projects / project / luci.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8815b6a)
* luci/app/openvpn: controller, model and template updates
authorJo-Philipp Wich <jow@openwrt.org>
Thu, 9 Oct 2008 22:24:21 +0000 (22:24 +0000)
committerJo-Philipp Wich <jow@openwrt.org>
Thu, 9 Oct 2008 22:24:21 +0000 (22:24 +0000)
applications/luci-openvpn/luasrc/controller/openvpn.lua patch | blob | history
applications/luci-openvpn/luasrc/model/cbi/openvpn-advanced.lua [new file with mode: 0644] patch | blob
applications/luci-openvpn/luasrc/model/cbi/openvpn-basic.lua [new file with mode: 0644] patch | blob
applications/luci-openvpn/luasrc/model/cbi/openvpn.lua patch | blob | history
applications/luci-openvpn/luasrc/view/openvpn/cbi-select-input-add.htm [new file with mode: 0644] patch | blob
applications/luci-openvpn/luasrc/view/openvpn/pageswitch.htm patch | blob | history
applications/luci-openvpn/root/etc/config/openvpn_recipes patch | blob | history

diff --git a/applications/luci-openvpn/luasrc/controller/openvpn.lua b/applications/luci-openvpn/luasrc/controller/openvpn.lua
index 2b18c73..e86d9a6 100644 (file)
--- a/applications/luci-openvpn/luasrc/controller/openvpn.lua
+++ b/applications/luci-openvpn/luasrc/controller/openvpn.lua
@@ -10,7 +10,7 @@ You may obtain a copy of the License at
 
        http://www.apache.org/licenses/LICENSE-2.0
 
 
        http://www.apache.org/licenses/LICENSE-2.0
 
-$Id: init.lua 3516 2008-10-04 18:42:06Z jow $
+$Id$
 ]]--
 module("luci.controller.openvpn", package.seeall)
 
 ]]--
 module("luci.controller.openvpn", package.seeall)
 
@@ -18,11 +18,7 @@ function index()
        require("luci.i18n")
        luci.i18n.loadc("openvpn")
 
        require("luci.i18n")
        luci.i18n.loadc("openvpn")
 
