean"
+        
+        [main.service.doc]
+        ask = "You need to select a wifi antenna interface. If you use a wifi USB dongle and that this one is not listed here, try to unplug and replug it, then reload this page."
+        type = "alert"
+        style = "warning"
+
+        [main.service.wifi_device]
+        ask = "Device"
+        type = "select"
+        choices.wlan0 = "wlan0"
+        
+        [main.service.wifi_channel]
+        ask = "Channel"
+        type = "select"
+        choices.1 = "1"
+        choices.2 = "2"
+        choices.3 = "3"
+        choices.4 = "4"
+        choices.5 = "5"
+        choices.6 = "6"
+        choices.7 = "7"
+        choices.8 = "8"
+        choices.9 = "9"
+        choices.10 = "10"
+        choices.11 = "11"
+        
+        [main.service.ssid_nb]
+        ask = "Hotspot number"
+        type = "number"
+        min = 1
+        max = 3
+        
+    [main.hotspot1]
+    name = "Hotspot 1"
+    optional = false
+
+        [main.hotspot1.wifi_ssid__1]
+        ask = "Name (SSID)"
+        type = "string"
+        pattern.regexp = '^[\w \-]{1,32}$"
+        pattern.error = 'SSID in this app are limited to letter, number space, dash and underscores."
+        
+        [main.hotspot1.wifi_secure__1]
+        ask = "Secure"
+        type = "boolean"
+
+        [main.hotspot1.wifi_passphrase__1]
+        ask = "Password (WPA2)"
+        type = "string"
+        redact = true
+        visible = "wifi_secure__1" 
+        
+        [main.hotspot1.advanced__1]
+        ask = "Advanced settings"
+        type = "boolean"
+        
+        [main.hotspot1.ip4_nat_prefix__1]
+        ask = "IPv4 NAT prefix (/24)"
+        type = "string"
+        visible = "advanced__1"
+        pattern.regexp = "^[0-9.]{7,15}$"
+        pattern.error = "Please provide a valid IP"
+        
+        [main.hotspot1.ip6_net__1]
+        ask = "IPv6 delegated prefix"
+        type = "string"
+        visible = "advanced__1"
+        pattern.regexp = "^[0-9a-fA-F:]+$"
+        pattern.error = "Please provide a valid IPv6 Prefix"
+        
+        [main.hotspot1.ip6_firewall__1]
+        ask = "IPv6 firewall"
+        type = "boolean"
+        visible = "advanced__1"
+        
+        [main.hotspot1.dns__1]
+        ask = "DNS resolvers"
+        type = "tags"
+        visible = "advanced__1"
+        pattern.regexp = "^([0-9.]{7,15}|[0-9a-fA-F:]+)$"
+        pattern.error = "Not an ip"
+    
+    [main.hotspot2]
+    name = "Hotspot 2"
+    visible = "ssid_nb >= 2"
+
+        [main.hotspot2.wifi_ssid__2]
+        ask = "Name (SSID)"
+        type = "string"
+        pattern.regexp = '^[\w \-]{1,32}$"
+        pattern.error = 'SSID in this app are limited to letter, number space, dash and underscores."
+        
