openvpn: Upgrade to the new Debian way

Earlier only openvpn@.service file was available. Currently, Debian is using openvpn-server@.service and openvpn-client@.service. Start using this and upgrade our current users to this approach. This fixes the problem with incorrect enabling/disabling of OpenVPN app in Plinth. Tested primarily three cases: - Install version 2 of the app directly. Make sure daemon runs, enabling/disabling the app works. - Install version 1 of the app. Disable it. Upgrade to version 2 make sure everything is upgraded but disabled. Enabling make the app work properly. - Install version 1 of the app. Enable it. Upgrade to version 2 make sure everything is upgraded, app is enabled and running. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-01-21 07:55:00 +00:00 · 2018-01-12 17:26:49 +05:30 · 2018-01-12 17:26:49 +05:30 · 71cc0e1fb0
commit 71cc0e1fb0
parent f11dd191c1
2 changed files with 26 additions and 6 deletions
--- a/actions/openvpn
+++ b/actions/openvpn
@ -32,7 +32,11 @@ KEYS_DIRECTORY = '/etc/openvpn/freedombox-keys'

 DH_KEY = '/etc/openvpn/freedombox-keys/dh4096.pem'

-SERVER_CONFIGURATION_PATH = '/etc/openvpn/freedombox.conf'
+OLD_SERVER_CONFIGURATION_PATH = '/etc/openvpn/freedombox.conf'
+SERVER_CONFIGURATION_PATH = '/etc/openvpn/server/freedombox.conf'
+
+OLD_SERVICE_NAME = 'openvpn@freedombox'
+SERVICE_NAME = 'openvpn-server@freedombox'

 CA_CERTIFICATE_PATH = KEYS_DIRECTORY + '/ca.crt'
 USER_CERTIFICATE_PATH = KEYS_DIRECTORY + '/{username}.crt'
@ -99,6 +103,9 @@ def parse_arguments():

    subparsers.add_parser('is-setup', help='Return whether setup is completed')
    subparsers.add_parser('setup', help='Setup OpenVPN server configuration')
+    subparsers.add_parser(
+        'upgrade',
+        help='Upgrade OpenVPN server configuration from older configuration')

    get_profile = subparsers.add_parser(
        'get-profile', help='Return the OpenVPN profile of a user')
@ -120,8 +127,21 @@ def subcommand_setup(_):
    _create_server_config()
    _create_certificates()
    _setup_firewall()
-    action_utils.service_enable('openvpn@freedombox')
-    action_utils.service_restart('openvpn@freedombox')
+    action_utils.service_enable(SERVICE_NAME)
+    action_utils.service_restart(SERVICE_NAME)
+
+
+def subcommand_upgrade(_):
+    """Upgrade from an older version if configured.
+
+    Otherwise do nothing.
+    """
+    if os.path.exists(OLD_SERVER_CONFIGURATION_PATH):
+        os.rename(OLD_SERVER_CONFIGURATION_PATH, SERVER_CONFIGURATION_PATH)
+
+    if action_utils.service_is_enabled(OLD_SERVICE_NAME):
+        action_utils.service_disable(OLD_SERVICE_NAME)
+        action_utils.service_enable(SERVICE_NAME)


 def _create_server_config():
--- a/plinth/modules/openvpn/init.py
+++ b/plinth/modules/openvpn/init.py
@ -30,12 +30,11 @@ from plinth import service as service_module
 from plinth.menu import main_menu
 from plinth.utils import format_lazy

-
-version = 1
+version = 2

 service = None

-managed_services = ['openvpn@freedombox']
+managed_services = ['openvpn-server@freedombox']

 managed_packages = ['openvpn', 'easy-rsa']

@ -73,6 +72,7 @@ def init():
 def setup(helper, old_version=None):
    """Install and configure the module."""
    helper.install(managed_packages)
+    helper.call('post', actions.superuser_run, 'openvpn', ['upgrade'])
    global service
    if service is None:
        service = service_module.Service(