-       local p = entry(
-               {"admin", "services", "openvpn"}, cbi("openvpn"),
-               luci.i18n.translate("openvpn", "OpenVPN")
-       )
-
-       p.i18n = "openvpn"
-       p.leaf = true
+       entry( {"admin", "services", "openvpn"}, cbi("openvpn"), luci.i18n.translate("openvpn", "OpenVPN") ).i18n = "openvpn"
+       entry( {"admin", "services", "openvpn", "basic"},    cbi("openvpn-basic"),    nil ).leaf = true
+       entry( {"admin", "services", "openvpn", "advanced"}, cbi("openvpn-advanced"), nil ).leaf = true
 end
 end
diff --git a/applications/luci-openvpn/luasrc/model/cbi/openvpn-advanced.lua b/applications/luci-openvpn/luasrc/model/cbi/openvpn-advanced.lua
new file mode 100644 (file)
index 0000000..40af624
--- /dev/null
+++ b/applications/luci-openvpn/luasrc/model/cbi/openvpn-advanced.lua
@@ -0,0 +1,267 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+require("luci.fs")
+require("luci.ip")
+
+
+local knownParams = {
+       --
+       -- Widget               Name                                    Optn.   Default(s)
+       --
+
+       { "service", {
+               -- initialisation and daemon options
+               { ListValue,    "verb",                                 { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 } },
+               { Flag,                 "mlock",                                0 },
+               { Flag,                 "disable_occ",                  0 },
+       --      { Value,                "user",                                 "root" },
+       --      { Value,                "group",                                "root" },
+               { Value,                "cd",                                   "/etc/openvpn" },
+               { Value,                "chroot",                               "/var/run" },
+       --      { Value,                "daemon",                               "Instance-Name" },
+       --      { Value,                "syslog",                               "Instance-Name" },
+               { Flag,                 "passtos",                              0 },
+       --      { Value,                "inetd",                                "nowait Instance-Name" },
+               { Value,                "log",                                  "/var/log/openvpn.log" },
+               { Value,                "log_append",                   "/var/log/openvpn.log" },
+               { Flag,                 "suppress_timestamps",  0 },
+       --      { Value,                "writepid",                             "/var/run/openvpn.pid" },
+               { Value,                "nice",                                 0 },
+               { Flag,                 "fast_io",                              0 },
+               { Value,                "echo",                                 "some params echoed to log" },
+               { ListValue,    "remap_usr1",                   { "SIGHUP", "SIGTERM" } },
+               { Value,                "status",                               "/var/run/openvpn.status 5" },
+               { Value,                "status_version",               { 1, 2 } },     -- status
+               { Value,                "mute",                                 5 },
+
+               { Value,                "up",                                   "/usr/bin/ovpn-up" },
+               { Value,                "up_delay",                             5 },
+               { Value,                "down",                                 "/usr/bin/ovpn-down" },
+               { Flag,                 "down_pre",                             0 },
+               { Flag,                 "up_restart",                   0 },
+               { Value,                "route_up",                             "/usr/bin/ovpn-routeup" },
+               { Value,                "ipchange",                             "/usr/bin/ovpn-ipchange",       { mode="p2p" } },
+               { DynamicList,  "setenv",                               { "VAR1 value1", "VAR2 value2" } },
+               { Value,                "tls_verify",                   "/usr/bin/ovpn-tlsverify" },
+               { Value,                "client_connect",               "/usr/bin/ovpn-clientconnect" },
+               { Flag,                 "client_disconnect",    0 },
+               { Value,                "learn_address",                "/usr/bin/ovpn-learnaddress" },
+               { Value,                "auth_user_pass_verify",        "/usr/bin/ovpn-userpass via-env" },
+       } },
+
+       { "networking", {
+               -- socket config
+               { ListValue,    "mode",                                 { "p2p", "server" } },
+               { Value,                "local",                                "0.0.0.0" },
+               { Value,                "port",                                 1194 },
+               { Value,                "lport",                                1194 },
+               { Value,                "rport",                                1194 },
+               { Flag,                 "float",                                0 },
+               { Flag,                 "nobind",                               0 },
+
+               { Value,                "dev",                                  "tun0" },
+               { ListValue,    "dev_type",                             { "tun", "tap" } },
+               { Value,                "dev_node",                             "/dev/net/tun" },
+               { Flag,                 "tun_ipv6",                             0 },
+
+               { Value,                "ifconfig",                             "10.200.200.3 10.200.200.1" },