+        [main.hotspot2.wifi_secure__2]
+        ask = "Secure"
+        type = "boolean"
+
+        [main.hotspot2.wifi_passphrase__2]
+        ask = "Password (WPA2)"
+        type = "string"
+        redact = true
+        visible = "wifi_secure__2" 
+        
+        [main.hotspot2.advanced__2]
+        ask = "Advanced settings"
+        type = "boolean"
+        
+        [main.hotspot2.ip4_nat_prefix__2]
+        ask = "IPv4 NAT prefix (/24)"
+        type = "string"
+        visible = "advanced__2"
+        pattern.regexp = "^[0-9.]{7,15}$"
+        pattern.error = "Please provide a valid IP"
+        
+        [main.hotspot2.ip6_net__2]
+        ask = "IPv6 delegated prefix"
+        type = "string"
+        visible = "advanced__2"
+        pattern.regexp = "^[0-9a-fA-F:]+$"
+        pattern.error = "Please provide a valid IPv6 Prefix"
+        
+        [main.hotspot2.ip6_firewall__2]
+        ask = "IPv6 firewall"
+        type = "boolean"
+        visible = "advanced__2"
+        
+        [main.hotspot2.dns__2]
+        ask = "DNS resolvers"
+        type = "tags"
+        visible = "advanced__2"
+        pattern.regexp = "^([0-9.]{7,15}|[0-9a-fA-F:]+)$"
+        pattern.error = "Not an ip"
+    
+    [main.hotspot3]
+    name = "Hotspot 3"
+    visible = "ssid_nb >= 3"
+
+        [main.hotspot3.wifi_ssid__3]
+        ask = "Name (SSID)"
+        type = "string"
+        pattern.regexp = '^[\w \-]{1,32}$"
+        pattern.error = 'SSID in this app are limited to letter, number space, dash and underscores."
+        
+        [main.hotspot3.wifi_secure__3]
+        ask = "Secure"
+        type = "boolean"
+
+        [main.hotspot3.wifi_passphrase__3]
+        ask = "Password (WPA2)"
+        type = "string"
+        redact = true
+        visible = "wifi_secure__3" 
+        
+        [main.hotspot3.advanced__3]
+        ask = "Advanced settings"
+        type = "boolean"
+        
+        [main.hotspot3.ip4_nat_prefix__3]
+        ask = "IPv4 NAT prefix (/24)"
+        type = "string"
+        visible = "advanced__3"
+        pattern.regexp = "^[0-9.]{7,15}$"
+        pattern.error = "Please provide a valid IP"
+        
+        [main.hotspot3.ip6_net__3]
+        ask = "IPv6 delegated prefix"
+        type = "string"
+        visible = "advanced__3"
+        pattern.regexp = "^[0-9a-fA-F:]+$"
+        pattern.error = "Please provide a valid IPv6 Prefix"
+        
+        [main.hotspot3.ip6_firewall__3]
+        ask = "IPv6 firewall"
+        type = "boolean"
+        visible = "advanced__3"
+        
+        [main.hotspot3.dns__3]
+        ask = "DNS resolvers"
+        type = "tags"
+        visible = "advanced__3"
+        pattern.regexp = "^([0-9.]{7,15}|[0-9a-fA-F:]+)$"
+        pattern.error = "Not an ip"
+    

