From e982b78f24d1dca3d2bc92a39b8e9fcf35b39a37 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sat, 9 Jan 2021 14:31:48 +0100
Subject: xml: op-mode: add preprocessor support as known from configuration
 mode

---
 op-mode-definitions/openvpn.xml.in | 139 +++++++++++++++++++++++++++++++++++++
 1 file changed, 139 insertions(+)
 create mode 100644 op-mode-definitions/openvpn.xml.in

(limited to 'op-mode-definitions/openvpn.xml.in')

diff --git a/op-mode-definitions/openvpn.xml.in b/op-mode-definitions/openvpn.xml.in
new file mode 100644
index 000000000..e9420904a
--- /dev/null
+++ b/op-mode-definitions/openvpn.xml.in
@@ -0,0 +1,139 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+  <node name="generate">
+    <children>
+      <node name="openvpn">
+        <properties>
+          <help>OpenVPN key generation tool</help>
+        </properties>
+        <children>
+          <tagNode name="key">
+            <properties>
+              <help>Generate shared-secret key with specified file name</help>
+              <completionHelp>
+                <list>&lt;filename&gt;</list>
+              </completionHelp>
+            </properties>
+            <command>
+            result=1;
+            key_path=$4
+            full_path=
+
+            if echo $key_path | egrep -ve '^/.*' &gt; /dev/null; then
+                full_path=/config/auth/$key_path
+            else
+                full_path=$key_path
+            fi
+
+            key_dir=`dirname $full_path`
+            if [ ! -d $key_dir ]; then
+                echo "Directory $key_dir does not exist!"
+                exit 1
+            fi
+
+            echo "Generating OpenVPN key to $full_path"
+            sudo /usr/sbin/openvpn --genkey --secret "$full_path"
+            result=$?
+            if [ $result = 0 ]; then
+              echo "Your new local OpenVPN key has been generated"
+            fi
+            /usr/libexec/vyos/validators/file-exists --directory /config/auth "$full_path"
+          </command>
+          </tagNode>
+        </children>
+      </node>
+    </children>
+  </node>
+  <node name="reset">
+    <properties>
+      <help>Reset a service</help>
+    </properties>
+    <children>
+      <node name="openvpn">
+        <children>
+          <tagNode name="client">
+            <properties>
+              <help>Reset specified OpenVPN client</help>
+              <completionHelp>
+                <script>sudo ${vyos_completion_dir}/list_openvpn_clients.py --all</script>
+              </completionHelp>
+            </properties>
+            <command>echo kill $4 | socat - UNIX-CONNECT:/run/openvpn/openvpn-mgmt-intf &gt; /dev/null</command>
+          </tagNode>
+          <tagNode name="interface">
+            <properties>
+              <help>Reset OpenVPN process on interface</help>
+              <completionHelp>
+                <script>sudo ${vyos_completion_dir}/list_interfaces.py --type openvpn</script>
+              </completionHelp>
+            </properties>
+            <command>sudo ${vyos_op_scripts_dir}/reset_openvpn.py $4</command>
+          </tagNode>
+        </children>
+      </node>
+    </children>
+  </node>
+  <node name="show">
+    <children>
+      <node name="interfaces">
+        <children>
+          <node name="openvpn">
+            <properties>
+              <help>Show OpenVPN interface information</help>
+            </properties>
+            <children>
+              <leafNode name="detail">
+                <properties>
+                  <help>Show detailed OpenVPN interface information</help>
+                </properties>
+                <command>${vyos_op_scripts_dir}/show_interfaces.py --intf-type=openvpn --action=show</command>
+              </leafNode>
+            </children>
+          </node>
+          <tagNode name="openvpn">
+            <properties>
+              <help>Show OpenVPN interface information</help>
+              <completionHelp>
+                <script>sudo ${vyos_completion_dir}/list_interfaces.py --type openvpn</script>
+              </completionHelp>
+            </properties>
+            <command>${vyos_op_scripts_dir}/show_interfaces.py --intf=$4</command>
+            <children>
+              <leafNode name="brief">
+                <properties>
+                  <help>Show summary of specified OpenVPN interface information</help>
+                </properties>
+                <command>${vyos_op_scripts_dir}/show_interfaces.py --intf="$4" --action=show-brief</command>
+              </leafNode>
+            </children>
+          </tagNode>
+        </children>
+      </node>
+      <node name="openvpn">
+        <properties>
+          <help>Show OpenVPN information</help>
+        </properties>
+        <children>
+          <leafNode name="client">
+            <properties>
+              <help>Show tunnel status for OpenVPN client interfaces</help>
+            </properties>
+            <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=client</command>
+          </leafNode>
+          <leafNode name="server">
+            <properties>
+              <help>Show tunnel status for OpenVPN server interfaces</help>
+            </properties>
+            <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=server</command>
+          </leafNode>
+          <leafNode name="site-to-site">
+            <properties>
+              <help>Show tunnel status for OpenVPN site-to-site interfaces</help>
+            </properties>
+            <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=site-to-site</command>
+          </leafNode>
+        </children>
+      </node>
+    </children>
+  </node>
+</interfaceDefinition>
-- 
cgit v1.2.3