+               { Flag,                 "ifconfig_noexec",              0 },
+               { Flag,                 "ifconfig_nowarn",              0 },
+
+               { DynamicList,  "route",                                "10.123.0.0 255.255.0.0" },
+               { Value,                "route_gateway",                "10.234.1.1" },
+               { Value,                "route_delay",                  0 },
+               { Flag,                 "route_noexec",                 0 },
+
+               { ListValue,    "mtu_disc",                             { "yes", "maybe", "no" } },
+               { Flag,                 "mtu_test",                             0 },
+               { Flag,                 "comp_lzo",                             0 },
+               { Flag,                 "comp_noadept",                 0,              { comp_lzo=1 } },
+               { Value,                "link_mtu",                             1500 },
+               { Value,                "tun_mtu",                              1500 },
+               { Value,                "tun_mtu_extra",                1500 },
+               { Value,                "fragment",                             1500,   { proto="udp" } },
+               { Value,                "mssfix",                               1500,   { proto="udp" } },
+               { Value,                "sndbuf",                               65536 },
+               { Value,                "rcvbuf",                               65536 },
+               { Value,                "txqueuelen",                   100 },
+               { Value,                "shaper",                               10240 },
+
+               { Value,                "inactive",                             240 },
+               { Value,                "keepalive",                    "10 60" },
+               { Value,                "ping",                                 30 },
+               { Value,                "ping_exit",                    120 },
+               { Value,                "ping_restart",                 60 },
+               { Flag,                 "ping_timer_rem",               0 },
+
+               { Flag,                 "persist_tun",                  0 },
+               { Flag,                 "persist_key",                  0 },
+               { Flag,                 "persist_local_ip",             0 },
+               { Flag,                 "persist_remote_ip",    0 },
+
+               -- management channel
+               { Value,                "management",                   "127.0.0.1 31194 /etc/openvpn/mngmt-pwds" },
+               { Flag,                 "management_query_passwords",                                                                           0 },    -- management
+               { Flag,                 "management_hold",              0 },    -- management
+               { Flag,                 "management_log_cache", 100 },  -- management
+       } },
+
+       { "vpn", {
+               { Value,                "server",                               "10.200.200.0 255.255.255.0", { server_mode="1" } },
+               { Value,                "server_bridge",                "10.200.200.1 255.255.255.0 10.200.200.200 10.200.200.250", { server_mode="1" } },
+               { DynamicList,  "push",                                 { "redirect-gateway", "comp-lzo" }, { server_mode="1" } },
+               { Flag,                 "push_reset",                   0, { server_mode="1" } },
+               { Flag,                 "disable",                              0, { server_mode="1" } },
+               { Value,                "ifconfig_pool",                "10.200.200.100 10.200.200.150 255.255.255.0", { server_mode="1" } },
+               { Value,                "ifconfig_pool_persist",        "/etc/openvpn/ipp.txt 600", { server_mode="1" } },
+               { Flag,                 "ifconfig_pool_linear", 0, { server_mode="1" } },
+               { Value,                "ifconfig_push",                "10.200.200.1 255.255.255.255", { server_mode="1" } },
+               { Value,                "iroute",                               "10.200.200.0 255.255.255.0", { server_mode="1" } },
+               { Flag,                 "client_to_client",             0, { server_mode="1" } },
+               { Flag,                 "duplicate_cn",                 0, { server_mode="1" } },
+               { Value,                "client_config_dir",    "/etc/openvpn/ccd", { server_mode="1" } },
+               { Flag,                 "ccd_exclusive",                0, { server_mode="1" } },
+               { Value,                "tmp_dir",                              "/var/run/openvpn", { server_mode="1" } },
+               { Value,                "hash_size",                    "256 256", { server_mode="1" } },
+               { Value,                "bcast_buffers",                256, { server_mode="1" } },
+               { Value,                "tcp_queue_limit",              64, { server_mode="1" } },
+               { Value,                "max_clients",                  10, { server_mode="1" } },
+               { Value,                "max_routes_per_client",        256, { server_mode="1" } },
+               { Value,                "connect_freq",                 "3 10", { server_mode="1" } },
+               { Flag,                 "client_cert_not_required",     0, { server_mode="1" } },
+               { Flag,                 "username_as_common_name",      0, { server_mode="1" } },
+               { Flag,                 "client",                               0, { server_mode="0" }, { server_mode="" } },
