Home Explore Help
Sign In
labriqueinternet
/
vpnclient_ynh
mirror of https://github.com/labriqueinternet/vpnclient_ynh
3
0
Fork 0
Files
Browse Source

[fix] tons of things

ljf 3 years ago
parent
2c46a2b48e
commit
d5290e3632
3 changed files with 58 additions and 219 deletions
Split View Show Diff Stats
  1. 25 16
      config_panel.toml
  2. 2 2
      manifest.json
  3. 31 201
      scripts/config

+ 25 - 16
config_panel.toml
View File 

@@ -14,16 +14,16 @@ name = "Auto-configuration"
 
         [main.cube.service_enabled]
 
         ask = "Enable VPN"
 
         type = "boolean"
 
-        choices = ["on", "off"]
 
-        default = "off"
 
-        help = "If you select 'off' your VPN will not run even if you restart your server"
 
+        default = 0
 
+        help = "If you disable, your VPN will not run even if you restart your server"
 
 
         [main.cube.cube_file]
 
         ask = "Load a cube File"
 
         type = "file"
 
         optional = true
 
         default = ""
 
-        helpLink = "<a href='' target='_BLANK'>See the list of .cube file providers</a><br><a href='https://labriqueinter.net/dotcubefiles.html' target='_BLANK'>Info about cube file format</a>"
 
+        accept = ".cube"
 
+        helpLink = { href = "https://labriqueinter.net/dotcubefiles.html", text = "Info about cube file format" }
 
         
 [manual]
 
 name = "Manual configuration"
 
@@ -33,7 +33,7 @@ name = "Manual configuration"
 
         
         [manual.vpn.warning]
 
         ask = "If you have not a .cube file you can configure your VPN manually.<br/>IMPORTANT: this app only supports fixed and dedicated public ip VPNs."
 
-        helpLink = "<a href='' target='_BLANK'>See the list of public ip vpn providers</a>"
 
+        helpLink = { href = "https://labriqueinter.net/dotcubefiles.html", text = "See the list of public ip vpn providers" }
 
         type = "warning"
 
 
         
@@ -49,8 +49,8 @@ name = "Manual configuration"
 
         ask = "Server Port"
 
         type = "number"
 
         default = "1194"
 
-        min = "1"
 
-        max = "65535"
 
+        min = 1
 
+        max = 65535
 
         help = "Default openvpn port is 1194. If your server is connected to a restricted network and if your VPN provider support it, set 443 should work better."
 
         
         [manual.vpn.server_proto]
 
@@ -59,31 +59,38 @@ name = "Manual configuration"
 
         default = "udp"
 
         help = "UDP is preferred for performance reason. If your server is connected to a restricted network, and UDP does not work, try with TCP."
 
         
-        [manual.vpn.server_ip6]
 
+        [manual.vpn.ip4_addr]
 
+        ask = "IPv4"
 
+        type = "string"
 
+        default = ""
 
+        example = "141.125.36.75"
 
+        
+        [manual.vpn.ip6_net]
 
         ask = "Delegated prefix (IPv6)"
 
         type = "string"
 
         default = ""
 
         optional = true
 
+        example = "2001:db8:42::"
 
         pattern = "^[0-9a-fA-F:]+$"
 
 
     [manual.auth]
 
     name = "Authentication"
 
         
-        [manual.auth.server_ca]
 
+        [manual.auth.crt_server_ca]
 
         ask = "Update Server CA"
 
         type = "file"
 
         default = ""
 
-        optional = true
 
         help = "You should upload a CA certificate to start"
 
         source="/etc/openvpn/keys/ca-server.crt"
 
         
-        [manual.auth.crt]
 
+        [manual.auth.crt_client]
 
         ask = "Update Client Certificate"
 
         type = "file"
 
         default = ""
 
+        optional = true
 
         source="/etc/openvpn/keys/user.crt"
 
         
-        [manual.auth.key]
 
