<?xml version="1.0"?>
<interfaceDefinition>
  <node name="generate">
    <children>
      <node name="openvpn">
        <properties>
          <help>OpenVPN key generation tool</help>
        </properties>
        <children>
          <tagNode name="key">
            <properties>
              <help>Generate shared-secret key with specified file name</help>
              <completionHelp>
                <list>&lt;filename&gt;</list>
              </completionHelp>
            </properties>
            <command>
            result=1;
            key_path=$4
            full_path=

            if echo $key_path | egrep -ve '^/.*' &gt; /dev/null; then
                full_path=/config/auth/$key_path
            else
                full_path=$key_path
            fi

            key_dir=`dirname $full_path`
            if [ ! -d $key_dir ]; then
                echo "Directory $key_dir does not exist!"
                exit 1
            fi

            echo "Generating OpenVPN key to $full_path"
            sudo /usr/sbin/openvpn --genkey secret "$full_path"
            result=$?
            if [ $result = 0 ]; then
              echo "Your new local OpenVPN key has been generated"
            fi
            /usr/libexec/vyos/validators/file-exists --directory /config/auth "$full_path"
          </command>
          </tagNode>
        </children>
      </node>
    </children>
  </node>
  <node name="reset">
    <children>
      <node name="openvpn">
        <properties>
          <help>Reset OpenVPN client/server connections</help>
        </properties>
        <children>
          <tagNode name="client">
            <properties>
              <help>Reset specified OpenVPN client</help>
              <completionHelp>
                <script>sudo ${vyos_completion_dir}/list_openvpn_clients.py --all</script>
              </completionHelp>
            </properties>
            <command>echo kill $4 | socat - UNIX-CONNECT:/run/openvpn/openvpn-mgmt-intf &gt; /dev/null</command>
          </tagNode>
          <tagNode name="interface">
            <properties>
              <help>Reset OpenVPN process on interface</help>
              <completionHelp>
                <script>sudo ${vyos_completion_dir}/list_interfaces.py --type openvpn</script>
              </completionHelp>
            </properties>
            <command>sudo ${vyos_op_scripts_dir}/reset_openvpn.py $4</command>
          </tagNode>
        </children>
      </node>
    </children>
  </node>
  <node name="show">
    <children>
      <node name="interfaces">
        <children>
          <node name="openvpn">
            <properties>
              <help>Show OpenVPN interface information</help>
            </properties>
            <children>
              <leafNode name="detail">
                <properties>
                  <help>Show detailed OpenVPN interface information</help>
                </properties>
                <command>${vyos_op_scripts_dir}/show_interfaces.py --intf-type=openvpn --action=show</command>
              </leafNode>
            </children>
          </node>
          <tagNode name="openvpn">
            <properties>
              <help>Show OpenVPN interface information</help>
              <completionHelp>
                <script>sudo ${vyos_completion_dir}/list_interfaces.py --type openvpn</script>
              </completionHelp>
            </properties>
            <command>${vyos_op_scripts_dir}/show_interfaces.py --intf=$4</command>
            <children>
              <leafNode name="brief">
                <properties>
                  <help>Show summary of specified OpenVPN interface information</help>
                </properties>
                <command>${vyos_op_scripts_dir}/show_interfaces.py --intf="$4" --action=show-brief</command>
              </leafNode>
            </children>
          </tagNode>
        </children>
      </node>
      <node name="openvpn">
        <properties>
          <help>Show OpenVPN information</help>
        </properties>
        <children>
          <leafNode name="client">
            <properties>
              <help>Show tunnel status for OpenVPN client interfaces</help>
            </properties>
            <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=client</command>
          </leafNode>
          <leafNode name="server">
            <properties>
              <help>Show tunnel status for OpenVPN server interfaces</help>
            </properties>
            <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=server</command>
          </leafNode>
          <leafNode name="site-to-site">
            <properties>
              <help>Show tunnel status for OpenVPN site-to-site interfaces</help>
            </properties>
            <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=site-to-site</command>
          </leafNode>
        </children>
      </node>
    </children>
  </node>
</interfaceDefinition>