+               { Flag,                 "pull",                                 0, { client="1" } },
+               { Value,                "auth_user_pass",               "/etc/openvpn/userpass.txt", { client="1" } },
+               { ListValue,    "auth_retry",                   { "none", "nointeract", "interact" }, { client="1" } },
+               { Value,                "explicit_exit_notify", 1, { client="1" } },
+               { DynamicList,  "remote",                               "1.2.3.4", { client="1" } },            -- client
+               { Flag,                 "remote_random",                1, { client="1" } },                            -- client
+               { ListValue,    "proto",                                { "udp", "tcp-client", "tcp-server" }, { client="1" } },
+               { Value,                "connect_retry",                5,      { proto="tcp-client" }, { client="1" } },                               -- client && proto=tcp-client
+               { Value,                "http_proxy_server",    "192.168.1.100 8080", { client="1" } }, -- client
+               { Flag,                 "http_proxy_retry",             0, { client="1" } },                            -- client && http_proxy_server
+               { Value,                "http_proxy_timeout",   5, { client="1" } },                            -- client && http_proxy_server
+               { DynamicList,  "http_proxy_option",    { "VERSION 1.0", "AGENT OpenVPN/2.0.9" }, { client="1" } },     -- client && http_proxy_server
+               { Value,                "socks_proxy_server",   "192.168.1.200 1080", { client="1" } }, -- client
+               { Value,                "socks_proxy_retry",    5, { client="1" } },                                    -- client && socks_proxy_server
+               { Value,                "resolv_retry",                 "infinite", { client="1" } },                   -- client
+               { ListValue,    "redirect_gateway",             { "", "local", "def1", "local def1" }, { client="1" } }, -- client
+       } },
+
+       { "cryptography", {
+               { Value,                "secret",                               "/etc/openvpn/secret.key 1" },
+               { Value,                "auth",                                 "SHA1" }, -- parse
+               { Value,                "cipher",                               "BF-CBC" }, -- parse
+               { Value,                "keysize",                              1024 }, -- parse
+               { Value,                "engine",                               "dynamic" }, -- parse
+               { Flag,                 "no_replay",                    0 },
+               { Value,                "replay_window",                "64 15" },
+               { Flag,                 "mute_replay_warnings", 0 },
+               { Value,                "replay_persist",               "/var/run/openvpn-replay-state" },
+               { Flag,                 "no_iv",                                0 },
+               { Flag,                 "tls_server",                   0, { tls_client="" }, { tls_client="0" } },
+               { Flag,                 "tls_client",                   0, { tls_server="" }, { tls_server="0" } },
+               { Value,                "ca",                                   "/etc/easy-rsa/keys/ca.crt" },
+               { Value,                "dh",                                   "/etc/easy-rsa/keys/dh1024.pem" },
+               { Value,                "cert",                                 "/etc/easy-rsa/keys/some-client.crt" },
+               { Value,                "key",                                  "/etc/easy-rsa/keys/some-client.key" },
+               { Value,                "pkcs12",                               "/etc/easy-rsa/keys/some-client.pk12" },
+               { ListValue,    "key_method",                   { 1, 2 } },
+               { Value,                "tls_cipher",                   "DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5" },
+               { Value,                "tls_timeout",                  2 },
+               { Value,                "reneg_bytes",                  1024 },
+               { Value,                "reneg_pkts",                   100 },
+               { Value,                "reneg_sec",                    3600 },
+               { Value,                "hand_window",                  60 },
+               { Value,                "tran_window",                  3600 },
+               { Flag,                 "single_session",               0 },
+               { Flag,                 "tls_exit",                             0 },
+               { Value,                "tls_auth",                             "/etc/openvpn/tlsauth.key 1" },
+               --{ Value,              "askpass",                              "[file]" },
+               { Flag,                 "auth_nocache",                 0 },
+               { Value,                "tls_remote",                   "remote_x509_name" },
+               { ListValue,    "ns_cert_type",                 { "client", "server" } },
+               { Value,                "crl_verify",                   "/etc/easy-rsa/keys/crl.pem" },
+       } }
+}
+
+
+local cts = { }
+local params = { }
+
+local m = Map("openvpn")
+local p = m:section( SimpleSection )
+
+p.template = "openvpn/pageswitch"
+p.mode     = "advanced"
+p.instance = arg[1]
+p.category = arg[2] or "service"
+
+for _, c in ipairs(knownParams) do
+       cts[#cts+1] = c[1]
+       if c[1] == p.category then params = c[2] end
+end
+
+p.categories = cts
+
+
+local s = m:section(
+       NamedSection, arg[1], "openvpn",
+       translate("openvpn_%s" % arg[2]),
+       translate("openvpn_%s_desc" % arg[2])
+)
+
+s.title     = translate("openvpn_%s" % arg[2])
+s.addremove = false
+s.anonymous = true
+
+
+for _, option in ipairs(params) do
+       local o = s:option(option[1], option[2])
+
+       if option[1] == DummyValue then
+               o.value = option[3]
+       else
+               if option[1] == DynamicList then
+                       o.cast = nil
+                       function o.cfgvalue(...)
+                               local val = AbstractValue.cfgvalue(...)
+                               return ( val and type(val) ~= "table" ) and { val } or val
+                       end
+               end
+
+               o.optional = true
+
+               if type(option[3]) == "table" then
+                       if o.optional then o:value("", "-- remove --") end
+                       for _, v in ipairs(option[3]) do
+                               v = tostring(v)
+                               o:value(v)
+                       end
+                       o.default = tostring(option[3][1])
+               else
+                       o.default = tostring(option[3])
+               end
+       end
+
+       for i=5,#option do
+               if type(option[i]) == "table" then
+                       o:depends(option[i])
+               end
+       end
+end
+
+return m
diff --git a/applications/luci-openvpn/luasrc/model/cbi/openvpn-basic.lua b/applications/luci-openvpn/luasrc/model/cbi/openvpn-basic.lua
new file mode 100644 (file)
index 0000000..964da44
--- /dev/null
+++ b/applications/luci-openvpn/luasrc/model/cbi/openvpn-basic.lua
@@ -0,0 +1,97 @@
+--[[
+LuCI - Lua Configuration Interface
+
+Copyright 2008 Steven Barth <steven@midlink.org>
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+$Id$
+]]--
+
+require("luci.fs")
+require("luci.ip")
+require("luci.model.uci")
+
+
+local basicParams = {
+       --
+       -- Widget               Name                                    Optn.   Default(s)
+       --
+
+       { ListValue,    "verb",                                 { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 } },
+       { Value,                "nice",                                 0 },
+       { Value,                "port",                                 1194 },
+       { ListValue,    "dev_type",                             { "tun", "tap" } },
+       { Flag,                 "tun_ipv6",                             0 },
+
+       { Value,                "ifconfig",                             "10.200.200.3 10.200.200.1" },
+       { Value,                "server",                               "10.200.200.0 255.255.255.0" },
+       { Value,                "server_bridge",                "192.168.1.1 255.255.255.0 192.168.1.128 192.168.1.254" },
+       { Flag,                 "nobind",                               0 },
+
+       { Flag,                 "comp_lzo",                             0 },
+       { Value,                "keepalive",                    "10 60" },
+
+       { ListValue,    "proto",                                { "udp", "tcp" } },
+
+       { Flag,                 "client",                               0 },
+       { Flag,                 "client_to_client",             0 },
+       { DynamicList,  "remote",                               "vpnserver.example.org" },
+
+       { Value,                "secret",                               "/etc/openvpn/secret.key 1" },
+       { Value,                "ca",                                   "/etc/easy-rsa/keys/ca.crt" },
+       { Value,                "dh",                                   "/etc/easy-rsa/keys/dh1024.pem" },
+       { Value,                "cert",                                 "/etc/easy-rsa/keys/some-client.crt" },
+       { Value,                "key",                                  "/etc/easy-rsa/keys/some-client.key" },
+}
+
+
+local m = Map("openvpn")
+local p = m:section( SimpleSection )
+
+p.template = "openvpn/pageswitch"
+p.mode     = "basic"
+p.instance = arg[1]
+
+
+local s = m:section( NamedSection, arg[1], "openvpn" )
+
+for _, option in ipairs(basicParams) do
+       local o = s:option(option[1], option[2])
+       o.optional = true
+
+       if option[1] == DummyValue then
+               o.value = option[3]
+       else
+               if option[1] == DynamicList then
+                       o.cast = nil
+                       function o.cfgvalue(...)
+                               local val = AbstractValue.cfgvalue(...)
+                               return ( val and type(val) ~= "table" ) and { val } or val
+                       end
+               end
+
+               if type(option[3]) == "table" then
+                       if o.optional then o:value("", "-- remove --") end
+                       for _, v in ipairs(option[3]) do
+                               v = tostring(v)
+                               o:value(v)
+                       end
+                       o.default = tostring(option[3][1])
+               else
+                       o.default = tostring(option[3])
+               end
+       end
+
+       for i=5,#option do
+               if type(option[i]) == "table" then
+                       o:depends(option[i])
+               end
+       end
+end
+
+return m
diff --git a/applications/luci-openvpn/luasrc/model/cbi/openvpn.lua b/applications/luci-openvpn/luasrc/model/cbi/openvpn.lua
index eeaaf7d..22cdcb4 100644 (file)
--- a/applications/luci-openvpn/luasrc/model/cbi/openvpn.lua
+++ b/applications/luci-openvpn/luasrc/model/cbi/openvpn.lua
@@ -9,279 +9,91 @@ You may obtain a copy of the License at
 