+        [manual.auth.crt_client_key]
 
         ask = "Update Client Key"
 
         type = "file"
 
         default = ""
 
@@ -92,17 +99,19 @@ name = "Manual configuration"
 
         example = "-----BEGIN PRIVATE KEY-----"
 
         source="/etc/openvpn/keys/user.key"
 
         
-        [manual.auth.ta]
 
+        [manual.auth.crt_client_ta]
 
         ask = "Upload Shared-Secret"
 
         type = "file"
 
         default = ""
 
         optional = true
 
+        example = "ta.key"
 
         source="/etc/openvpn/keys/user_ta.key"
 
         
         [manual.auth.login_user]
 
         ask = "Username"
 
         type = "string"
 
         default = ""
 
+        example = "camille"
 
         optional = true
 
         pattern = "^[^/ ]+$"
 
         
@@ -110,7 +119,7 @@ name = "Manual configuration"
 
         ask = "Password"
 
         type = "password"
 
         default = ""
 
-        optional = true
 
+        visibleif = "login_user"
 
 
     [manual.dns]
 
     name = "DNS"
 
@@ -118,14 +127,14 @@ name = "Manual configuration"
 
         [manual.dns.dns0]
 
         ask = "First resolver"
 
         type = "string"
 
-        default = ""
 
+        default = "89.234.141.66"
 
         optional = true
 
         pattern = "^([0-9.]{8,16}|[0-9a-fA-F:]+)$"
 
 
         [manual.dns.dns1]
 
         ask = "Second resolver"
 
         type = "string"
 
-        default = ""
 
+        default = "2a00:5881:8100:1000::3"
 
         optional = true
 
         pattern = "^([0-9.]{8,16}|[0-9a-fA-F:]+)$"

+ 2 - 2
manifest.json
View File 

@@ -6,7 +6,7 @@
 
     "en": "Tunnel the internet traffic through a VPN",
 
     "fr": "Fait passer le trafic internet à travers un VPN"
 
   },
 
-  "version": "1.4.1~ynh3",
 
+  "version": "1.4.1~ynh4",
 
   "url": "https://labriqueinter.net",
 
   "license": "AGPL-3.0",
 
   "maintainer": {
 
@@ -15,7 +15,7 @@
 
   },
 
   "multi_instance": false,
 
   "requirements": {
 
-    "yunohost": ">= 4.0"
 
+    "yunohost": ">= 4.2"
 
   },
 
   "services": [
 
     "nginx",

+ 31 - 201
scripts/config
View File 

@@ -10,165 +10,19 @@ source _common.sh
 
 source /usr/share/yunohost/helpers
 
 
 #=================================================
 
-# RETRIEVE ARGUMENTS
 
+# MANAGE SCRIPT FAILURE
 
 #=================================================
 
 
-app=$YNH_APP_INSTANCE_NAME
 
+# Exit if an error occurs during the execution of the script
 
+ynh_abort_if_errors
 
 
-final_path=$(ynh_app_setting_get $app final_path)
 
-#=================================================
 
-# SPECIFIC CODE
 
 #=================================================
 
-# DECLARE GENERIC FUNCTION
 
+# RETRIEVE ARGUMENTS
 
 #=================================================
 
 
-lowerdot_to_uppersnake() {
 
-    local lowerdot
 
-    lowerdot=$(echo "$1" | cut -d= -f1 | sed "s/\./_/g")
 
-    echo "${lowerdot^^}"
 
-}
 
-
 
-_ynh_panel_get() {
 
-    
-    # From settings
 
-    local params_sources
 
-    params_sources=`python << EOL
 
-import toml
 
-from collections import OrderedDict
 
-with open("/etc/yunohost/apps/vpnclient/config_panel.toml", "r") as f:
 
-    file_content = f.read()
 
-loaded_toml = toml.loads(file_content, _dict=OrderedDict)
 
-
 
-for panel_name,panel in loaded_toml.items():
 
-    if isinstance(panel, dict):
 
