diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..bcaf47c --- /dev/null +++ b/.dockerignore @@ -0,0 +1,9 @@ +# IntelliJ project files +.idea +*.iml +out +gen + + +./easyrsa +werf.yaml diff --git a/.werffiles/configure.sh b/.werffiles/configure.sh new file mode 100644 index 0000000..0733c15 --- /dev/null +++ b/.werffiles/configure.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +EASY_RSA_LOC="/etc/openvpn/easyrsa" +SERVER_CERT="${EASY_RSA_LOC}/pki/issued/server.crt" +cd $EASY_RSA_LOC +if [ -e "$SERVER_CERT" ]; then + echo "found existing certs - reusing" +else + cp -R /usr/share/easy-rsa/* $EASY_RSA_LOC + easyrsa init-pki + echo "ca\n" | easyrsa build-ca nopass + easyrsa build-server-full server nopass + easyrsa gen-dh + openvpn --genkey --secret ./pki/ta.key +fi +easyrsa gen-crl + +iptables -t nat -A POSTROUTING -s 172.16.100.0/255.255.255.0 ! -d 172.16.100.0/255.255.255.0 -j MASQUERADE + +mkdir -p /dev/net +if [ ! -c /dev/net/tun ]; then + mknod /dev/net/tun c 10 200 +fi + +cp -f /etc/openvpn/setup/openvpn.conf /etc/openvpn/openvpn.conf + +[ -d /etc/openvpn/certs/pki ] && chmod 755 /etc/openvpn/certs/pki +[ -f /etc/openvpn/certs/pki/crl.pem ] && chmod 644 /etc/openvpn/certs/pki/crl.pem + +openvpn --config /etc/openvpn/openvpn.conf --client-config-dir /etc/openvpn/ccd + diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..a776f4e --- /dev/null +++ b/Dockerfile @@ -0,0 +1,17 @@ +FROM golang:1.14.2-alpine3.11 AS backend-builder +COPY . /app +RUN apk --no-cache add build-base git gcc +RUN cd /app && env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags='-extldflags "-static" -s -w' -o openvpn-ui + +FROM node:14.2-alpine3.11 AS frontend-builder +COPY frontend/ /app +RUN cd /app && npm install && npm run build + +FROM alpine:3.11 +WORKDIR /app +COPY --from=backend-builder /app/openvpn-ui /app +COPY --from=frontend-builder /app/static /app/static +RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories && \ + apk add --update bash easy-rsa && \ + ln -s /usr/share/easy-rsa/easyrsa /usr/local/bin && \ + rm -rf /tmp/* /var/tmp/* /var/cache/apk/* /var/cache/distfiles/* diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..4b6eb53 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,23 @@ +version: '3' + +volumes: + ovpn_data: + ovpn_config: + +services: + openvpn: + image: openvpn:local + command: /etc/openvpn/setup/configure.sh + ports: + - 1194:1194 + volumes: + - ovpn_data:/etc/openvpn/easyrsa + openvpn-admin: + build: + context: . + image: openvpn-admin:local + command: /app/openvpn-ui + ports: + - 8080:8080 + volumes: + - ovpn_data:/mnt/easyrsa \ No newline at end of file diff --git a/frontend/src/main.js b/frontend/src/main.js index e782997..7ac1a59 100644 --- a/frontend/src/main.js +++ b/frontend/src/main.js @@ -34,7 +34,7 @@ new Vue({ ctxTop: '0', ctxLeft: '0', ctxVisible: false, - ctxMenuItems: { 'u-revoke': 'Revoke', 'u-unrevoke': 'Unrevoke', 'u-show-config': 'Show config'}, + ctxMenuItems: { 'u-revoke': 'Revoke', 'u-unrevoke': 'Unrevoke', 'u-show-config': 'Show config', 'u-edit-ccd': "Edit routes"}, columns: [], data: {}, name: '', @@ -81,6 +81,15 @@ new Vue({ _this.u.openvpnConfig = response.data; }); }) + this.$root.$on('u-edit-ccd', function () { + this.u.modalShowCcdVisible = true; + var data = new URLSearchParams(); + data.append('username', _this.u.name); + axios.request(axios_cfg('api/user/ccd/list', data, 'form')) + .then(function(response) { + _this.u.ccds = response.data; + }); + }) }, computed: { uCtxStyle: function () { @@ -114,6 +123,13 @@ new Vue({ _this.u.data = response.data }); }, + u_get_ccd: function() { + var _this = this; + axios.request(axios_cfg('api/user/ccd')) + .then(function(response) { + _this.u.data = response.data + }); + }, create_user: function() { var _this = this; var data = new URLSearchParams(); @@ -124,6 +140,17 @@ new Vue({ _this.u_get_data(); _this.u.newUserName = ''; }); + }, + ccd_apply: function() { + var _this = this; + var data = new URLSearchParams(); + data.append('username', this.u.newUserName); + axios.request(axios_cfg('api/user/ccd/apply', data, 'form')) + .then(function(response) { + console.log(response.data); + _this.u_get_data(); + _this.u.newUserName = ''; + }); } } }) diff --git a/frontend/static/index.html b/frontend/static/index.html index cc52368..5c08fcc 100644 --- a/frontend/static/index.html +++ b/frontend/static/index.html @@ -57,6 +57,44 @@ +
Address | +Mask | +Description | +Action | +
---|---|---|---|
{{ route.addr }} | +{{ route.mask }} | +{{ route.desc }} | ++ + + | +