        http://www.apache.org/licenses/LICENSE-2.0
 
 
        http://www.apache.org/licenses/LICENSE-2.0
 
-$Id: olsrdplugins.lua 3288 2008-09-14 20:57:00Z jow $
+$Id$
 ]]--
 
 require("luci.fs")
 require("luci.ip")
 ]]--
 
 require("luci.fs")
 require("luci.ip")
+require("luci.sys")
+require("luci.model.uci")
 
 
 
 
-local knownParams = {
-       --
-       -- Widget               Name                                    Optn.   Default(s)
-       --
-
-       { "service", {
-               -- initialisation and daemon options
-               { "daemon", {
-                       { ListValue,    "verb",                                 false,  { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11 } },
-                       { Flag,                 "mlock",                                false,  0 },
-                       { Flag,                 "disable_occ",                  false,  0 },
-               --      { Value,                "user",                                 true,   "root" },
-               --      { Value,                "group",                                true,   "root" },
-                       { Value,                "cd",                                   true,   "/etc/openvpn" },
-                       { Value,                "chroot",                               true,   "/var/run" },
-               --      { Value,                "daemon",                               true,   "Instance-Name" },
-               --      { Value,                "syslog",                               true,   "Instance-Name" },
-                       { Flag,                 "passtos",                              false,  0 },
-               --      { Value,                "inetd",                                true,   "nowait Instance-Name" },
-                       { Value,                "log",                                  true,   "/var/log/openvpn.log" },
-                       { Value,                "log_append",                   true,   "/var/log/openvpn.log" },
-                       { Flag,                 "suppress_timestamps",  false,  0 },
-               --      { Value,                "writepid",                             true,   "/var/run/openvpn.pid" },
-                       { Value,                "nice",                                 true,   0 },
-                       { Flag,                 "fast_io",                              false,  0 },
-                       { Value,                "echo",                                 true,   "some params echoed to log" },
-                       { ListValue,    "remap_usr1",                   true,   { "SIGHUP", "SIGTERM" } },
-                       { Value,                "status",                               true,   "/var/run/openvpn.status 5" },
-                       { Value,                "status_version",               true,   { 1, 2 } },     -- status
-                       { Value,                "mute",                                 true,   5 },
-               } },
-
-               -- hook scripts
-               { "hookscripts", {
-                       { Value,                "up",                                   true,   "/usr/bin/ovpn-up" },
-                       { Value,                "up_delay",                             true,   5 },
-                       { Value,                "down",                                 true,   "/usr/bin/ovpn-down" },
-                       { Flag,                 "down_pre",                             false,  0 },
-                       { Flag,                 "up_restart",                   false,  0 },
-                       { Value,                "route_up",                             true,   "/usr/bin/ovpn-routeup" },
-                       { Value,                "ipchange",                             true,   "/usr/bin/ovpn-ipchange",       { mode="p2p" } },
-                       { DynamicList,  "setenv",                               true,   { "VAR1 value1", "VAR2 value2" } },
-                       { Value,                "tls_verify",                   true,   "/usr/bin/ovpn-tlsverify" },
-                       { Value,                "client_connect",               true,   "/usr/bin/ovpn-clientconnect" },
-                       { Flag,                 "client_disconnect",    false,  0 },
-                       { Value,                "learn_address",                true,   "/usr/bin/ovpn-learnaddress" },
-                       { Value,                "auth_user_pass_verify",        true,   "/usr/bin/ovpn-userpass via-env" },
-               } },
-       } },
-
-       { "networking", {
-               -- socket config
-               { "networking", {
-                       { ListValue,    "mode",                                 false,  { "p2p", "server" } },
-                       { Value,                "local",                                false,  "0.0.0.0" },
-                       { Value,                "port",                                 false,  1194 },
-                       { Value,                "lport",                                true,   1194 },
-                       { Value,                "rport",                                true,   1194 },
-                       { Flag,                 "float",                                true,   0 },
-                       { Flag,                 "nobind",                               true,   0 },
-
-                       { Value,                "dev",                                  true,   "tun0" },
-                       { ListValue,    "dev_type",                             false,  { "tun", "tap" } },
-                       { Value,                "dev_node",                             true,   "/dev/net/tun" },
-                       { Flag,                 "tun_ipv6",                             false,  0 },
-
-                       { Value,                "ifconfig",                             true,   "10.200.200.3 10.200.200.1" },
-                       { Flag,                 "ifconfig_noexec",              false,  0 },
-                       { Flag,                 "ifconfig_nowarn",              false,  0 },
-
-                       { DynamicList,  "route",                                true,   "10.123.0.0 255.255.0.0" },
-                       { Value,                "route_gateway",                true,   "10.234.1.1" },
-                       { Value,                "route_delay",                  true,   0 },
-                       { Flag,                 "route_noexec",                 false,  0 },
-
-                       { ListValue,    "redirect_gateway",             false,  { "", "local", "def1", "local def1" } }, -- client
-               } },
-
-               -- connection tuning
-               { "conntune", {
-                       { ListValue,    "mtu_disc",                             false,  { "yes", "maybe", "no" } },
-                       { Flag,                 "mtu_test",                             false,  0 },
-                       { Flag,                 "comp_lzo",                             false,  0 },
-                       { Flag,                 "comp_noadept",                 false,  0,              { comp_lzo=1 } },
-                       { Value,                "link_mtu",                             true,   1500 },
-                       { Value,                "tun_mtu",                              true,   1500 },
-                       { Value,                "tun_mtu_extra",                true,   1500 },
-                       { Value,                "fragment",                             true,   1500,   { proto="udp" } },
-                       { Value,                "mssfix",                               true,   1500,   { proto="udp" } },
-                       { Value,                "sndbuf",                               true,   65536 },
-                       { Value,                "rcvbuf",                               true,   65536 },
-                       { Value,                "txqueuelen",                   true,   100 },
-                       { Value,                "shaper",                               true,   10240 },
-               } },
-
-               -- idle timeouts & persistence
-               { "timeouts", {
-                       { Value,                "inactive",                             true,   240 },
-                       { Value,                "keepalive",                    true,   "10 60" },
-                       { Value,                "ping",                                 true,   30 },
-                       { Value,                "ping_exit",                    true,   120 },
-                       { Value,                "ping_restart",                 true,   60 },
-                       { Flag,                 "ping_timer_rem",               false,  0 },
-
-                       { Flag,                 "persist_tun",                  false,  0 },
-                       { Flag,                 "persist_key",                  false,  0 },
-                       { Flag,                 "persist_local_ip",             false,  0 },
-                       { Flag,                 "persist_remote_ip",    false,  0 },
-               } },
-
-               -- management channel
-               { "management", {
-                       { Value,                "management",                   false,  "127.0.0.1 31194 /etc/openvpn/mngmt-pwds" },
-                       { Flag,                 "management_query_passwords",
-                                                                                                       true,   0 },    -- management
-                       { Flag,                 "management_hold",              true,   0 },    -- management
-                       { Flag,                 "management_log_cache", true,   100 },  -- management
-               } }
-       } },
-
-       { "role", {
-               { "server", {
-                       { Value,                "server",                               true,   "10.200.200.0 255.255.255.0" },
-                       { Value,                "server_bridge",                true,   "10.200.200.1 255.255.255.0 10.200.200.200 10.200.200.250" },
-                       { DynamicList,  "push",                                 true,   { "redirect-gateway", "comp-lzo" } },
-                       { Flag,                 "push_reset",                   false,  0 },
-                       { Flag,                 "disable",                              false,  0 },
-                       { Value,                "ifconfig_pool",                true,   "10.200.200.100 10.200.200.150 255.255.255.0" },
-                       { Value,                "ifconfig_pool_persist",        true,   "/etc/openvpn/ipp.txt 600" },
-                       { Flag,                 "ifconfig_pool_linear", false,  0 },
-                       { Value,                "ifconfig_push",                true,   "10.200.200.1 255.255.255.255" },
-                       { Value,                "iroute",                               true,   "10.200.200.0 255.255.255.0" },
-                       { Flag,                 "client_to_client",             false,  0 },
-                       { Flag,                 "duplicate_cn",                 false,  0 },
-                       { Value,                "client_config_dir",    true,   "/etc/openvpn/ccd" },
-                       { Flag,                 "ccd_exclusive",                false,  0 },
-                       { Value,                "tmp_dir",                              true,   "/var/run/openvpn" },
-                       { Value,                "hash_size",                    true,   "256 256" },
-                       { Value,                "bcast_buffers",                true,   256 },
-                       { Value,                "tcp_queue_limit",              true,   64 },
-                       { Value,                "max_clients",                  true,   10 },
-                       { Value,                "max_routes_per_client",        true,   256 },
-                       { Value,                "connect_freq",                 true,   "3 10" },
-                       { Flag,                 "client_cert_not_required",     false,  0 },
-                       { Flag,                 "username_as_common_name",      false,  0 },
-               } },
-
-               { "client", {
-                       { Flag,                 "client",                               false,  0 },
-                       { Flag,                 "pull",                                 false,  0 },
-                       { Value,                "auth_user_pass",               true,   "/etc/openvpn/userpass.txt" },
-                       { ListValue,    "auth_retry",                   true,   { "none", "nointeract", "interact" } },
-                       { Value,                "explicit_exit_notify", true,   1 },
-                       { DynamicList,  "remote",                               false,  "1.2.3.4" },            -- client
-                       { Flag,                 "remote_random",                false,  1 },                            -- client
-                       { ListValue,    "proto",                                false,  { "udp", "tcp-client", "tcp-server" } },
-                       { Value,                "connect_retry",                true,   5,      { proto="tcp-client" } },                               -- client && proto=tcp-client
-                       { Value,                "http_proxy_server",    true,   "192.168.1.100 8080" }, -- client
-                       { Flag,                 "http_proxy_retry",             false,  0 },                            -- client && http_proxy_server
-                       { Value,                "http_proxy_timeout",   true,   5 },                            -- client && http_proxy_server
-                       { DynamicList,  "http_proxy_option",    true,   { "VERSION 1.0", "AGENT OpenVPN/2.0.9" } },     -- client && http_proxy_server
-                       { Value,                "socks_proxy_server",   true,   "192.168.1.200 1080" }, -- client
-                       { Value,                "socks_proxy_retry",    true,   5 },                                    -- client && socks_proxy_server
-                       { Value,                "resolv_retry",                 true,   "infinite" },                   -- client
-               } }
-       } },
-
-       { "cryptography", {
-               { "datachannel", {
-                       { Value,                "secret",                               true,   "/etc/openvpn/secret.key 1" },
-                       { Value,                "auth",                                 true,   "SHA1" }, -- parse
-                       { Value,                "cipher",                               true,   "BF-CBC" }, -- parse
-                       { Value,                "keysize",                              true,   1024 }, -- parse
-                       { Value,                "engine",                               true,   "dynamic" }, -- parse
-                       { Flag,                 "no_replay",                    false,  0 },
-                       { Value,                "replay_window",                true,   "64 15" },
-                       { Flag,                 "mute_replay_warnings", false,  0 },
-                       { Value,                "replay_persist",               true,   "/var/run/openvpn-replay-state" },
-                       { Flag,                 "no_iv",                                false,  0 },
-               } },
-
-               { "tlsmode", {
-                       { Flag,                 "tls_server",                   false,  0 },
-                       { Flag,                 "tls_client",                   false,  0 },
-                       { Value,                "ca",                                   true,   "/etc/easy-rsa/keys/ca.crt" },
-                       { Value,                "dh",                                   true,   "/etc/easy-rsa/keys/dh1024.pem" },
-                       { Value,                "cert",                                 true,   "/etc/easy-rsa/keys/some-client.crt" },
-                       { Value,                "key",                                  true,   "/etc/easy-rsa/keys/some-client.key" },
-                       { Value,                "pkcs12",                               true,   "/etc/easy-rsa/keys/some-client.pk12" },
-                       { ListValue,    "key_method",                   true,   { 1, 2 } },
-                       { Value,                "tls_cipher",                   true,   "DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5" },
-                       { Value,                "tls_timeout",                  true,   2 },
-                       { Value,                "reneg_bytes",                  true,   1024 },
-                       { Value,                "reneg_pkts",                   true,   100 },
-                       { Value,                "reneg_sec",                    true,   3600 },
-                       { Value,                "hand_window",                  true,   60 },
-                       { Value,                "tran_window",                  true,   3600 },
-                       { Flag,                 "single_session",               false,  0 },
-                       { Flag,                 "tls_exit",                             false,  0 },
-                       { Value,                "tls_auth",                             true,   "/etc/openvpn/tlsauth.key 1" },
-                       --{ Value,              "askpass",                              true,   "[file]" },
-                       { Flag,                 "auth_nocache",                 false,  0 },
-                       { Value,                "tls_remote",                   true,   "remote_x509_name" },
-                       { ListValue,    "ns_cert_type",                 true,   { "client", "server" } },
-                       { Value,                "crl_verify",                   true,   "/etc/easy-rsa/keys/crl.pem" },
-               } }
-       } }
-}
-
-
-local cts = { }
-local params = { }
+local uci = luci.model.uci.cursor()
 
