Browse Source

openvpn hook to set / unset ipv6 addr

HgO 1 year ago
parent
commit
71ff38def9

+ 13 - 0
conf/scripts/route-down.d/20-unset-ipv6

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+source /usr/share/yunohost/helpers
+
+is_ip6addr_set() {
+  local ip6_addr=${1}
+  ip address show dev tun0 2> /dev/null | grep -q "${ip6_addr}/"
+}
+
+ip6_addr=$(ynh_setting_get vpnclient ip6_addr)
+if [[ -n "${ip6_addr}" ]] && [[ "${ip6_addr}" != none ]] && is_ip6addr_set "${ip6_addr}"; then
+  ip address delete "${ip6_addr}/64" dev tun0
+fi

+ 13 - 0
conf/scripts/route-up.d/20-set-ipv6

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+source /usr/share/yunohost/helpers
+
+is_ip6addr_set() {
+  local ip6_addr=${1}
+  ip address show dev tun0 2> /dev/null | grep -q "${ip6_addr}/"
+}
+
+ip6_addr=$(ynh_setting_get vpnclient ip6_addr)
+if [[ -n "${ip6_addr}" ]] && [[ "${ip6_addr}" != none ]] && ! is_ip6addr_set "${ip6_addr}"; then
+  ip address add "${ip6_addr}/64" dev tun0
+fi

conf/openvpn_run-parts.sh → conf/scripts/run-parts.sh


+ 1 - 21
conf/ynh-vpnclient

@@ -61,23 +61,13 @@ has_nativeip6() {
 }
 
 has_ip6delegatedprefix() {
-  [ "${ynh_ip6_addr}" != none ] && [ "${ynh_ip6_addr}" != "" ]
+  [[ -n "${ynh_ip6_addr}" ]] && [[ "${ynh_ip6_addr}" != none ]]
 }
 
 is_ip6addr_set() {
   ip address show dev tun0 2> /dev/null | grep -q "${ynh_ip6_addr}/"
 }
 
-set_ip6addr() {
-  info "Adding IPv6 from VPN configuration"
-  ip address add "${ynh_ip6_addr}/128" dev tun0
-}
-
-unset_ip6addr() {
-  info "Removing IPv6 from VPN configuration"
-  ip address delete "${ynh_ip6_addr}/128" dev tun0
-}
-
 #
 # Server IPv6 route
 #
@@ -411,12 +401,6 @@ case "${1}" in
       set_serverip6route "${new_server_ip6}" "${new_ip6_gw}" "${new_wired_device}"
     fi
 
-    # Set the ipv6 address
-    if has_ip6delegatedprefix && ! is_ip6addr_set
-    then
-      set_ip6addr
-    fi
-
     # Set host DNS resolvers
     if ! is_dns_set; then
        set_dns
@@ -458,10 +442,6 @@ case "${1}" in
     info "[vpnclient] Stopping..."
     rm -f /tmp/.ynh-vpnclient-started
 
-    if has_ip6delegatedprefix && is_ip6addr_set; then
-      unset_ip6addr
-    fi
-
     if is_serverip6route_set "${old_server_ip6}"; then
       unset_serverip6route "${old_server_ip6}" "${old_ip6_gw}" "${old_wired_device}"
     fi

+ 3 - 1
scripts/_common.sh

@@ -39,7 +39,9 @@ function vpnclient_deploy_files_and_services()
   mkdir -pm 0775 /etc/openvpn/scripts
   mkdir -pm 0775 /etc/openvpn/scripts/route-up.d
   mkdir -pm 0775 /etc/openvpn/scripts/route-down.d
-  install -b -o root -g root -m 0755 ../conf/openvpn_run-parts.sh /etc/openvpn/scripts/run-parts.sh
+  install -b -o root -g root -m 0755 ../conf/scripts/run-parts.sh /etc/openvpn/scripts/run-parts.sh
+  install -b -o root -g root -m 0755 ../conf/scripts/route-up.d/20-set-ipv6 /etc/openvpn/scripts/route-up.d/20-set-ipv6
+  install -b -o root -g root -m 0755 ../conf/scripts/route-down.d/20-unset-ipv6 /etc/openvpn/scripts/route-down.d/20-unset-ipv6
 
   #=================================================
 

+ 2 - 0
scripts/backup

@@ -37,6 +37,8 @@ ynh_backup "/etc/yunohost/hooks.d/90-vpnclient.tpl"
 ynh_backup "/etc/openvpn/client.conf.tpl"
 ynh_backup "/etc/openvpn/keys/"
 ynh_backup "/etc/openvpn/scripts/run-parts.sh"
+ynh_backup "/etc/openvpn/scripts/route-up.d/20-set-ipv6"
+ynh_backup "/etc/openvpn/scripts/route-down.d/20-unset-ipv6"
 
 ynh_backup "/usr/local/bin/$service_name"
 ynh_backup "/usr/local/bin/$service_checker_name.sh"

+ 2 - 0
scripts/remove

@@ -66,6 +66,8 @@ ynh_secure_remove /etc/openvpn/client.conf.tpl
 
 # Remove openvpn script
 ynh_secure_remove /etc/openvpn/scripts/run-parts.sh
+ynh_secure_remove "/etc/openvpn/scripts/route-up.d/20-set-ipv6"
+ynh_secure_remove "/etc/openvpn/scripts/route-down.d/20-unset-ipv6"
 
 # Remove YunoHost hook
 ynh_secure_remove /etc/yunohost/hooks.d/90-vpnclient.tpl

+ 2 - 0
scripts/restore

@@ -35,6 +35,8 @@ ynh_restore_file "/etc/yunohost/hooks.d/90-vpnclient.tpl"
 ynh_restore_file "/etc/openvpn/client.conf.tpl"
 ynh_restore_file "/etc/openvpn/keys/"
 ynh_restore_file "/etc/openvpn/scripts/run-parts.sh"
+ynh_restore_file "/etc/openvpn/scripts/route-up.d/20-set-ipv6"
+ynh_restore_file "/etc/openvpn/scripts/route-down.d/20-unset-ipv6"
 
 ynh_restore_file "/usr/local/bin/$service_name"
 ynh_restore_file "/usr/local/bin/$service_checker_name.sh"