-        for section_name, section in panel.items():
 
-            if isinstance(section, dict):
 
-                for name, param in section.items():
 
-                    if isinstance(param, dict) and param.get('source', '') == 'settings':
 
-                        print("%s.%s.%s=%s" %(panel_name, section_name, name, param.get('source', 'settings')))
 
-EOL
 
-`
 
-    for param_source in params_sources
 
-    do
 
-        local _dot_setting=$(echo "$param_source" | cut -d= -f1)
 
-        local _snake_setting="YNH_CONFIG_$(lowerdot_to_uppersnake $dot_setting)"
 
-        local short_setting=$(echo "$_dot_setting" | cut -d. -f3)
 
-        local _getter="get__${short_setting}"
 
-        local source="$(echo $param_source | cut -d= -f2)"
 
-
 
-        # Get value from getter if exists
 
-        if type $getter | grep -q '^function$' 2>/dev/null; then
 
-            old[$short_setting]="$($getter)"
 
-
 
-        # 
-        elif [[ "$source" != "settings" ]]
 
-        then
 
-            old[$short_setting]="$source"
 
-        
-        # By default, get value from settings.yml
 
-        else
 
-            old[$short_setting]="$(ynh_app_setting_get $app $short_setting)"
 
-        fi
 
-
 
-    done
 
-    
-    
-}
 
-
 
-_ynh_panel_apply() {
 
-    for short_setting in "${!dot_settings[@]}"
 
-    do
 
-        local setter="set__${short_setting}"
 
-        local source="$sources[$short_setting]"
 
-        
-        # Apply setter if exists
 
-        if type $setter | grep -q '^function$' 2>/dev/null; then
 
-            $setter
 
-
 
-        # Copy file in right place 
-        elif [[ "$source" != "settings" ]]
 
-        then
 
-            cp "$new[$short_setting]" "$source"
 
-
 
-        # By default, set value into settings.yml
 
-        else
 
-            ynh_app_setting_get $app $short_setting "$new[$short_setting]"
 
-        fi
 
-    done
 
-}
 
-
 
-_ynh_panel_show() {
 
-    for short_setting in "${!old[@]}"
 
-    do
 
-        local key="YNH_CONFIG_$(lowerdot_to_uppersnake $dot_settings[$short_setting])"
 
-	    ynh_return "$key=${old[$short_setting]}"
 
-    done
 
-}
 
-
 
-_ynh_panel_validate() {
 
-    # Change detection
 
-    local is_error=true
 
-    #for changed_status in "${!changed[@]}"
 
-    for short_setting in "${!dot_settings[@]}"
 
-    do
 
-        #TODO file hash
 
-                file_hash[$setting]=$(sha256sum "$_source" | cut -d' ' -f1)
 
-                file_hash[$form_setting]=$(sha256sum "${!form_setting}" | cut -d' ' -f1)
 
-                if [[ "${file_hash[$setting]}" != "${file_hash[$form_setting]}" ]]
 
-                then
 
-                    changed[$setting]=true
 
-                fi
 
-        if [[ "$new[$short_setting]" == "$old[$short_setting]" ]]
 
-        then
 
-            changed[$short_setting]=false
 
-        else
 
-            changed[$short_setting]=true
 
-            is_error=false
 
-        fi
 
-    done
 
-    
-    # Run validation if something is changed
 
-    if [[ "$is_error" == "false" ]]
 
-    then
 
-
 
-        for short_setting in "${!dot_settings[@]}"
 
-        do
 
-            local result="$(validate__$short_setting)"
 
-            local key="YNH_ERROR_$(lowerdot_to_uppersnake $dot_settings[$short_setting])"
 
-            if [ -n "$result" ]
 
-            then
 
-                ynh_return "$key=$result"
 
-                is_error=true
 
-            fi
 
-        done
 
-    fi
 
-
 
-    if [[ "$is_error" == "true" ]]
 
