added a twig template for a server config with an embedded certificate and associated code to make it work
This commit is contained in:
parent
0d69847a99
commit
cb7297eb88
2 changed files with 63 additions and 0 deletions
|
|
@ -26,6 +26,7 @@ class Action extends Session
|
||||||
if ($cert !== null) {
|
if ($cert !== null) {
|
||||||
$certModel = CertificateQuery::create()->findOneByUserAndName($this->getUser(), $cert);
|
$certModel = CertificateQuery::create()->findOneByUserAndName($this->getUser(), $cert);
|
||||||
$this->addClientCertificateData($zip, $certModel);
|
$this->addClientCertificateData($zip, $certModel);
|
||||||
|
$this->fillZipWithEmbeddedConfig($zip, $server, $certModel);
|
||||||
|
|
||||||
$name .= '-' . $certModel->getName() . '.' . $certModel->getSerial();
|
$name .= '-' . $certModel->getName() . '.' . $certModel->getSerial();
|
||||||
}
|
}
|
||||||
|
|
@ -52,6 +53,34 @@ class Action extends Session
|
||||||
$zip->addFromString('ca.crt', file_get_contents($this->getCore()->getBaseDir() . '/storage/ca/ca.crt'));
|
$zip->addFromString('ca.crt', file_get_contents($this->getCore()->getBaseDir() . '/storage/ca/ca.crt'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param \ZipArchive $zip
|
||||||
|
* @param Server $server
|
||||||
|
* @param Certificate $cert
|
||||||
|
* @throws \Twig_Error_Loader
|
||||||
|
* @throws \Twig_Error_Runtime
|
||||||
|
* @throws \Twig_Error_Syntax
|
||||||
|
*/
|
||||||
|
public function fillZipWithEmbeddedConfig($zip, $server, $cert)
|
||||||
|
{
|
||||||
|
/** @var \Twig_Environment $twig */
|
||||||
|
$twig = $this->get('twig');
|
||||||
|
|
||||||
|
$parameters = [
|
||||||
|
'server' => $server,
|
||||||
|
'crt' => $cert->getCertificate(),
|
||||||
|
'key' => '',
|
||||||
|
];
|
||||||
|
|
||||||
|
if ($cert->hasPrivateKey()) {
|
||||||
|
$parameters['key'] = $cert->getPrivateKey();
|
||||||
|
}
|
||||||
|
|
||||||
|
$config = $twig->render('etc/openvpn-client-embedded.conf.twig', $parameters);
|
||||||
|
|
||||||
|
$zip->addFromString('server-embedded.conf', $config);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param Server $server
|
* @param Server $server
|
||||||
* @return string
|
* @return string
|
||||||
|
|
|
||||||
34
views/etc/openvpn-client-embedded.conf.twig
Normal file
34
views/etc/openvpn-client-embedded.conf.twig
Normal file
|
|
@ -0,0 +1,34 @@
|
||||||
|
client
|
||||||
|
|
||||||
|
dev zerooo
|
||||||
|
dev-type tun
|
||||||
|
|
||||||
|
proto {{ server.getProtocol() }}
|
||||||
|
|
||||||
|
remote {{ server.getExternalIp() }} {{ server.getPort() }}
|
||||||
|
resolv-retry infinite
|
||||||
|
nobind
|
||||||
|
|
||||||
|
user nobody
|
||||||
|
group nogroup
|
||||||
|
|
||||||
|
persist-key
|
||||||
|
persist-tun
|
||||||
|
|
||||||
|
remote-cert-tls server
|
||||||
|
|
||||||
|
cipher AES-256-CBC
|
||||||
|
|
||||||
|
comp-lzo
|
||||||
|
|
||||||
|
<ca>
|
||||||
|
{{ ca }}
|
||||||
|
</ca>
|
||||||
|
|
||||||
|
<cert>
|
||||||
|
{{ cert }}
|
||||||
|
</cert>
|
||||||
|
|
||||||
|
<key>
|
||||||
|
{{ key }}
|
||||||
|
</key>
|
||||||
Loading…
Reference in a new issue