def _generate_ovpn_conf(self):
if not self.get_orgs():
raise ValueError('Ovpn conf cannot be generated without ' + \
'any organizations')
logger.debug('Generating server ovpn conf. %r' % {
'server_id': self.id,
})
if not self.primary_organization or not self.primary_user:
self._create_primary_user()
if not os.path.isfile(self.dh_param_path):
self._generate_dh_param()
primary_org = Organization(self.primary_organization)
primary_user = primary_org.get_user(self.primary_user)
self.generate_ca_cert()
self._generate_tls_verify()
self._generate_user_pass_verify()
if self.local_network:
push = 'route %s %s' % self._parse_network(self.local_network)
else:
push = 'redirect-gateway'
server_conf = OVPN_SERVER_CONF % (
self.port,
self.protocol,
self.interface,
self.ca_cert_path,
primary_user.cert_path,
primary_user.key_path,
self.tls_verify_path,
self.dh_param_path,
'%s %s' % self._parse_network(self.network),
self.ifc_pool_path,
push,
self.ovpn_status_path,
4 if self.debug else 1,
8 if self.debug else 3,
)
if self.otp_auth:
server_conf += 'auth-user-pass-verify %s via-file\n' % (
self.user_pass_verify_path)
if self.lzo_compression:
server_conf += 'comp-lzo\npush "comp-lzo"\n'
if self.local_network:
server_conf += 'client-to-client\n'
with open(self.ovpn_conf_path, 'w') as ovpn_conf:
ovpn_conf.write(server_conf)
def _generate_ovpn_conf(self):
if not self.get_orgs():
raise ValueError("Ovpn conf cannot be generated without " + "any organizations")
logger.debug("Generating server ovpn conf. %r" % {"server_id": self.id})
if not self.primary_organization or not self.primary_user:
self._create_primary_user()
if not os.path.isfile(self.dh_param_path):
self._generate_dh_param()
primary_org = Organization(self.primary_organization)
primary_user = primary_org.get_user(self.primary_user)
self.generate_ca_cert()
self._generate_tls_verify()
self._generate_user_pass_verify()
if self.local_network:
push = "route %s %s" % self._parse_network(self.local_network)
else:
push = "redirect-gateway"
server_conf = OVPN_SERVER_CONF % (
self.port,
self.protocol,
self.interface,
self.ca_cert_path,
primary_user.cert_path,
primary_user.key_path,
self.tls_verify_path,
self.dh_param_path,
"%s %s" % self._parse_network(self.network),
self.ifc_pool_path,
push,
self.ovpn_status_path,
4 if self.debug else 1,
8 if self.debug else 3,
)
if self.otp_auth:
server_conf += "auth-user-pass-verify %s via-file\n" % (self.user_pass_verify_path)
if self.lzo_compression:
server_conf += 'comp-lzo\npush "comp-lzo"\n'
if self.local_network:
server_conf += "client-to-client\n"
with open(self.ovpn_conf_path, "w") as ovpn_conf:
ovpn_conf.write(server_conf)
def _generate_ovpn_conf(self):
if not self.get_orgs():
raise ValueError('Ovpn conf cannot be generated without ' + \
'any organizations')
logger.debug('Generating server ovpn conf. %r' % {
'server_id': self.id,
})
if not self.primary_organization or not self.primary_user:
self._create_primary_user()
if not os.path.isfile(self.dh_param_path):
self._generate_dh_param()
primary_org = Organization(self.primary_organization)
primary_user = primary_org.get_user(self.primary_user)
self.generate_ca_cert()
self._generate_tls_verify()
if self.local_network:
push = 'route %s %s' % self._parse_network(
self.local_network)
else:
push = 'redirect-gateway'
with open(self.ovpn_conf_path, 'w') as ovpn_conf:
ovpn_conf.write(OVPN_SERVER_CONF % (
self.port,
self.protocol,
self.interface,
self.ca_cert_path,
primary_user.cert_path,
primary_user.key_path,
self.tls_verify_path,
self.dh_param_path,
'%s %s' % self._parse_network(self.network),
self.ifc_pool_path,
push,
self.ovpn_status_path,
4 if self.debug else 1,
8 if self.debug else 3,
))
def _remove_primary_user(self):
logger.debug("Removing primary user. %r" % {"server_id": self.id})
primary_organization = self.primary_organization
primary_user = self.primary_user
self.primary_organization = None
self.primary_user = None
if not primary_organization or not primary_user:
return
org = Organization(primary_organization)
user = org.get_user(primary_user)
if not user:
logger.debug(
"Primary user not found, skipping remove. %r"
% {"server_id": self.id, "org_id": org.id, "user_id": user.id}
)
return
if user:
user.remove()
def _remove_primary_user(self):
logger.debug('Removing primary user. %r' % {
'server_id': self.id,
})
primary_organization = self.primary_organization
primary_user = self.primary_user
self.primary_organization = None
self.primary_user = None
if not primary_organization or not primary_user:
return
org = Organization(primary_organization)
user = org.get_user(primary_user)
if not user:
logger.debug('Primary user not found, skipping remove. %r' % {
'server_id': self.id,
'org_id': org.id,
'user_id': user.id,
})
return
if user:
user.remove()
def _remove_primary_user(self):
logger.debug('Removing primary user. %r' % {
'server_id': self.id,
})
primary_organization = self.primary_organization
primary_user = self.primary_user
self.primary_organization = None
self.primary_user = None
if not primary_organization or not primary_user:
return
org = Organization(primary_organization)
user = org.get_user(primary_user)
if not user:
logger.debug('Primary user not found, skipping remove. %r' % {
'server_id': self.id,
'org_id': org.id,
'user_id': user.id,
})
return
if user:
user.remove()