frodovdr
/
raspap-webgui
mirror of https://github.com/billz/raspap-webgui.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #34 from RaspAP/bugfix/multiple-ovpn 

Bugfix: multiple OpenVPN config handling
This commit is contained in:
Bill Zimmerman 2021-06-08 20:31:26 +02:00 committed by GitHub
parent eed50706d9 83c6e17970
commit 2fc30acbc5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 24 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
ajax/openvpn/activate_ovpncfg.php
View File

@ -5,21 +5,14 @@ require_once '../../includes/functions.php';
if (isset($_POST['cfg_id'])) {
$ovpncfg_id = $_POST['cfg_id'];
$ovpncfg_path = pathinfo(RASPI_OPENVPN_CLIENT_CONFIG, PATHINFO_DIRNAME).'/';
$ovpncfg_files = $ovpncfg_path .$ovpncfg_id.'_*.conf';
$ovpncfg_client = RASPI_OPENVPN_CLIENT_PATH.$ovpncfg_id.'_client.conf';
$ovpncfg_login = RASPI_OPENVPN_CLIENT_PATH.$ovpncfg_id.'_login.conf';
// move currently active profile
$meta = file_get_meta(RASPI_OPENVPN_CLIENT_CONFIG,'#\sfilename\s(.*)');
$ovpncfg_client = $ovpncfg_path .$meta.'_client.conf';
$ovpncfg_login = $ovpncfg_path .$meta.'_login.conf';
exec("sudo mv ".RASPI_OPENVPN_CLIENT_CONFIG." $ovpncfg_client", $return);
exec("sudo mv ".RASPI_OPENVPN_CLIENT_LOGIN." $ovpncfg_login", $return);
// replace with selected profile
$ovpncfg_client = $ovpncfg_path .$ovpncfg_id.'_client.conf';
$ovpncfg_login = $ovpncfg_path .$ovpncfg_id.'_login.conf';
exec("sudo mv $ovpncfg_client ".RASPI_OPENVPN_CLIENT_CONFIG, $return);
exec("sudo mv $ovpncfg_login ".RASPI_OPENVPN_CLIENT_LOGIN, $return);
// remove existing client config +login and symbolically link the selected one
system("sudo rm ".RASPI_OPENVPN_CLIENT_CONFIG, $return);
system("sudo ln -s $ovpncfg_client ".RASPI_OPENVPN_CLIENT_CONFIG, $return);
system("sudo rm ".RASPI_OPENVPN_CLIENT_LOGIN, $return);
system("sudo ln -s $ovpncfg_login ".RASPI_OPENVPN_CLIENT_LOGIN, $return);
// restart service
exec("sudo /bin/systemctl stop openvpn-client@client", $return);

2
config/config.php
View File

@ -18,9 +18,9 @@ define('RASPI_DHCPCD_CONFIG', '/etc/dhcpcd.conf');
define('RASPI_WPA_SUPPLICANT_CONFIG', '/etc/wpa_supplicant/wpa_supplicant.conf');
define('RASPI_HOSTAPD_CTRL_INTERFACE', '/var/run/hostapd');
define('RASPI_WPA_CTRL_INTERFACE', '/var/run/wpa_supplicant');
define('RASPI_OPENVPN_CLIENT_PATH', '/etc/openvpn/client/');
define('RASPI_OPENVPN_CLIENT_CONFIG', '/etc/openvpn/client/client.conf');
define('RASPI_OPENVPN_CLIENT_LOGIN', '/etc/openvpn/client/login.conf');
define('RASPI_OPENVPN_SERVER_CONFIG', '/etc/openvpn/server/server.conf');
define('RASPI_WIREGUARD_PATH', '/etc/wireguard/');
define('RASPI_WIREGUARD_CONFIG', RASPI_WIREGUARD_PATH.'wg0.conf');
define('RASPI_TORPROXY_CONFIG', '/etc/tor/torrc');

2
includes/defaults.php
View File

@ -23,9 +23,9 @@ $defaults = [
'RASPI_WPA_SUPPLICANT_CONFIG' => '/etc/wpa_supplicant/wpa_supplicant.conf',
'RASPI_HOSTAPD_CTRL_INTERFACE' => '/var/run/hostapd',
'RASPI_WPA_CTRL_INTERFACE' => '/var/run/wpa_supplicant',
'RASPI_OPENVPN_CLIENT_PATH' => '/etc/openvpn/client/',
'RASPI_OPENVPN_CLIENT_CONFIG' => '/etc/openvpn/client/client.conf',
'RASPI_OPENVPN_CLIENT_LOGIN' => '/etc/openvpn/client/login.conf',
'RASPI_OPENVPN_SERVER_CONFIG' => '/etc/openvpn/server/server.conf',
'RASPI_WIREGUARD_PATH' => '/etc/wireguard/',
'RASPI_WIREGUARD_CONFIG' => RASPI_WIREGUARD_PATH.'wg0.conf',
'RASPI_TORPROXY_CONFIG' => '/etc/tor/torrc',

22
includes/functions.php
View File

@ -270,28 +270,6 @@ function file_get_meta($filename, $pattern)
}
}
/**
* Renames an openvpn client config with the 'filename' header comment
*
* @param string file
* @return boolean
*/
function file_move_config($file)
{
if(file_exists($file)) {
$file_data = file_get_contents($file);
preg_match('/^#\sfilename\s(.*)/i', $file_data, $matched);
$renamed = pathinfo($file, PATHINFO_DIRNAME).'/'.
$matched[1] .'_'.pathinfo($file, PATHINFO_FILENAME).'.'.
pathinfo($file, PATHINFO_EXTENSION);
if (!file_exists($renamed)) {
$return = system("sudo mv $file $renamed", $return);
} else {
return false;
}
}
}
/**
* Callback function for array_filter
*

