Home Explore Help
Sign In
labriqueinternet
/
vpnclient_ynh
mirror of https://github.com/labriqueinternet/vpnclient_ynh
3
0
Fork 0
Files
Branch: master
Branches Tags
vpnclient_ynh
/
config_panel.toml

config_panel.toml 5.1 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139 
  1. version = "1.0"
    2. 

  2. 

  3. [main]
    4. 

  4. name = "Auto-configuration"
    5. 

  5. 

  6.     [main.vpn]
    7. 

  7.     name = ""
    8. 

  8.     optional = false
    9. 

  9. 

  10.         [main.vpn.status]
    11. 

  11.         ask = "The status of your VPN is unknown."
    12. 

  12.         type = "alert"
    13. 

  13.         style = "info"
    14. 

  14. 

  15.         [main.vpn.service_enabled]
    16. 

  16.         ask = "Enable VPN"
    17. 

  17.         type = "boolean"
    18. 

  18.         help = "If disabled, the VPN service will not automatically be started at boot."
    19. 

  19. 

  20.         [main.vpn.doc]
    21. 

  21.         ask.en = "VPNclient only interfaces with *dedicated, public IP VPNs accepting inbound traffic*, preferably with an associated `.cube` (or `.ovpn/.conf`) configuration file. Checkout the [list of known compatible providers](https://yunohost.org/providers/vpn) for more info."
    22. 

  22.         ask.fr = "VPNclient est prévu pour fonctionner avec des *VPN dédiés et à IP publique qui acceptent le traffic entrant*, et de préférence avec un fichier de configuration `.cube` (ou `.ovpn/.conf`) associé. Consultez [la liste des fournisseurs connus et compatibles](https://yunohost.org/providers/vpn) pour plus d'infos."
    23. 

  23.         type = "alert"
    24. 

  24.         style = "info"
    25. 

  25. 

  26.         [main.vpn.config_file]
    27. 

  27.         ask = "Configuration file"
    28. 

  28.         type = "file"
    29. 

  29.         accept = [".cube", ".ovpn", ".conf", "application/json", "text/plain"]
    30. 

  30.         help = ".cube file recommended, .ovpn file accepted"
    31. 

  31.         bind = "/etc/openvpn/client.conf"
    32. 

  32.         redact = true
    33. 

  33. 

  34.         [main.vpn.config_template]
    35. 

  35.         type = "file"
    36. 

  36.         bind = "/etc/openvpn/client.conf.tpl"
    37. 

  37.         redact = true
    38. 

  38.         optional = true
    39. 

  39.         visible = false
    40. 

  40. 

  41.         [main.vpn.cube_file]
    42. 

  42.         type = "file"
    43. 

  43.         bind = "/etc/openvpn/client.cube"
    44. 

  44.         redact = true
    45. 

  45.         optional = true
    46. 

  46.         visible = false
    47. 

  47. 

  48.         [main.vpn.ovpn_file]
    49. 

  49.         type = "file"
    50. 

  50.         bind = "/etc/openvpn/client.ovpn"
    51. 

  51.         redact = true
    52. 

  52.         optional = true
    53. 

  53.         visible = false
    54. 

  54. 

  55.     [main.auth]
    56. 

  56.     name = "Authentication"
    57. 

  57.     optional = true
    58. 

  58.     visible = 'config_file && ((match(config_file,"^\s*ca\s") && ! match(config_file,"^\s*<ca>")) || (match(config_file,"^\s*cert\s") && ! match(config_file,"^\s*<cert>")) || (match(config_file,"^\s*key\s") && ! match(config_file,"^\s*<key>")) || (match(config_file,"^\s*tls-auth\s") && ! match(config_file,"^\s*<tls-auth>")) || match(config_file,"^\s*auth-user-pass(\s.*)?$"))'
    59. 

  59. 

  60.         [main.auth.crt_server_ca]
    61. 

  61.         ask = "Update Server CA"
    62. 

  62.         type = "file"
    63. 

  63.         bind = "/etc/openvpn/keys/ca-server.crt"
    64. 

  64.         visible = 'config_file && match(config_file,"^\s*ca\s") && ! match(config_file,"^\s*<ca>")'
    65. 

  65. 

  66.         [main.auth.crt_client]
    67. 

