Merge pull request #37 from wzooff/feat/add-custom-client-config-template
add option to specify custom user template path
This commit is contained in:
commit
ace42f729e
3 changed files with 320 additions and 282 deletions
24
.editorconfig
Normal file
24
.editorconfig
Normal file
|
@ -0,0 +1,24 @@
|
|||
|
||||
; https://editorconfig.org/
|
||||
|
||||
root = true
|
||||
|
||||
[*]
|
||||
insert_final_newline = true
|
||||
charset = utf-8
|
||||
trim_trailing_whitespace = true
|
||||
indent_style = space
|
||||
indent_size = 2
|
||||
|
||||
[{Makefile,go.mod,go.sum,*.go,.gitmodules}]
|
||||
indent_style = tab
|
||||
indent_size = 4
|
||||
|
||||
[*.md]
|
||||
indent_size = 4
|
||||
trim_trailing_whitespace = false
|
||||
|
||||
eclint_indent_style = unset
|
||||
|
||||
[Dockerfile]
|
||||
indent_size = 4
|
|
@ -94,6 +94,9 @@ Flags:
|
|||
path to easyrsa index file.
|
||||
--ccd Enable client-config-dir.
|
||||
--ccd.path="./ccd" path to client-config-dir
|
||||
--templates.clientconfig-path=""
|
||||
path to custom client.config.tpl file
|
||||
--templates.ccd-path="" path to custom ccd.tpl file
|
||||
--auth.password Enable additional password authorization.
|
||||
--auth.db="./easyrsa/pki/users.db"
|
||||
Database path fort password authorization.
|
||||
|
|
55
main.go
55
main.go
|
@ -5,9 +5,6 @@ import (
|
|||
"bytes"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
"github.com/prometheus/client_golang/prometheus/promhttp"
|
||||
"gopkg.in/alecthomas/kingpin.v2"
|
||||
"log"
|
||||
"net"
|
||||
"net/http"
|
||||
|
@ -19,6 +16,10 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/gobuffalo/packr/v2"
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
"github.com/prometheus/client_golang/prometheus/promhttp"
|
||||
|
||||
"gopkg.in/alecthomas/kingpin.v2"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -32,7 +33,7 @@ const (
|
|||
indexTxtDateLayout = "060102150405Z"
|
||||
stringDateFormat = "2006-01-02 15:04:05"
|
||||
ovpnStatusDateLayout = "2006-01-02 15:04:05"
|
||||
version = "1.6.2"
|
||||
version = "1.6.3"
|
||||
)
|
||||
|
||||
var (
|
||||
|
@ -52,6 +53,8 @@ var (
|
|||
indexTxtPath = kingpin.Flag("easyrsa.index-path", "path to easyrsa index file.").Default("./easyrsa/pki/index.txt").String()
|
||||
ccdEnabled = kingpin.Flag("ccd", "Enable client-config-dir.").Default("false").Bool()
|
||||
ccdDir = kingpin.Flag("ccd.path", "path to client-config-dir").Default("./ccd").String()
|
||||
clientConfigTemplatePath = kingpin.Flag("templates.clientconfig-path", "path to custom client.conf.tpl").Default("").String()
|
||||
ccdTemplatePath = kingpin.Flag("templates.ccd-path", "path to custom ccd.tpl").Default("").String()
|
||||
authByPassword = kingpin.Flag("auth.password", "Enable additional password authorization.").Default("false").Bool()
|
||||
authDatabase = kingpin.Flag("auth.db", "Database path fort password authorization.").Default("./easyrsa/pki/users.db").String()
|
||||
debug = kingpin.Flag("debug", "Enable debug mode.").Default("false").Bool()
|
||||
|
@ -59,11 +62,9 @@ var (
|
|||
|
||||
certsArchivePath = "/tmp/" + certsArchiveFileName
|
||||
ccdArchivePath = "/tmp/" + ccdArchiveFileName
|
||||
|
||||
)
|
||||
|
||||
var (
|
||||
|
||||
ovpnServerCertExpire = prometheus.NewGauge(prometheus.GaugeOpts{
|
||||
Name: "ovpn_server_cert_expire",
|
||||
Help: "openvpn server certificate expire time in days",
|
||||
|