22
includes/openvpn.php
View File

@ -53,7 +53,7 @@ function DisplayOpenVPNConfig()
$authUser = current($auth);
$authPassword = next($auth);
}
$clients = preg_grep('/client.(conf)$/', scandir(pathinfo(RASPI_OPENVPN_CLIENT_CONFIG, PATHINFO_DIRNAME)));
$clients = preg_grep('/_client.(conf)$/', scandir(pathinfo(RASPI_OPENVPN_CLIENT_CONFIG, PATHINFO_DIRNAME)));
$logEnable = 0;
if (!empty($_POST) && !isset($_POST['log-openvpn'])) {
@ -158,36 +158,34 @@ function SaveOpenVPNConfig($status, $file, $authUser, $authPassword)
throw new RuntimeException('Unable to move uploaded file');
}
// Good file upload, update auth credentials if present
$prepend = '# filename '.pathinfo($file['name'], PATHINFO_FILENAME) .PHP_EOL;
if (!empty($authUser) && !empty($authPassword)) {
$auth_flag = 1;
// Move tmp authdata to /etc/openvpn/login.conf
$auth.= $authUser .PHP_EOL . $authPassword .PHP_EOL;
file_put_contents($tmp_authdata, $auth);
file_prepend_data($tmp_authdata, $prepend);
file_move_config(RASPI_OPENVPN_CLIENT_LOGIN);
chmod($tmp_authdata, 0644);
system("sudo cp $tmp_authdata " . RASPI_OPENVPN_CLIENT_LOGIN, $return);
$client_auth = RASPI_OPENVPN_CLIENT_PATH.pathinfo($file['name'], PATHINFO_FILENAME).'_login.conf';
system("sudo cp $tmp_authdata $client_auth", $return);
system("sudo rm ".RASPI_OPENVPN_CLIENT_LOGIN, $return);
system("sudo ln -s $client_auth ".RASPI_OPENVPN_CLIENT_LOGIN, $return);
if ($return !=0) {
$status->addMessage('Unable to save client auth credentials', 'danger');
}
}
// Prepend filname tag to .ovpn client config
file_prepend_data($tmp_ovpnclient, $prepend);
// Set iptables rules and, optionally, auth-user-pass
exec("sudo /etc/raspap/openvpn/configauth.sh $tmp_ovpnclient $auth_flag " .$_SESSION['ap_interface'], $return);
foreach ($return as $line) {
$status->addMessage($line, 'info');
}
// Copy tmp client config to /etc/openvpn/client
file_move_config(RASPI_OPENVPN_CLIENT_CONFIG);
$client_ovpn = RASPI_OPENVPN_CLIENT_PATH.pathinfo($file['name'], PATHINFO_FILENAME).'_client.conf';
chmod($tmp_ovpnclient, 0644);
system("sudo cp $tmp_ovpnclient " . RASPI_OPENVPN_CLIENT_CONFIG, $return);
system("sudo cp $tmp_ovpnclient $client_ovpn", $return);
system("sudo rm ".RASPI_OPENVPN_CLIENT_CONFIG, $return);
system("sudo ln -s $client_ovpn ".RASPI_OPENVPN_CLIENT_CONFIG, $return);
if ($return ==0) {
$status->addMessage('OpenVPN client.conf uploaded successfully', 'info');
} else {

2
installers/openvpnlog.sh
View File

@ -1,3 +1,3 @@
#!/bin/bash
touch /tmp/openvpn.log
grep -m 100 openvpn /var/log/syslog | sudo tee /tmp/openvpn.log
journalctl |grep -m 200 openvpn | sudo tee /tmp/openvpn.log

6
installers/raspap.sudoers
View File

@ -20,9 +20,9 @@ www-data ALL=(ALL) NOPASSWD:/bin/systemctl start openvpn-client@client
www-data ALL=(ALL) NOPASSWD:/bin/systemctl enable openvpn-client@client
www-data ALL=(ALL) NOPASSWD:/bin/systemctl stop openvpn-client@client
www-data ALL=(ALL) NOPASSWD:/bin/systemctl disable openvpn-client@client
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/ovpnclient.ovpn /etc/openvpn/client/client.conf
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/authdata /etc/openvpn/client/login.conf
www-data ALL=(ALL) NOPASSWD:/bin/mv /etc/openvpn/client/*.conf /etc/openvpn/client/*.conf
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/ovpnclient.ovpn /etc/openvpn/client/*.conf
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/authdata /etc/openvpn/client/*.conf
www-data ALL=(ALL) NOPASSWD:/usr/bin/ln -s /etc/openvpn/client/*.conf /etc/openvpn/client/*.conf
www-data ALL=(ALL) NOPASSWD:/bin/rm /etc/openvpn/client/*.conf
www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dnsmasqdata /etc/dnsmasq.d/090_*.conf
www-data ALL=(ALL) NOPASSWD:/bin/rm /etc/dnsmasq.d/090_*.conf

4
templates/openvpn/general.php
View File

@ -64,9 +64,7 @@
</div>
</div> <!-- col -->
</div><!-- col-8 -->
<div class="col-sm-auto">
<a href="https://go.nordvpn.net/aff_c?offer_id=15&aff_id=36402&url_id=902"><img src="app/img/no-trace-200x200.png" class="float-left mb-3 mt-3"></a>
</div>
<div class="col-sm-auto"></div>
</div><!-- /.row -->
</div><!-- /.tab-pane | general tab -->