def process_install(request):
"""
Processes the application installation form.
:return: Response
"""
# do not let the installation run twice
if config.get_bool("app_installed", True):
return redirect("/")
form = forms.InstallForm(request.POST)
if not form.is_valid():
save_form(request, form)
return redirect("/install")
# save() updates the application settings and creates the administrator
# user that was defined in the form and log the user in
admin = form.save()
login(request, admin, "django.contrib.auth.backends.ModelBackend")
# set the ``app_installed`` setting to True to indicate installation has
# been performed and the application is ready for use before redirecting
# the user to the main application
config.set("app_installed", True)
return redirect("/")
def save(self, **kwargs):
"""
Saves the settings and flags the OpenVPN server as requires a restart.
:return: None
"""
super().save(**kwargs)
config.set("vpn_restart_pending", True)
def create_certificate_authority():
"""
Creates and sets the application certificate authority keys.
:return: None
"""
crt, key = create_keypair("OpenVPN CA", 3650, False, True).pem()
config.set("ca_crt", crt)
config.set("ca_key", key)
def save(self, **kwargs):
"""
Validates and updates the application settings.
:return: None
"""
self.is_valid(True)
for name, value in self.validated_data.items():
config.set(name, value)
def web_post_start():
"""
Creates the web application firewall rules.
:return: None
"""
web_post_stop()
rules = _render_rules()
for rule in _render_rules().split("\n"):
iptables.run(rule)
# save the firewall rules so they can be properly removed
config.set("web_firewall_rules", rules)
def create_server_keys():
"""
Creates and sets the OpenVPN server keys.
:return: None
"""
crt, key = pki.create_server_keypair("OpenVPN Server", 3650).pem()
config.set("vpn_crt", crt)
config.set("vpn_key", key)
config.set("vpn_dh_params", pki.create_dh_params(2048))
config.set("vpn_tls_auth_key", create_tls_auth_key())
def vpn_post_start():
"""
Creates the OpenVPN firewall rules.
:return: None
"""
vpn_post_stop()
iptables.create_chain("filter", "MangleVPN")
iptables.create_chain("filter", "MangleVPN_Clients")
rules = render_rules()
for rule in rules.split("\n"):
iptables.run(rule)
for group in models.Group.objects.filter(is_enabled=True).all():
group.create_firewall_chain()
config.set("vpn_firewall_rules", rules)
config.set("vpn_restart_pending", False)
def save(self):
"""
Performs the application installation.
:return: None
"""
config.set("app_hostname",
self.cleaned_data["app_hostname"])
config.set("app_organization",
self.cleaned_data["app_organization"])
config.set("vpn_hostname",
self.cleaned_data["app_hostname"])
# create the default group only if it doesn't already exist
group = models.Group.objects.by_name("Default")
if not group:
group = models.Group.objects.create(
name="Default",
description="the default group that contains all users.",
)
# create and return the admin user
user = models.User(group=group, is_admin=True)
user.email = self.cleaned_data["admin_email"]
user.set_password(self.cleaned_data["admin_password"])
user.save()
return user