<?xml version="1.0"?> <interfaceDefinition> <node name="generate"> <children> <node name="openvpn"> <properties> <help>OpenVPN key generation tool</help> </properties> <children> <tagNode name="key"> <properties> <help>Generate shared-secret key with specified file name</help> <completionHelp> <list><filename></list> </completionHelp> </properties> <command> result=1; key_path=$4 full_path= # Prepend /config/auth if the path is not absolute if echo $key_path | egrep -ve '^/.*' > /dev/null; then full_path=/config/auth/$key_path else full_path=$key_path fi key_dir=`dirname $full_path` if [ ! -d $key_dir ]; then echo "Directory $key_dir does not exist!" exit 1 fi echo "Generating OpenVPN key to $full_path" sudo /usr/sbin/openvpn --genkey --secret "$full_path" result=$? if [ $result = 0 ]; then echo "Your new local OpenVPN key has been generated" fi /usr/libexec/vyos/validators/file-exists --directory /config/auth "$full_path" </command> </tagNode> </children> </node> </children> </node> <node name="reset"> <properties> <help>Reset a service</help> </properties> <children> <node name="openvpn"> <children> <tagNode name="client"> <properties> <help>Reset specified OpenVPN client</help> <completionHelp> <script>sudo ${vyos_completion_dir}/list_openvpn_clients.py --all</script> </completionHelp> </properties> <command>echo kill $4 | socat - UNIX-CONNECT:/tmp/openvpn-mgmt-intf > /dev/null</command> </tagNode> <tagNode name="interface"> <properties> <help>Reset OpenVPN process on interface</help> <completionHelp> <script>sudo ${vyos_completion_dir}/list_interfaces.py --type openvpn</script> </completionHelp> </properties> <command>sudo ${vyos_op_scripts_dir}/reset_openvpn.py $4</command> </tagNode> </children> </node> </children> </node> <node name="show"> <children> <node name="interfaces"> <children> <node name="openvpn"> <properties> <help>Show OpenVPN interface information</help> </properties> <children> <leafNode name="detail"> <properties> <help>Show detailed OpenVPN interface information</help> </properties> <command>${vyos_op_scripts_dir}/show_interfaces.py --intf-type=openvpn --action=show</command> </leafNode> </children> </node> <tagNode name="openvpn"> <properties> <help>Show OpenVPN interface information</help> <completionHelp> <script>sudo ${vyos_completion_dir}/list_interfaces.py --type openvpn</script> </completionHelp> </properties> <command>${vyos_op_scripts_dir}/show_interfaces.py --intf=$4</command> <children> <leafNode name="brief"> <properties> <help>Show summary of specified OpenVPN interface information</help> </properties> <command>${vyos_op_scripts_dir}/show_interfaces.py --intf="$4" --action=show-brief</command> </leafNode> </children> </tagNode> </children> </node> <node name="openvpn"> <properties> <help>Show OpenVPN information</help> </properties> <children> <leafNode name="client"> <properties> <help>Show tunnel status for OpenVPN client interfaces</help> </properties> <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=client</command> </leafNode> <leafNode name="server"> <properties> <help>Show tunnel status for OpenVPN server interfaces</help> </properties> <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=server</command> </leafNode> <leafNode name="site-to-site"> <properties> <help>Show tunnel status for OpenVPN site-to-site interfaces</help> </properties> <command>sudo ${vyos_op_scripts_dir}/show_openvpn.py --mode=site-to-site</command> </leafNode> </children> </node> </children> </node> </interfaceDefinition>