From 254faff9678eb03cd212f6e4b08f8502bd28b492 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Sun, 12 Apr 2020 20:14:09 +0200 Subject: vpn: sstp: T2185: move generated files to volatile /run/accel-ppp directory --- src/conf_mode/vpn_sstp.py | 15 ++++++++++----- src/systemd/accel-ppp-sstp.service | 14 -------------- src/systemd/accel-ppp@.service | 16 ++++++++++++++++ 3 files changed, 26 insertions(+), 19 deletions(-) delete mode 100644 src/systemd/accel-ppp-sstp.service create mode 100644 src/systemd/accel-ppp@.service (limited to 'src') diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py index cedecfdec..645beddad 100755 --- a/src/conf_mode/vpn_sstp.py +++ b/src/conf_mode/vpn_sstp.py @@ -27,8 +27,8 @@ from vyos import ConfigError from vyos.defaults import directories as vyos_data_dir from vyos.util import call, run -sstp_conf = '/etc/accel-ppp/sstp.conf' -sstp_chap_secrets = '/etc/accel-ppp/sstp.chap-secrets' +sstp_conf = '/run/accel-pppd/sstp.conf' +sstp_chap_secrets = '/run/accel-pppd/sstp.chap-secrets' default_config_data = { 'local_users' : [], @@ -188,6 +188,8 @@ def get_config(): # authentication protocols conf.set_level(base_path + ['authentication']) if conf.exists(['protocols']): + # clear default list content, now populate with actual CLI values + sstp['auth_proto'] = [] auth_mods = { 'pap': 'auth_pap', 'chap': 'auth_chap_md5', @@ -297,9 +299,12 @@ def verify(sstp): raise ConfigError(f"Missing RADIUS secret for server {{ radius['key'] }}") def generate(sstp): - if sstp is None: + if not sstp: return None + import pprint + pprint.pprint(sstp) + # Prepare Jinja2 template loader from files tmpl_path = os.path.join(vyos_data_dir['data'], 'templates', 'sstp') fs_loader = FileSystemLoader(tmpl_path) @@ -330,7 +335,7 @@ def generate(sstp): def apply(sstp): if not sstp: - call('systemctl stop accel-ppp-sstp.service') + call('systemctl stop accel-ppp@sstp.service') if os.path.exists(sstp_conf): os.unlink(sstp_conf) @@ -340,7 +345,7 @@ def apply(sstp): return None - call('systemctl restart accel-ppp-sstp.service') + call('systemctl restart accel-ppp@sstp.service') if __name__ == '__main__': diff --git a/src/systemd/accel-ppp-sstp.service b/src/systemd/accel-ppp-sstp.service deleted file mode 100644 index 03bd7f99c..000000000 --- a/src/systemd/accel-ppp-sstp.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Accel-PPP/SSTP -After=vyos-router.service - -[Service] -ExecStart=/usr/sbin/accel-pppd -d -p /run/accel-pppd-sstp.pid -c /etc/accel-ppp/sstp.conf -ExecReload=/bin/kill -SIGUSR1 $MAINPID -PIDFile=/run/accel-pppd-sstp.pid -Type=forking -Restart=always - -[Install] -WantedBy=multi-user.target -Alias=accel-ppp-sstp.service diff --git a/src/systemd/accel-ppp@.service b/src/systemd/accel-ppp@.service new file mode 100644 index 000000000..256112769 --- /dev/null +++ b/src/systemd/accel-ppp@.service @@ -0,0 +1,16 @@ +[Unit] +Description=Accel-PPP - High performance VPN server application for Linux +RequiresMountsFor=/run +ConditionPathExists=/run/accel-pppd/%i.conf +After=vyos-router.service + +[Service] +WorkingDirectory=/run/accel-pppd +ExecStart=/usr/sbin/accel-pppd -d -p /run/accel-pppd/%i.pid -c /run/accel-pppd/%i.conf +ExecReload=/bin/kill -SIGUSR1 $MAINPID +PIDFile=/run/accel-pppd/%i.pid +Type=forking +Restart=always + +[Install] +WantedBy=multi-user.target -- cgit v1.2.3