From fb40f020bcd2bdb0e2fbbbd13d4557e7e4da030d Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 11 Apr 2020 01:05:35 +0200 Subject: vpn: l2tp: T2264: migrate from SysVinit -> systemd --- src/etc/systemd/system/accel-ppp-l2tp.service | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 src/etc/systemd/system/accel-ppp-l2tp.service (limited to 'src/etc/systemd/system') diff --git a/src/etc/systemd/system/accel-ppp-l2tp.service b/src/etc/systemd/system/accel-ppp-l2tp.service new file mode 100644 index 000000000..27f0cc8c0 --- /dev/null +++ b/src/etc/systemd/system/accel-ppp-l2tp.service @@ -0,0 +1,14 @@ +[Unit] +Description=Accel-PPP/L2TP +After=vyos-router.service + +[Service] +ExecStart=/usr/sbin/accel-pppd -d -p /run/accel-pppd-l2tp.pid -c /etc/accel-ppp/l2tp.conf +ExecReload=/bin/kill -SIGUSR1 $MAINPID +PIDFile=/run/accel-pppd-l2tp.pid +Type=forking +Restart=always + +[Install] +WantedBy=multi-user.target +Alias=accel-ppp-l2tp.service -- cgit v1.2.3 From 13510cac5a4aadc3f6ca79c8c7fd7276abe95be3 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sat, 11 Apr 2020 11:24:46 +0200 Subject: vpn: sstp: T2008: migrate from SysVinit -> systemd --- data/templates/sstp/sstp.config.tmpl | 2 +- src/conf_mode/vpn_sstp.py | 85 ++++++--------------------- src/etc/systemd/system/accel-ppp-sstp.service | 14 +++++ 3 files changed, 33 insertions(+), 68 deletions(-) create mode 100644 src/etc/systemd/system/accel-ppp-sstp.service (limited to 'src/etc/systemd/system') diff --git a/data/templates/sstp/sstp.config.tmpl b/data/templates/sstp/sstp.config.tmpl index 19805358e..d5f55b2df 100644 --- a/data/templates/sstp/sstp.config.tmpl +++ b/data/templates/sstp/sstp.config.tmpl @@ -52,7 +52,7 @@ dns{{ loop.index }}={{ dns }} {% if auth_mode == 'local' %} [chap-secrets] -chap-secrets=/etc/accel-ppp/sstp/chap-secrets +chap-secrets={{ sstp_chap_secrets }} {% elif auth_mode == 'radius' %} [radius] verbose=1 diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py index 13a24675d..a0bcb1acf 100755 --- a/src/conf_mode/vpn_sstp.py +++ b/src/conf_mode/vpn_sstp.py @@ -18,7 +18,6 @@ import os from time import sleep from sys import exit -from socket import socket, AF_INET, SOCK_STREAM from copy import deepcopy from stat import S_IRUSR, S_IWUSR, S_IRGRP from jinja2 import FileSystemLoader, Environment @@ -26,41 +25,16 @@ from jinja2 import FileSystemLoader, Environment from vyos.config import Config from vyos import ConfigError from vyos.defaults import directories as vyos_data_dir -from vyos.util import process_running -from vyos.util import process_running, cmd, run - -pidfile = r'/var/run/accel_sstp.pid' -sstp_cnf_dir = r'/etc/accel-ppp/sstp' -chap_secrets = sstp_cnf_dir + '/chap-secrets' -sstp_conf = sstp_cnf_dir + '/sstp.config' - -# config path creation -if not os.path.exists(sstp_cnf_dir): - os.makedirs(sstp_cnf_dir) - -def chk_con(): - cnt = 0 - s = socket(AF_INET, SOCK_STREAM) - while True: - try: - s.connect(("127.0.0.1", 2005)) - s.close() - break - except ConnectionRefusedError: - sleep(0.5) - cnt += 1 - if cnt == 100: - raise("failed to start sstp server") - break - - -def _accel_cmd(command): - return run(f'/usr/bin/accel-cmd -p 2005 {command}') +from vyos.util import call, run + +sstp_conf = '/etc/accel-ppp/sstp.conf' +sstp_chap_secrets = '/etc/accel-ppp/sstp.chap-secrets' default_config_data = { 'local_users' : [], 'auth_mode' : 'local', 'auth_proto' : ['auth_mschap_v2'], + 'chap_secrets_file': sstp_chap_secrets, # used in Jinja2 template 'client_gateway': '', 'radius_server' : [], 'radius_acct_tmo' : '3', @@ -340,52 +314,29 @@ def generate(sstp): if sstp['local_users']: tmpl = env.get_template('chap-secrets.tmpl') config_text = tmpl.render(sstp) - with open(chap_secrets, 'w') as f: - f.write(config_text) + with open(sstp_chap_secrets, 'w') as f: + f.write(sstp_chap_secrets) - os.chmod(chap_secrets, S_IRUSR | S_IWUSR | S_IRGRP) + os.chmod(sstp_chap_secrets, S_IRUSR | S_IWUSR | S_IRGRP) else: - if os.path.exists(chap_secrets): - os.unlink(chap_secrets) + if os.path.exists(sstp_chap_secrets): + os.unlink(sstp_chap_secrets) return sstp def apply(sstp): - if sstp is None: - if process_running(pidfile): - command = 'start-stop-daemon' - command += ' --stop ' - command += ' --quiet' - command += ' --oknodo' - command += ' --pidfile ' + pidfile - cmd(command) + if not sstp: + call('systemctl stop accel-ppp-sstp.service') - if os.path.exists(pidfile): - os.remove(pidfile) + if os.path.exists(sstp_conf): + os.unlink(sstp_conf) - return None + if os.path.exists(sstp_chap_secrets): + os.unlink(sstp_chap_secrets) - if not process_running(pidfile): - if os.path.exists(pidfile): - os.remove(pidfile) - - command = 'start-stop-daemon' - command += ' --start ' - command += ' --quiet' - command += ' --oknodo' - command += ' --pidfile ' + pidfile - command += ' --exec /usr/sbin/accel-pppd' - # now pass arguments to accel-pppd binary - command += ' --' - command += ' -c ' + sstp_conf - command += ' -p ' + pidfile - command += ' -d' - cmd(command) - - chk_con() + return None - else: - _accel_cmd('restart') + call('systemctl restart accel-ppp-sstp.service') if __name__ == '__main__': diff --git a/src/etc/systemd/system/accel-ppp-sstp.service b/src/etc/systemd/system/accel-ppp-sstp.service new file mode 100644 index 000000000..03bd7f99c --- /dev/null +++ b/src/etc/systemd/system/accel-ppp-sstp.service @@ -0,0 +1,14 @@ +[Unit] +Description=Accel-PPP/SSTP +After=vyos-router.service + +[Service] +ExecStart=/usr/sbin/accel-pppd -d -p /run/accel-pppd-sstp.pid -c /etc/accel-ppp/sstp.conf +ExecReload=/bin/kill -SIGUSR1 $MAINPID +PIDFile=/run/accel-pppd-sstp.pid +Type=forking +Restart=always + +[Install] +WantedBy=multi-user.target +Alias=accel-ppp-sstp.service -- cgit v1.2.3