-    then
 
-        ynh_die
 
-    fi 
-    
-}
 
-
 
-ynh_panel_init() {
 
-    declare -A old=()
 
-    declare -A changed=()
 
-    declare -A file_hash=()
 
-    
-    ynh_panel_get
 
-}
 
-
 
-ynh_panel_show() {
 
-    _ynh_panel_show
 
-}
 
-
 
-ynh_panel_validate() {
 
-    _ynh_panel_validate
 
-}
 
+app=$YNH_APP_INSTANCE_NAME
 
 
-ynh_panel_apply() {
 
-    _ynh_panel_apply
 
-}
 
+final_path=$(ynh_app_setting_get $app final_path)
 
 
 #=================================================
 
 # SPECIFIC GETTERS FOR TOML SHORT KEY
 
@@ -202,47 +56,40 @@ get__login_passphrase() {
 
 # SPECIFIC VALIDATORS FOR TOML SHORT KEYS
 
 #=================================================
 
 validate__login_user() {
 
-    [[ -n "$login_passphrase" && -z "$login_user" ]] &&
 
+    [[ -n "${new[login_passphrase]}" && -z "${new[login_user]}" ]] &&
 
         echo 'A Username is needed when you suggest a Password'
 
 }
 
 
 validate__login_passphrase() {
 
-    [[ -n "$login_user" && -z "$login_passphrase" ]] &&
 
+    [[ -n "${new[login_user]}" && -z "${new[login_passphrase]}" ]] &&
 
         echo 'A Password is needed when you suggest a Username'
 
 }
 
 
 validate__crt() {
 
-    [[ -n "$key" && -z "$crt" ]] &&
 
+    [[ -n "${new[key]}" && -z "${new[crt]}" ]] &&
 
         echo "A Client Certificate is needed when you suggest a Key"
 
 }
 
 
 validate__key() {
 
-    [[ -n "$crt" && -z "$key" ]] &&
 
+    [[ -n "${new[crt]}" && -z "${new[key]}" ]] &&
 
         echo "A Key is needed when you suggest a Client Certificate"
 
 }
 
 
 # TODO
 
-validate__server_ip6() {
 
-    $ipv6_expanded=$(ipv6_expanded "$server_ip6")
 
-    if [[ -z "$ipv6_expanded" ]]
 
+validate__ip6_net() {
 
+    if [[ -z "${new[ip6_net]}" ]]
 
     then 
-        echo 'The IPv6 Delegated Prefix format looks bad'
 
+        echo 'The IPv6 Delegated Prefix is empty'
 
     fi
 
-
 
-    #        $ip6_blocs = explode(':', $ip6_net);
 
-    #    $ip6_addr = "${ip6_blocs[0]}:${ip6_blocs[1]}:${ip6_blocs[2]}:${ip6_blocs[3]}:${ip6_blocs[4]}:${ip6_blocs[5]}:${ip6_blocs[6]}:42";
 
-
 
-    #    $ip6_net = ipv6_compressed($ip6_net);
 
-    #    $ip6_addr = ipv6_compressed($ip6_addr);
 
 }
 
 
 #=================================================
 
 # SPECIFIC SETTERS FOR TOML SHORT KEYS
 
 #=================================================
 
 set__login_user() {
 
-    if [ -z "$login_user" ]
 
+    if [ -z "${new[login_user]}" ]
 
     then
 
-        echo "$login_user\n$login_passphrase" > /etc/openvpn/keys/credentials 
+        echo "${new[login_user]}\n${new[login_passphrase]}" > /etc/openvpn/keys/credentials 
     else
 
         echo "" > /etc/openvpn/keys/credentials
 
     fi
 
@@ -254,7 +101,7 @@ set__login_passphrase() {
 
 
 # TODO
 
 set__cube_file() {
 
-    if [ -f "$cube_file" ]
 
