summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/vpn_l2tp.py70
1 files changed, 17 insertions, 53 deletions
diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py
index fa336f6de..fbccc93d1 100755
--- a/src/conf_mode/vpn_l2tp.py
+++ b/src/conf_mode/vpn_l2tp.py
@@ -18,7 +18,6 @@ import os
import re
from copy import deepcopy
-from socket import AF_INET, SOCK_STREAM, socket
from stat import S_IRUSR, S_IWUSR, S_IRGRP
from sys import exit
from time import sleep
@@ -27,19 +26,18 @@ from jinja2 import FileSystemLoader, Environment
from vyos.config import Config
from vyos.defaults import directories as vyos_data_dir
-from vyos.util import run
+from vyos.util import call
from vyos.validate import is_ipv4
from vyos import ConfigError
-pidfile = '/var/run/accel_l2tp.pid'
-l2tp_conf = '/etc/accel-ppp/l2tp/l2tp.config'
-l2tp_chap_secrets = '/etc/accel-ppp/l2tp/chap-secrets'
+l2tp_conf = '/etc/accel-ppp/l2tp.conf'
+l2tp_chap_secrets = '/etc/accel-ppp/l2tp.chap-secrets'
default_config_data = {
'auth_mode': 'local',
'auth_ppp_mppe': 'prefer',
'auth_proto': ['auth_mschap_v2'],
- 'chap_secrets_file': l2tp_chap_secrets,
+ 'chap_secrets_file': l2tp_chap_secrets, # used in Jinja2 template
'client_ip_pool': None,
'client_ip_subnets': [],
'client_ipv6_pool': {},
@@ -70,30 +68,6 @@ default_config_data = {
'thread_cnt': 1
}
-def chk_con():
- """
- Depending on hardware and threads, daemon needs a little to start if it
- takes longer than 100 * 0.5 secs, exception is being raised not sure if
- that's the best way to check it, but it worked so far quite well
- """
- cnt = 0
- s = socket(AF_INET, SOCK_STREAM)
- while True:
- try:
- s.connect(("127.0.0.1", 2004))
- break
- except ConnectionRefusedError:
- sleep(0.5)
- cnt += 1
- if cnt == 100:
- raise("failed to start l2tp server")
- break
-
-
-def _accel_cmd(command):
- return run(f'/usr/bin/accel-cmd -p 2004 {command}')
-
-
def get_config():
conf = Config()
base_path = ['vpn', 'l2tp', 'remote-access']
@@ -351,11 +325,6 @@ def generate(l2tp):
if not l2tp:
return None
- # Create configuration directory if it's non existent
- dirname = os.path.dirname(l2tp_conf)
- if not os.path.isdir(dirname):
- os.mkdir(dirname)
-
# Prepare Jinja2 template loader from files
tmpl_path = os.path.join(vyos_data_dir['data'], 'templates', 'l2tp')
fs_loader = FileSystemLoader(tmpl_path)
@@ -369,36 +338,31 @@ def generate(l2tp):
if l2tp['auth_mode'] == 'local':
tmpl = env.get_template('chap-secrets.tmpl')
config_text = tmpl.render(l2tp)
- with open(l2tp['chap_secrets_file'], 'w') as f:
+ with open(l2tp_chap_secrets, 'w') as f:
f.write(config_text)
- os.chmod(l2tp['chap_secrets_file'], S_IRUSR | S_IWUSR | S_IRGRP)
+ os.chmod(l2tp_chap_secrets, S_IRUSR | S_IWUSR | S_IRGRP)
else:
- if os.path.exists(l2tp['chap_secrets_file']):
- os.unlink(l2tp['chap_secrets_file'])
+ if os.path.exists(l2tp_chap_secrets):
+ os.unlink(l2tp_chap_secrets)
return None
def apply(l2tp):
if not l2tp:
- if os.path.exists(pidfile):
- _accel_cmd('shutdown hard')
- if os.path.exists(pidfile):
- os.remove(pidfile)
- return None
+ call('systemctl stop accel-ppp-l2tp.service')
- if not os.path.exists(pidfile):
- ret = run(f'/usr/sbin/accel-pppd -c {l2tp_conf} -p {pidfile} -d')
- chk_con()
- if ret != 0 and os.path.exists(pidfile):
- os.remove(pidfile)
- raise ConfigError('accel-pppd failed to start')
- else:
- # if gw ip changes, only restart doesn't work
- _accel_cmd('restart')
+ if os.path.exists(l2tp_conf):
+ os.unlink(l2tp_conf)
+
+ if os.path.exists(l2tp_chap_secrets):
+ os.unlink(l2tp_chap_secrets)
+
+ return None
+ call('systemctl restart accel-ppp-l2tp.service')
if __name__ == '__main__':
try: