From 71cc0e1fb04fbc710d0791af911e7019d232a733 Mon Sep 17 00:00:00 2001 From: Sunil Mohan Adapa Date: Fri, 12 Jan 2018 17:26:49 +0530 Subject: [PATCH] openvpn: Upgrade to the new Debian way Earlier only openvpn@.service file was available. Currently, Debian is using openvpn-server@.service and openvpn-client@.service. Start using this and upgrade our current users to this approach. This fixes the problem with incorrect enabling/disabling of OpenVPN app in Plinth. Tested primarily three cases: - Install version 2 of the app directly. Make sure daemon runs, enabling/disabling the app works. - Install version 1 of the app. Disable it. Upgrade to version 2 make sure everything is upgraded but disabled. Enabling make the app work properly. - Install version 1 of the app. Enable it. Upgrade to version 2 make sure everything is upgraded, app is enabled and running. Signed-off-by: Sunil Mohan Adapa Reviewed-by: James Valleroy --- actions/openvpn | 26 +++++++++++++++++++++++--- plinth/modules/openvpn/__init__.py | 6 +++--- 2 files changed, 26 insertions(+), 6 deletions(-) diff --git a/actions/openvpn b/actions/openvpn index 0e185a15c..5cc26cb2a 100755 --- a/actions/openvpn +++ b/actions/openvpn @@ -32,7 +32,11 @@ KEYS_DIRECTORY = '/etc/openvpn/freedombox-keys' DH_KEY = '/etc/openvpn/freedombox-keys/dh4096.pem' -SERVER_CONFIGURATION_PATH = '/etc/openvpn/freedombox.conf' +OLD_SERVER_CONFIGURATION_PATH = '/etc/openvpn/freedombox.conf' +SERVER_CONFIGURATION_PATH = '/etc/openvpn/server/freedombox.conf' + +OLD_SERVICE_NAME = 'openvpn@freedombox' +SERVICE_NAME = 'openvpn-server@freedombox' CA_CERTIFICATE_PATH = KEYS_DIRECTORY + '/ca.crt' USER_CERTIFICATE_PATH = KEYS_DIRECTORY + '/{username}.crt' @@ -99,6 +103,9 @@ def parse_arguments(): subparsers.add_parser('is-setup', help='Return whether setup is completed') subparsers.add_parser('setup', help='Setup OpenVPN server configuration') + subparsers.add_parser( + 'upgrade', + help='Upgrade OpenVPN server configuration from older configuration') get_profile = subparsers.add_parser( 'get-profile', help='Return the OpenVPN profile of a user') @@ -120,8 +127,21 @@ def subcommand_setup(_): _create_server_config() _create_certificates() _setup_firewall() - action_utils.service_enable('openvpn@freedombox') - action_utils.service_restart('openvpn@freedombox') + action_utils.service_enable(SERVICE_NAME) + action_utils.service_restart(SERVICE_NAME) + + +def subcommand_upgrade(_): + """Upgrade from an older version if configured. + + Otherwise do nothing. + """ + if os.path.exists(OLD_SERVER_CONFIGURATION_PATH): + os.rename(OLD_SERVER_CONFIGURATION_PATH, SERVER_CONFIGURATION_PATH) + + if action_utils.service_is_enabled(OLD_SERVICE_NAME): + action_utils.service_disable(OLD_SERVICE_NAME) + action_utils.service_enable(SERVICE_NAME) def _create_server_config(): diff --git a/plinth/modules/openvpn/__init__.py b/plinth/modules/openvpn/__init__.py index 4044d7e7b..bb860182b 100644 --- a/plinth/modules/openvpn/__init__.py +++ b/plinth/modules/openvpn/__init__.py @@ -30,12 +30,11 @@ from plinth import service as service_module from plinth.menu import main_menu from plinth.utils import format_lazy - -version = 1 +version = 2 service = None -managed_services = ['openvpn@freedombox'] +managed_services = ['openvpn-server@freedombox'] managed_packages = ['openvpn', 'easy-rsa'] @@ -73,6 +72,7 @@ def init(): def setup(helper, old_version=None): """Install and configure the module.""" helper.install(managed_packages) + helper.call('post', actions.superuser_run, 'openvpn', ['upgrade']) global service if service is None: service = service_module.Service(