From e0fe74fbbe49585b096178781f55e4e5d342ed01 Mon Sep 17 00:00:00 2001 From: ljf Date: Sat, 18 Sep 2021 12:00:30 +0200 Subject: [PATCH] [wip] start config panel --- config_panel.toml | 199 ++++++++++++++++++++++++++++++++++++++++++++++ scripts/config | 182 ++++++++++++++++++++++++++++++++++++++++++ scripts/install | 1 + 3 files changed, 382 insertions(+) create mode 100644 config_panel.toml create mode 100644 scripts/config diff --git a/config_panel.toml b/config_panel.toml new file mode 100644 index 0000000..0e89a61 --- /dev/null +++ b/config_panel.toml @@ -0,0 +1,199 @@ +version = "1.0" + +[main] +name = "Auto-configuration" + + [main.service] + name = "Service" + optional = false + + [main.service.status] + ask = "The status of your VPN is unknown." + type = "alert" + style = "info" + + [main.service.service_enabled] + ask = "Enable Hotspot" + type = "boolean" + + [main.service.doc] + ask = "You need to select a wifi antenna interface. If you use a wifi USB dongle and that this one is not listed here, try to unplug and replug it, then reload this page." + type = "alert" + style = "warning" + + [main.service.wifi_device] + ask = "Device" + type = "select" + choices.wlan0 = "wlan0" + + [main.service.wifi_channel] + ask = "Channel" + type = "select" + choices.1 = "1" + choices.2 = "2" + choices.3 = "3" + choices.4 = "4" + choices.5 = "5" + choices.6 = "6" + choices.7 = "7" + choices.8 = "8" + choices.9 = "9" + choices.10 = "10" + choices.11 = "11" + + [main.service.ssid_nb] + ask = "Hotspot number" + type = "number" + min = 1 + max = 3 + + [main.hotspot1] + name = "Hotspot 1" + optional = false + + [main.hotspot1.wifi_ssid__1] + ask = "Name (SSID)" + type = "string" + pattern.regexp = '^[\w \-]{1,32}$" + pattern.error = 'SSID in this app are limited to letter, number space, dash and underscores." + + [main.hotspot1.wifi_secure__1] + ask = "Secure" + type = "boolean" + + [main.hotspot1.wifi_passphrase__1] + ask = "Password (WPA2)" + type = "string" + redact = true + visible = "wifi_secure__1" + + [main.hotspot1.advanced__1] + ask = "Advanced settings" + type = "boolean" + + [main.hotspot1.ip4_nat_prefix__1] + ask = "IPv4 NAT prefix (/24)" + type = "string" + visible = "advanced__1" + pattern.regexp = "^[0-9.]{7,15}$" + pattern.error = "Please provide a valid IP" + + [main.hotspot1.ip6_net__1] + ask = "IPv6 delegated prefix" + type = "string" + visible = "advanced__1" + pattern.regexp = "^[0-9a-fA-F:]+$" + pattern.error = "Please provide a valid IPv6 Prefix" + + [main.hotspot1.ip6_firewall__1] + ask = "IPv6 firewall" + type = "boolean" + visible = "advanced__1" + + [main.hotspot1.dns__1] + ask = "DNS resolvers" + type = "tags" + visible = "advanced__1" + pattern.regexp = "^([0-9.]{7,15}|[0-9a-fA-F:]+)$" + pattern.error = "Not an ip" + + [main.hotspot2] + name = "Hotspot 2" + visible = "ssid_nb >= 2" + + [main.hotspot2.wifi_ssid__2] + ask = "Name (SSID)" + type = "string" + pattern.regexp = '^[\w \-]{1,32}$" + pattern.error = 'SSID in this app are limited to letter, number space, dash and underscores." + + [main.hotspot2.wifi_secure__2] + ask = "Secure" + type = "boolean" + + [main.hotspot2.wifi_passphrase__2] + ask = "Password (WPA2)" + type = "string" + redact = true + visible = "wifi_secure__2" + + [main.hotspot2.advanced__2] + ask = "Advanced settings" + type = "boolean" + + [main.hotspot2.ip4_nat_prefix__2] + ask = "IPv4 NAT prefix (/24)" + type = "string" + visible = "advanced__2" + pattern.regexp = "^[0-9.]