+    if [ -f "${new[cube_file]}" ]
 
     then
 
         cp -f $tmp_dir/client.conf.tpl /etc/openvpn/client.conf.tpl
 
     fi
 
@@ -264,15 +111,16 @@ set__cube_file() {
 
 # OVERWRITING VALIDATE STEP 
 #=================================================
 
 ynh_panel_validate() {
 
-    
+    set +x 
     # Overwrite form response with cube files data before validation process
 
-    if [[ "$cube_file" ]]
 
+    if [ -f "${new[cube_file]}" ]
 
     then
 
-        # TODO
 
         declare -A settings
 
         settings[server_name]=""
 
         settings[server_port]=""
 
         settings[server_proto]=""
 
+        settings[ip6_net]=""
 
+        settings[ip4_addr]=""
 
         settings[login_user]=""
 
         settings[login_passphrase]=""
 
         settings[dns0]=""
 
@@ -282,45 +130,39 @@ ynh_panel_validate() {
 
         settings[crt_client_key]="file"
 
         settings[crt_client_ta]="file"
 
 
-        tmp_dir=$(dirname "$cube_file")
 
+        tmp_dir=$(dirname "${new[cube_file]}")
 
         for setting_name in "${!settings[@]}"
 
         do
 
-            setting_value="$(jq --raw-output '.$setting_name' '$cube_file')"
 
+            setting_value="$(jq --raw-output ".$setting_name" "${new[cube_file]}")"
 
             if [[ "$setting_value" == "null" ]]
 
             then
 
                 setting_value=''
 
             # Save file in tmp dir
 
             elif [[ "${settings[$setting_name]}" == "file" ]]
 
             then
 
-                echo "${settings[$setting_name]}" | sed s/|/\n/g > $tmp_dir/$setting_name
 
+                echo "${settings[$setting_name]}" | sed 's/|/\n/g' > $tmp_dir/$setting_name
 
                 setting_value="$tmp_dir/$setting_name"
 
             fi
 
 
-            # Change settings value and changed status if needed
 
-            if [[ "$setting_value" != "${!setting}" ]]
 
-            then
 
-                declare "$setting='$setting_value'"
 
-                changed[$setting]=false
 
-                if [[ "$setting_value" != "${old[$setting]}" ]]
 
-                then
 
-                    changed[$setting]=true
 
-                fi
 
-            fi
 
+            new[$setting_name]="$setting_value"
 
         done
 
         
         # Build specific OVPN template
 
         cp -f /etc/openvpn/client.conf.tpl.restore $tmp_dir/client.conf.tpl
 
         # Remove some lines
 
-        for rm_regex in "$(jq --raw-output '.openvpn_rm[]' '$cube_file')"
 
+        for rm_regex in "$(jq --raw-output '.openvpn_rm[]' "${new[cube_file]}")"
 
         do
 
-            sed -i "/$rm_regex/di" $tmp_dir/client.conf.tpl
 
+            if [ ! -z "${rm_regex}" ] ; then
 
+                sed -i "/$rm_regex/di" $tmp_dir/client.conf.tpl
 
+            fi
 
         done
 
 
         # Add some other lines
 
         echo "# Custom" >> $tmp_dir/client.conf.tpl
 
-        jq --raw-output ".openvpn_add[]" "$cube_file" >> $tmp_dir/client.conf.tpl
 
+        jq --raw-output ".openvpn_add[]" "${new[cube_file]}" >> $tmp_dir/client.conf.tpl
 
     fi
 
 
+    set -x
 
     _ynh_panel_validate
 
 }
 
 
@@ -341,16 +183,4 @@ ynh_panel_apply() {
 
 
 }
 
 
-#=================================================
 
-# GENERIC FINALIZATION
 
-#=================================================
 
-# Please don't change that code.
 
-# You can overwrite these functions if you need it
 
-#=================================================
 
-
 
-ynh_panel_init
 
-case $1 in
 
-  show) ynh_panel_show;;
 
-  apply) ynh_panel_validate && ynh_panel_apply;;
 
-esac
 
-
 
+ynh_panel_run $1