Ejemplos de OpenVPNService.execute_easyrsa_command en Python

Ejemplo n.º 1

    def sync_fields(self, o, fields):
        pki_dir = OpenVPNService.get_pki_dir(o)

        if (not os.path.isdir(pki_dir)):
            OpenVPNService.execute_easyrsa_command(pki_dir, "init-pki")
            OpenVPNService.execute_easyrsa_command(
                pki_dir, "--req-cn=XOS build-ca nopass")

        # Very hacky way to handle VPNs that need to share CAs
        if (o.use_ca_from_id):
            tenant = OpenVPNTenant.get_tenant_objects().filter(
                pk=o.use_ca_from_id)[0]
            other_pki_dir = OpenVPNService.get_pki_dir(tenant)
            shutil.copy2(other_pki_dir + "/ca.crt", pki_dir)
            shutil.copy2(other_pki_dir + "/private/ca.key",
                         pki_dir + "/private")

        # If the server has to be built then we need to build it
        if (not os.path.isfile(pki_dir + "/issued/server.crt")):
            OpenVPNService.execute_easyrsa_command(
                pki_dir, "build-server-full server nopass")
            OpenVPNService.execute_easyrsa_command(pki_dir, "gen-dh")

        # Get the most recent list of revoked clients
        OpenVPNService.execute_easyrsa_command(pki_dir, "gen-crl")

        # Super runs the playbook
        super(SyncOpenVPNTenant, self).sync_fields(o, fields)

Ejemplo n.º 2

Archivo: sync_openvpntenant.py Proyecto: albertoflorez/xos

    def sync_fields(self, o, fields):
        pki_dir = OpenVPNService.get_pki_dir(o)

        if (not os.path.isdir(pki_dir)):
            OpenVPNService.execute_easyrsa_command(pki_dir, "init-pki")
            OpenVPNService.execute_easyrsa_command(
                pki_dir, "--req-cn=XOS build-ca nopass")

        # Very hacky way to handle VPNs that need to share CAs
        if (o.use_ca_from_id):
            tenant = OpenVPNTenant.get_tenant_objects().filter(
                pk=o.use_ca_from_id)[0]
            other_pki_dir = OpenVPNService.get_pki_dir(tenant)
            shutil.copy2(other_pki_dir + "/ca.crt", pki_dir)
            shutil.copy2(other_pki_dir + "/private/ca.key",
                         pki_dir + "/private")

        # If the server has to be built then we need to build it
        if (not os.path.isfile(pki_dir + "/issued/server.crt")):
            OpenVPNService.execute_easyrsa_command(
                pki_dir, "build-server-full server nopass")
            OpenVPNService.execute_easyrsa_command(pki_dir, "gen-dh")

        # Get the most recent list of revoked clients
        OpenVPNService.execute_easyrsa_command(pki_dir, "gen-crl")

        # Super runs the playbook
        super(SyncOpenVPNTenant, self).sync_fields(o, fields)

Ejemplo n.º 3

Archivo: sync_tenantprivilege.py Proyecto: albertoflorez/xos

 def sync_record(self, record):
     if (not record.tenant.id):
         raise DeferredException("Privilege waiting on VPN Tenant ID")
     certificate = self.get_certificate_name(record)
     tenant = OpenVPNTenant.get_tenant_objects().filter(pk=record.tenant.id)[0]
     if (not tenant):
         raise DeferredException("Privilege waiting on VPN Tenant")
     # Only add a certificate if ones does not yet exist
     pki_dir = OpenVPNService.get_pki_dir(tenant)
     if (not os.path.isfile(pki_dir + "/issued/" + certificate + ".crt")):
         OpenVPNService.execute_easyrsa_command(
             pki_dir, "build-client-full " + certificate + " nopass")
         tenant.save()
     record.save()

Ejemplo n.º 4

Archivo: sync_tenantprivilege.py Proyecto: shyransystems/openvpn-xos

 def sync_record(self, record):
     if (not record.tenant.id):
         raise DeferredException("Privilege waiting on VPN Tenant ID")
     certificate = self.get_certificate_name(record)
     tenant = OpenVPNTenant.get_tenant_objects().filter(
         pk=record.tenant.id)[0]
     if (not tenant):
         raise DeferredException("Privilege waiting on VPN Tenant")
     # Only add a certificate if ones does not yet exist
     pki_dir = OpenVPNService.get_pki_dir(tenant)
     if (not os.path.isfile(pki_dir + "/issued/" + certificate + ".crt")):
         OpenVPNService.execute_easyrsa_command(
             pki_dir, "build-client-full " + certificate + " nopass")
         tenant.save()
     record.save()

Ejemplo n.º 5

Archivo: sync_tenantprivilege.py Proyecto: albertoflorez/xos

    def delete_record(self, record):
        if (not record.tenant.id):
            return
        certificate = self.get_certificate_name(record)
        tenant = OpenVPNTenant.get_tenant_objects().filter(pk=record.tenant.id)[0]
        if (not tenant):
            return
        # If the client has already been reovked don't do it again
        pki_dir = OpenVPNService.get_pki_dir(tenant)
        if (os.path.isfile(pki_dir + "/issued/" + certificate + ".crt")):
            OpenVPNService.execute_easyrsa_command(
                pki_dir, "revoke " + certificate)
            # Revoking a client cert does not delete any of the files
            # to make sure that we can add this user again we need to
            # delete all of the files created by easyrsa
            os.remove(pki_dir + "/issued/" + certificate + ".crt")
            os.remove(pki_dir + "/private/" + certificate + ".key")
            os.remove(pki_dir + "/reqs/" + certificate + ".req")
            tenant.save()

        record.delete()

Ejemplo n.º 6

Archivo: sync_tenantprivilege.py Proyecto: shyransystems/openvpn-xos

    def delete_record(self, record):
        if (not record.tenant.id):
            return
        certificate = self.get_certificate_name(record)
        tenant = OpenVPNTenant.get_tenant_objects().filter(
            pk=record.tenant.id)[0]
        if (not tenant):
            return
        # If the client has already been reovked don't do it again
        pki_dir = OpenVPNService.get_pki_dir(tenant)
        if (os.path.isfile(pki_dir + "/issued/" + certificate + ".crt")):
            OpenVPNService.execute_easyrsa_command(pki_dir,
                                                   "revoke " + certificate)
            # Revoking a client cert does not delete any of the files
            # to make sure that we can add this user again we need to
            # delete all of the files created by easyrsa
            os.remove(pki_dir + "/issued/" + certificate + ".crt")
            os.remove(pki_dir + "/private/" + certificate + ".key")
            os.remove(pki_dir + "/reqs/" + certificate + ".req")
            tenant.save()

        record.delete()