diff options
| author | Christian Poessinger <christian@poessinger.com> | 2019-08-17 02:21:14 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-08-17 02:21:14 +0200 |
| commit | e5989f379c77a161822abc3581ca10167b4ae642 (patch) | |
| tree | 1d6b0535af32369d94b63527b8413bc41406c4f4 /op-mode-definitions | |
| parent | ac463fe7974eddce11d1983bf9bb1d8e020ad454 (diff) | |
| parent | e11d7b58ad89eb50e3de7e1c0516e707baff07a4 (diff) | |
| download | vyos-1x-e5989f379c77a161822abc3581ca10167b4ae642.tar.gz vyos-1x-e5989f379c77a161822abc3581ca10167b4ae642.zip | |
Merge pull request #107 from c-po/t1548-openvpn
T1548 openvpn
Diffstat (limited to 'op-mode-definitions')
| -rw-r--r-- | op-mode-definitions/openvpn.xml | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/op-mode-definitions/openvpn.xml b/op-mode-definitions/openvpn.xml new file mode 100644 index 000000000..4a7f985e9 --- /dev/null +++ b/op-mode-definitions/openvpn.xml @@ -0,0 +1,74 @@ +<?xml version="1.0"?> +<interfaceDefinition> + <node name="generate"> + <children> + <node name="openvpn"> + <properties> + <help>OpenVPN key generation tool</help> + </properties> + <children> + <tagNode name="key"> + <properties> + <help>Generate shared-secret key with specified file name</help> + <completionHelp> + <list><filename></list> + </completionHelp> + </properties> + <command> + result=1; + key_path=$4 + full_path= + + # Prepend /config/auth if the path is not absolute + if echo $key_path | egrep -ve '^/.*' > /dev/null; then + full_path=/config/auth/$key_path + else + full_path=$key_path + fi + + key_dir=`dirname $full_path` + if [ ! -d $key_dir ]; then + echo "Directory $key_dir does not exist!" + exit 1 + fi + + echo "Generating OpenVPN key to $full_path" + sudo /usr/sbin/openvpn --genkey --secret "$full_path" + result=$? + if [ $result = 0 ]; then + echo "Your new local OpenVPN key has been generated" + fi + /usr/libexec/vyos/validators/file-exists --directory /config/auth "$full_path" + </command> + </tagNode> + </children> + </node> + </children> + </node> + <node name="reset"> + <children> + <node name="openvpn"> + <children> + <tagNode name="client"> + <properties> + <help>Reset specified OpenVPN client</help> + <completionHelp> + <script>sudo ${vyos_completion_dir}/list_openvpn_clients.py --all</script> + </completionHelp> + </properties> + <command>echo kill $4 | socat - UNIX-CONNECT:/tmp/openvpn-mgmt-intf > /dev/null</command> + </tagNode> + <tagNode name="interface"> + <properties> + <help>Reset OpenVPN process on interface</help> + <completionHelp> + <script>sudo ${vyos_completion_dir}/list_interfaces.py --type openvpn</script> + </completionHelp> + </properties> + <command>sudo kill -SIGUSR1 $(cat /var/run/openvpn/$4.pid)</command> + </tagNode> + </children> + </node> + </children> + </node> +</interfaceDefinition> |