{7,15}$" + pattern.error = "Please provide a valid IP" + + [main.hotspot2.ip6_net__2] + ask = "IPv6 delegated prefix" + type = "string" + visible = "advanced__2" + pattern.regexp = "^[0-9a-fA-F:]+$" + pattern.error = "Please provide a valid IPv6 Prefix" + + [main.hotspot2.ip6_firewall__2] + ask = "IPv6 firewall" + type = "boolean" + visible = "advanced__2" + + [main.hotspot2.dns__2] + ask = "DNS resolvers" + type = "tags" + visible = "advanced__2" + pattern.regexp = "^([0-9.]{7,15}|[0-9a-fA-F:]+)$" + pattern.error = "Not an ip" + + [main.hotspot3] + name = "Hotspot 3" + visible = "ssid_nb >= 3" + + [main.hotspot3.wifi_ssid__3] + ask = "Name (SSID)" + type = "string" + pattern.regexp = '^[\w \-]{1,32}$" + pattern.error = 'SSID in this app are limited to letter, number space, dash and underscores." + + [main.hotspot3.wifi_secure__3] + ask = "Secure" + type = "boolean" + + [main.hotspot3.wifi_passphrase__3] + ask = "Password (WPA2)" + type = "string" + redact = true + visible = "wifi_secure__3" + + [main.hotspot3.advanced__3] + ask = "Advanced settings" + type = "boolean" + + [main.hotspot3.ip4_nat_prefix__3] + ask = "IPv4 NAT prefix (/24)" + type = "string" + visible = "advanced__3" + pattern.regexp = "^[0-9.]{7,15}$" + pattern.error = "Please provide a valid IP" + + [main.hotspot3.ip6_net__3] + ask = "IPv6 delegated prefix" + type = "string" + visible = "advanced__3" + pattern.regexp = "^[0-9a-fA-F:]+$" + pattern.error = "Please provide a valid IPv6 Prefix" + + [main.hotspot3.ip6_firewall__3] + ask = "IPv6 firewall" + type = "boolean" + visible = "advanced__3" + + [main.hotspot3.dns__3] + ask = "DNS resolvers" + type = "tags" + visible = "advanced__3" + pattern.regexp = "^([0-9.]{7,15}|[0-9a-fA-F:]+)$" + pattern.error = "Not an ip" + diff --git a/scripts/config b/scripts/config new file mode 100644 index 0000000..5bd28d9 --- /dev/null +++ b/scripts/config @@ -0,0 +1,182 @@ +#!/bin/bash + +#================================================= +# GENERIC STARTING +#================================================= +# IMPORT GENERIC HELPERS +#================================================= + +source _common.sh +source /usr/share/yunohost/helpers + +#================================================= +# MANAGE SCRIPT FAILURE +#================================================= + +# Exit if an error occurs during the execution of the script +ynh_abort_if_errors + +#================================================= +# RETRIEVE ARGUMENTS +#================================================= + +final_path=$(ynh_app_setting_get $app final_path) + +set_right() { + if [ -f $1 ] + then + chown $app:$app $1 + chmod go=--- $1 + fi +} + +#================================================= +# SPECIFIC GETTERS FOR TOML SHORT KEY +#================================================= + +get__status() { + local service_enabled=$(ynh_app_setting_get $app service_enabled) + if ip route get 1.2.3.4 | grep -q tun0 + then + if [ $service_enabled -eq 1 ] + then + cat << EOF +style: success +ask: + en: |- + Your VPN is running :) + + **IPv4:** \`$(curl https://ip.yunohost.org --silent)\` + **IPv6:** \`$(curl https://ip6.yunohost.org --silent)\` +EOF + else + cat << EOF +style: warning +ask: + en: Your VPN is running, but it shouldn't ! +EOF + fi + elif [ $service_enabled -eq 1 ] + then + cat << EOF +style: danger +ask: + en: |- + Your VPN is down ! Here are errors logged in the last 5 minutes + \`\`\` +$(journalctl -u openvpn@client -p0..3 --since "- 20 minutes" -o cat | sed 's/^/ /g' | tail -n 15) + \`\`\` +EOF + else + cat << EOF +style: info +ask: + en: Your VPN is down has expected. +EOF + + fi +} + +get__login_user() { + if [ -s /etc/openvpn/keys/credentials ] + then + echo "$(sed -n 1p /etc/openvpn/keys/credentials)" + else + echo "" + fi +} + +get__login_passphrase() { + if [ -s /etc/openvpn/keys/credentials ] + then + echo "$(sed -n 2p /etc/openvpn/keys/credentials)" + else + echo "" + fi +} + + +#================================================= +# SPECIFIC VALIDATORS FOR TOML SHORT KEYS +#================================================= +validate__login_user() { + + if grep -q '^\s*auth-user-pass' ${config_file} + then + if [[ -z "${login_user}" ]] + then + echo 'A Username is needed with this configuration file' + fi + fi +} + +#================================================= +# SPECIFIC SETTERS FOR TOML SHORT KEYS +#================================================= +set__login_user() { + if [ -n "${login_user}" ] + then + echo "${login_user}\n${login_passphrase}" > /etc/openvpn/keys/credentials + set_right /etc/openvpn/keys/credentials + else + echo "" > /etc/openvpn/keys/credentials + fi +} + +set__login_passphrase() { + : +} + +#================================================= +# OVERWRITING VALIDATE STEP +#================================================= +read_cube() { + tmp_dir=$(dirname "$1") + setting_value="$(jq --raw-output ".$2" "$1")" + if [[ "$setting_value" == "null" ]] + then + setting_value='' + # Save file in tmp dir + elif [[ "$2" == "crt_"* ]] + then + if [ -n "${setting_value}" ] + then + echo "${setting_value}" | sed 's/|/\n/g' > $tmp_dir/$2 + setting_value="$tmp_dir/$2" + fi + fi + echo $setting_value +} +ynh_app_config_validate() { + _ynh_app_config_validate +} + +#================================================= +# OVERWRITING APPLY STEP +#================================================= +ynh_app_config_apply() { + + # Stop vpn client + ynh_print_info --message="Stopping vpnclient in order to edit files" + touch /tmp/.ynh-vpnclient-stopped + /usr/local/bin/ynh-vpnclient stop + + chown $app:$app /etc/openvpn/keys + chmod go=--- /etc/openvpn/keys + + _ynh_app_config_apply + + set_right /etc/openvpn/client.conf + set_right /etc/openvpn/keys/ca-server.crt + set_right /etc/openvpn/keys/user.crt + set_right /etc/openvpn/keys/user.key + set_right /etc/openvpn/keys/user_ta.key + + # Start vpn client + ynh_print_info --message="Starting vpnclient service if needed" + /usr/local/bin/ynh-vpnclient start + rm -f /tmp/.ynh-vpnclient-stopped + +} + +ynh_app_config_run $1 diff --git a/scripts/install b/scripts/install index 481b999..0b3de42 100644 --- a/scripts/install +++ b/scripts/install @@ -171,6 +171,7 @@ hot_reload_usb_wifi_cards wifi_device=$(bash ../conf/iw_devices | awk -F\| '{ print $1 }') ynh_app_setting_set --app=$app --key=multissid --value=1 +ynh_app_setting_set --app=$app --key=ssid_nb --value=1 ynh_app_setting_set --app=$app --key=wifi_ssid --value="${wifi_ssid}" ynh_app_setting_set --app=$app --key=wifi_secure --value=1 ynh_app_setting_set --app=$app --key=wifi_passphrase --value="${wifi_passphrase}"