  67.         ask = "Update Client Certificate"
    68. 

  68.         type = "file"
    69. 

  69.         bind = "/etc/openvpn/keys/user.crt"
    70. 

  70.         visible = 'config_file && match(config_file,"^\s*cert\s") && ! match(config_file,"^\s*<cert>")'
    71. 

  71. 

  72.         [main.auth.crt_client_key]
    73. 

  73.         ask = "Update Client Key"
    74. 

  74.         type = "file"
    75. 

  75.         help = "This file begins with -----BEGIN PRIVATE KEY-----"
    76. 

  76.         bind = "/etc/openvpn/keys/user.key"
    77. 

  77.         visible = 'config_file && match(config_file,"^\s*key\s") && ! match(config_file,"^\s*<key>")'
    78. 

  78.         redact = true
    79. 

  79. 

  80.         [main.auth.login_user]
    81. 

  81.         ask = "Username"
    82. 

  82.         type = "string"
    83. 

  83.         example = "camille"
    84. 

  84.         pattern.regexp = '^[a-zA-Z0-9_\-\\\.@]+$'
    85. 

  85.         pattern.error = "OpenVPN accept only alphabetic chars and -_\\.@"
    86. 

  86.         visible = 'config_file && match(config_file,"^\s*auth-user-pass\s")'
    87. 

  87. 

  88.         [main.auth.login_passphrase]
    89. 

  89.         ask = "Password"
    90. 

  90.         type = "password"
    91. 

  91.         visible = 'config_file && match(config_file,"^\s*auth-user-pass(\s.*)?$")'
    92. 

  92. 

  93.         [main.auth.crt_client_ta]
    94. 

  94.         ask = "TLS Auth shared secret"
    95. 

  95.         type = "file"
    96. 

  96.         example = "ta.key"
    97. 

  97.         help = "Some servers have an additional protection agains Deny of Service attack. If you have no tls-auth key in your ovpn, skip this question."
    98. 

  98.         bind = "/etc/openvpn/keys/user_ta.key"
    99. 

  99.         visible = 'config_file && match(config_file,"^\s*tls-auth\s") && ! match(config_file,"^\s*<tls-auth>")'
    100. 

  100.         redact = true
    101. 

  101. 

  102. [advanced]
    103. 

  103. name = "DNS & IPv6"
    104. 

  104.     [advanced.dns]
    105. 

  105.     name = "DNS"
    106. 

  106. 

  107.         [advanced.dns.dns_method]
    108. 

  108.         ask = "DNS resolvers"
    109. 

  109.         type = "select"
    110. 

  110.         choices.yunohost = "Default DNS resolvers from YunoHost"
    111. 

  111.         choices.custom = "Use custom DNS resolvers"
    112. 

  112. 

  113.         [advanced.dns.nameservers]
    114. 

  114.         ask = "Custom DNS resolvers"
    115. 

  115.         type = "tags"
    116. 

  116.         optional = true
    117. 

  117.         visible = "dns_method == 'custom'"
    118. 

  118.         pattern.regexp = "^([0-9.]{7,15}|[0-9a-fA-F:]+)$"
    119. 

  119.         pattern.error = "Not an ip"
    120. 

  120. 

  121.     [advanced.ipv6]
    122. 

  122.     name = "IPv6"
    123. 

  123. 

  124.         [advanced.ipv6.ip6_net]
    125. 

  125.         ask = "IPv6 prefix"
    126. 

  126.         type = "string"
    127. 

  127.         optional = true
    128. 

  128.         example = "2001:db8:42::"
    129. 

  129.         pattern.regexp = "^[0-9a-fA-F:]+$"
    130. 

  130.         pattern.error = "Please provide a valid IPv6 Prefix"
    131. 

  131. 

  132.         [advanced.ipv6.ip6_addr]
    133. 

  133.         ask = "IPv6"
    134. 

  134.         type = "string"
    135. 

  135.         optional = true
    136. 

  136.         example = "2001:db8:42::2"
    137. 

  137.         help = "If no IPv6 address is pushed directly by your VPN provider, you can indicate a specific IP to use here."
    138. 

  138.         pattern.regexp = "^[0-9a-fA-F:]+$"
    139. 

  139.         pattern.error = "Please provide a valid IPv6"
    140.