Bug 10577 - OpenVPN: Added additional configs for RW server and client
Summary: OpenVPN: Added additional configs for RW server and client
Status: CLOSED FIXED
Alias: None
Product: IPFire
Classification: Unclassified
Component: openvpn (show other bugs)
Version: 2
Hardware: unspecified Unspecified
: - Unknown - - Unknown -
Assignee: Michael Tremer
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-07-24 10:55 UTC by Erik Kapfer
Modified: 2015-04-13 00:02 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Erik Kapfer 2014-07-24 10:55:56 UTC 
Hi all,
i wanted to introduce a new feature for IPFires OpenVPN server. This feature makes it possible to add individual configurations for server.conf and client.ovpn over two separated files which will be generated by ovpnmain.cgi  under /var/ipfire/ovpn/scripts if not already present by pressing the servers save button. This files can be used by editing them like regular OpenVPN configuration files.
After editing these files, a server stop and save should print all additional added directives into server.conf and client.ovpn globally.

Greetings,

Erik
Comment 2 Erik Kapfer 2014-07-24 11:03:19 UTC 
In here --> https://forum.ipfire.org/index.php?topic=11028.0 some testing results but also a howto can be found.
Comment 3 Michael Tremer 2014-08-11 11:16:13 UTC 
I am basically fine with those changes.

You should avoid to call shell commands where ever possible (touch, chmod and so on), because this is really slow and perl can do that, too.

Should this be merged?
Comment 4 Erik Kapfer 2014-08-11 17:10:12 UTC 
Hi Michael,
as time goes on there where some new ideas in this development. The users from the forum have asked for a place in the WUI where they can overview the changes on the *.local.config´s and and as i worked on this, a couple of questions comming up.

- Is it in general a good idea to bring this feautre visible to the WUI ?

- Also might it be a good idea to go also for a editable WUI (only over the advanced section) where it is also possible to make the modifications in a pleasant way (not only over the console) ? 

- The next question was, should we make the whole OpenVPN configs configurable so we have a maximum of flexibility for advanced users. If somebody crashes the whole thing, it should be possible to delete everything of the manual changes in the WUI and go for the 'save' button on ovpnmain.cgi startpage so the old status should be restorable.

A first idea how this could looks like (until now readonly and just the *.local.config´s) can be found in here --> https://forum.ipfire.org/index.php?topic=11028.msg73035#msg73035 .

The patches in the forums topic have included also Perl commands instead of the Bash code now.

If you find something useful in this, let it me know i will go then for a new commit with your desired changes.

Greetings,

Erik
Comment 5 Erik Kapfer 2014-08-16 18:09:06 UTC 
Hi Michael,
we have decided to leave the new stuff for the first behind and go only for the additional configs (without integration into the WUI, etc.).

I made a commit for Core 81. Have substituded there also the Bash code with Perl code. The commit can be found in here --> http://git.ipfire.org/?p=people/ummeegge/ipfire-2.x.git;a=commit;h=8ebb58c62b4fd3361a67f136d319a5d73c83b8ab .

Greetings,

Erik
Comment 6 Erik Kapfer 2014-11-13 03:22:22 UTC 
* Added also a checkbox (on/off) in the WUI under 'Advanced server options' .
* Changed the order in 'Miscellaneous options' section for better overview.
* Optimized code in particular sections a little.
    Added a filehandle instead of system(touch...) for ccd* file generation.   
    Unified the html code tags in processed section.

Greetings,

Erik