scripts/config

@@ -0,0 +1,182 @@
+#!/bin/bash
+
+#=================================================
+# GENERIC STARTING
+#=================================================
+# IMPORT GENERIC HELPERS
+#=================================================
+
+source _common.sh
+source /usr/share/yunohost/helpers
+
+#=================================================
+# MANAGE SCRIPT FAILURE
+#=================================================
+
+# Exit if an error occurs during the execution of the script
+ynh_abort_if_errors
+
+#=================================================
+# RETRIEVE ARGUMENTS
+#=================================================
+
+final_path=$(ynh_app_setting_get $app final_path)
+
+set_right() {
+    if [ -f $1 ]
+    then
+        chown $app:$app $1
+        chmod go=--- $1
+    fi
+}
+
+#=================================================
+# SPECIFIC GETTERS FOR TOML SHORT KEY
+#=================================================
+
+get__status() {
+    local service_enabled=$(ynh_app_setting_get $app service_enabled)
+    if ip route get 1.2.3.4 | grep -q tun0
+    then
+        if [ $service_enabled -eq 1 ]
+        then
+            cat << EOF
+style: success
+ask:
+  en: |-
+    Your VPN is running :)
+
+    **IPv4:** \`$(curl https://ip.yunohost.org --silent)\`
+    **IPv6:** \`$(curl https://ip6.yunohost.org --silent)\`
+EOF
+        else
+            cat << EOF
+style: warning
+ask:
+  en: Your VPN is running, but it shouldn't !
+EOF
+        fi
+    elif [ $service_enabled -eq 1 ]
+    then
+        cat << EOF
+style: danger
+ask:
+  en: |-
+    Your VPN is down ! Here are errors logged in the last 5 minutes
+    \`\`\`
+$(journalctl -u openvpn@client -p0..3 --since "- 20 minutes" -o cat | sed 's/^/    /g' | tail -n 15)
+    \`\`\`
+EOF
+    else
+        cat << EOF
+style: info
+ask:
+  en: Your VPN is down has expected.
+EOF
+
+    fi
+}
+
+get__login_user() {
+    if [ -s /etc/openvpn/keys/credentials ]
+    then
+        echo "$(sed -n 1p /etc/openvpn/keys/credentials)" 
+    else
+        echo ""
+    fi
+}
+
+get__login_passphrase() {
+    if [ -s /etc/openvpn/keys/credentials ]
+    then
+        echo "$(sed -n 2p /etc/openvpn/keys/credentials)"
+    else
+        echo ""
+    fi
+}
+
+
+#=================================================
+# SPECIFIC VALIDATORS FOR TOML SHORT KEYS
+#=================================================
+validate__login_user() {
+
+    if grep -q '^\s*auth-user-pass' ${config_file}
+    then
+        if [[ -z "${login_user}" ]]
+        then
+            echo 'A Username is needed with this configuration file'
+        fi
+    fi
+}
+
+#=================================================
+# SPECIFIC SETTERS FOR TOML SHORT KEYS
+#=================================================
+set__login_user() {
+    if [ -n "${login_user}" ]
+    then
+        echo "${login_user}\n${login_passphrase}" > /etc/openvpn/keys/credentials
+        set_right /etc/openvpn/keys/credentials
+    else
+        echo "" > /etc/openvpn/keys/credentials
+    fi
+}
+
+set__login_passphrase() {
+    :
+}
+
+#=================================================
+# OVERWRITING VALIDATE STEP 
+#=================================================
+read_cube() {
+    tmp_dir=$(dirname "$1")
+    setting_value="$(jq --raw-output ".$2" "$1")"
+    if [[ "$setting_value" == "null" ]]
+    then
+        setting_value=''
+    # Save file in tmp dir
+    elif [[ "$2" == "crt_"* ]]
+    then
+        if [ -n "${setting_value}" ]
+        then
+            echo "${setting_value}" | sed 's/|/\n/g' > $tmp_dir/$2
+            setting_value="$tmp_dir/$2"
+        fi
+    fi
+    echo $setting_value
+}
+ynh_app_config_validate() {
+    _ynh_app_config_validate
+}
+
+#=================================================
+# OVERWRITING APPLY STEP 
+#=================================================
+ynh_app_config_apply() {
+    
+    # Stop vpn client
+    ynh_print_info --message="Stopping vpnclient in order to edit files"
+    touch /tmp/.ynh-vpnclient-stopped
+    /usr/local/bin/ynh-vpnclient stop
+
+    chown $app:$app /etc/openvpn/keys
+    chmod go=--- /etc/openvpn/keys
+    
+    _ynh_app_config_apply
+    
+    set_right /etc/openvpn/client.conf
+    set_right /etc/openvpn/keys/ca-server.crt
+    set_right /etc/openvpn/keys/user.crt
+    set_right /etc/openvpn/keys/user.key
+    set_right /etc/openvpn/keys/user_ta.key
+    
+    # Start vpn client
+    ynh_print_info --message="Starting vpnclient service if needed"
+    /usr/local/bin/ynh-vpnclient start
+    rm -f /tmp/.ynh-vpnclient-stopped
+
+}
+
+ynh_app_config_run $1

scripts/install

@@ -171,6 +171,7 @@ hot_reload_usb_wifi_cards
 wifi_device=$(bash ../conf/iw_devices | awk -F\| '{ print $1 }')
 
 ynh_app_setting_set --app=$app --key=multissid --value=1
+ynh_app_setting_set --app=$app --key=ssid_nb --value=1
 ynh_app_setting_set --app=$app --key=wifi_ssid --value="${wifi_ssid}"
 ynh_app_setting_set --app=$app --key=wifi_secure --value=1
 ynh_app_setting_set --app=$app --key=wifi_passphrase --value="${wifi_passphrase}"