@ -134,7 +135,6 @@ var (
|
|||
},
|
||||
[]string{"client"},
|
||||
)
|
||||
|
||||
)
|
||||
|
||||
type OvpnAdmin struct {
|
||||
|
@ -376,7 +376,6 @@ func main() {
|
|||
kingpin.Version(version)
|
||||
kingpin.Parse()
|
||||
|
||||
|
||||
ovpnAdmin := new(OvpnAdmin)
|
||||
ovpnAdmin.lastSyncTime = "unknown"
|
||||
ovpnAdmin.role = *serverRole
|
||||
|
@ -524,6 +523,18 @@ func renderIndexTxt(data []indexTxtLine) string {
|
|||
return indexTxt
|
||||
}
|
||||
|
||||
func (oAdmin *OvpnAdmin) getClientConfigTemplate() *template.Template {
|
||||
if *clientConfigTemplatePath != "" {
|
||||
return template.Must(template.ParseFiles(*clientConfigTemplatePath))
|
||||
} else {
|
||||
clientConfigTpl, clientConfigTplErr := oAdmin.templates.FindString("client.conf.tpl")
|
||||
if clientConfigTplErr != nil {
|
||||
log.Println("ERROR: clientConfigTpl not found in templates box")
|
||||
}
|
||||
return template.Must(template.New("client-config").Parse(clientConfigTpl))
|
||||
}
|
||||
}
|
||||
|
||||
func (oAdmin *OvpnAdmin) renderClientConfig(username string) string {
|
||||
if checkUserExist(username) {
|
||||
var hosts []OpenvpnServer
|
||||
|
@ -544,12 +555,8 @@ func (oAdmin *OvpnAdmin) renderClientConfig(username string) string {
|
|||
conf.TLS = fRead(*easyrsaDirPath + "/pki/ta.key")
|
||||
conf.PasswdAuth = *authByPassword
|
||||
|
||||
clientConfigTpl, clientConfigTplErr := oAdmin.templates.FindString("client.conf.tpl")
|
||||
if clientConfigTplErr != nil {
|
||||
log.Println("ERROR: clientConfigTpl not found in templates box")
|
||||
}
|
||||
t := oAdmin.getClientConfigTemplate()
|
||||
|
||||
t := template.Must(template.New("client-config").Parse(clientConfigTpl))
|
||||
var tmp bytes.Buffer
|
||||
err := t.Execute(&tmp, conf)
|
||||
if err != nil {
|
||||
|
@ -568,6 +575,18 @@ func (oAdmin *OvpnAdmin) renderClientConfig(username string) string {
|
|||
return fmt.Sprintf("User \"%s\" not found", username)
|
||||
}
|
||||
|
||||
func (oAdmin *OvpnAdmin) getCcdTemplate() *template.Template {
|
||||
if *ccdTemplatePath != "" {
|
||||
return template.Must(template.ParseFiles(*ccdTemplatePath))
|
||||
} else {
|
||||
ccdTpl, ccdTplErr := oAdmin.templates.FindString("ccd.tpl")
|
||||
if ccdTplErr != nil {
|
||||
log.Printf("ERROR: ccdTpl not found in templates box")
|
||||
}
|
||||
return template.Must(template.New("ccd").Parse(ccdTpl))
|
||||
}
|
||||
}
|
||||
|
||||
func (oAdmin *OvpnAdmin) parseCcd(username string) Ccd {
|
||||
ccd := Ccd{}
|
||||
ccd.User = username
|
||||
|
@ -601,14 +620,7 @@ func (oAdmin *OvpnAdmin) modifyCcd(ccd Ccd) (bool, string) {
|
|||
}
|
||||
|
||||
if ccdValid {
|
||||
ccdTpl, ccdTplErr := oAdmin.templates.FindString("ccd.tpl")
|
||||
if ccdTplErr != nil {
|
||||
ccdErr = "ccdTpl not found in templates box"
|
||||
log.Printf("ERROR: %s\n",ccdErr)
|
||||
return false, ccdErr
|
||||
}
|
||||
|
||||
t := template.Must(template.New("ccd").Parse(ccdTpl))
|
||||
t := oAdmin.getCcdTemplate()
|
||||
var tmp bytes.Buffer
|
||||
tplErr := t.Execute(&tmp, ccd)
|
||||
if tplErr != nil {
|
||||
|
@ -924,7 +936,6 @@ func (oAdmin *OvpnAdmin) userUnrevoke(username string) string {
|
|||
return fmt.Sprintf("{\"msg\":\"User \"%s\" not found\"}", username)
|
||||
}
|
||||
|
||||
|
||||
func (oAdmin *OvpnAdmin) mgmtRead(conn net.Conn) string {
|
||||
buf := make([]byte, 32768)
|
||||
bufLen, _ := conn.Read(buf)
|
||||
|
|
Loading…
Reference in a new issue