 local m = Map("openvpn")
 
 local m = Map("openvpn")
-local p = m:section( SimpleSection )
+local s = m:section( TypedSection, "openvpn" )
+s.template = "cbi/tblsection"
+s.template_addremove = "openvpn/cbi-select-input-add"
+s.addremove = true
+s.add_select_options = { }
+s.extedit = luci.dispatcher.build_url(
+       "admin", "services", "openvpn", "basic", "%s"
+)
 
 
-p.template = "openvpn/pageswitch"
-p.category = arg[1]
-p.csection = arg[2]
-p.instance = arg[3]
+uci:load("openvpn_recipes")
+uci:foreach( "openvpn_recipes", "openvpn_recipe",
+       function(section)
+               s.add_select_options[section['.name']] =
+                       section['_description'] or section['.name']
+       end
+)
 
 
-for _, c in ipairs(knownParams) do
-       cts[#cts+1] = { c[1], { } }
-       for _, o in ipairs(c[2]) do
-               cts[#cts][2][#cts[#cts][2]+1] = o[1]
-               if c[1] == p.category and o[1] == p.csection then
-                       params = o[2]
-               end
+function s.parse(self, section)
+       local recipe = luci.http.formvalue(
+               luci.cbi.CREATE_PREFIX .. self.config .. "." ..
+               self.sectiontype .. ".select"
+       )
+
+       if recipe and not s.add_select_options[recipe] then
+               self.invalid_cts = true
+       else
+               TypedSection.parse( self, section )
        end
 end
 
        end
 end
 
-p.categories = cts
+function s.create(self, name)
+       local recipe = luci.http.formvalue(
+               luci.cbi.CREATE_PREFIX .. self.config .. "." ..
+               self.sectiontype .. ".select"
+       )
 
 
+       uci:section(
+               "openvpn", "openvpn", name,
+               uci:get_all( "openvpn_recipes", recipe )
+       )
 
 
-local s = m:section(
-       NamedSection, arg[3], "openvpn",
-       translate("openvpn_%s" % arg[2]),
-       translate("openvpn_%s_desc" % arg[2])
-)
-
-s.title     = translate("openvpn_%s" % arg[2])
-s.addremove = false
-s.anonymous = true
+       uci:delete("openvpn", name, "_role")
+       uci:delete("openvpn", name, "_description")
+       uci:save("openvpn")
 
 
+       luci.http.redirect( self.extedit:format(name) )
+end
 
 
-for _, option in ipairs(params) do
-       local o = s:option(option[1], option[2])
 
 
-       o.optional = option[3]
+s:option( Flag, "enable" )
 
 
-       if type(option[4]) == "table" then
-               if o.optional then o:value("", "-- remove --") end
-               for _, v in ipairs(option[4]) do
-                       v = tostring(v)
-                       o:value(v)
+local active = s:option( DummyValue, "_active" )
+function active.cfgvalue(self, section)
+       if luci.fs.isfile("/var/run/openvpn_%s.pid" % section) then
+               local pid = io.lines("/var/run/openvpn_%s.pid" % section)()
+               if pid and #pid > 0 and tonumber(pid) ~= nil then
+                       return (luci.sys.process.signal(pid, 0)) and "yes (" .. pid .. ")" or "no"
                end
                end
-               o.default = tostring(option[4][1])
-       else
-               o.default = tostring(option[4])
        end
        end
+       return "no"
+end
 
 
-       for i=5,#option do
-               if type(option[i]) == "table" then
-                       o:depends(option[i])
-               end
-       end
+local port = s:option( DummyValue, "port" )
+function port.cfgvalue(self, section)
+       local val = AbstractValue.cfgvalue(self, section)
+       return val or "1194"
+end
+
+local proto = s:option( DummyValue, "proto" )
+function proto.cfgvalue(self, section)
+       local val = AbstractValue.cfgvalue(self, section)
+       return val or "udp"
 end
 
 end
 
+
 return m
 return m
diff --git a/applications/luci-openvpn/luasrc/view/openvpn/cbi-select-input-add.htm b/applications/luci-openvpn/luasrc/view/openvpn/cbi-select-input-add.htm
new file mode 100644 (file)
index 0000000..0744cf8
--- /dev/null
+++ b/applications/luci-openvpn/luasrc/view/openvpn/cbi-select-input-add.htm
@@ -0,0 +1,11 @@
+<div class="cbi-section-create">
+       <% if self.invalid_cts then -%><div class="cbi-section-error"><% end %>
+       <input type="text" class="cbi-section-create-name" name="cbi.cts.<%=self.config%>.<%=self.sectiontype%>" />
+       <select class="cbi-section-create-name" name="cbi.cts.<%=self.config%>.<%=self.sectiontype%>.select">
+       <%- for k, v in luci.util.kspairs(self.add_select_options) do %>
+               <option value="<%=k%>"><%=luci.util.pcdata(v)%></option>
+       <% end -%>
+       </select>
+       <input class="cbi-button cbi-button-add" type="submit" value="<%:cbi_add%>" title="<%:cbi_add%>" />
+       <% if self.invalid_cts then %><br /><%:cbi_invalid%></div><% end %>
+</div>
diff --git a/applications/luci-openvpn/luasrc/view/openvpn/pageswitch.htm b/applications/luci-openvpn/luasrc/view/openvpn/pageswitch.htm
index 13ef35c..a587666 100644 (file)
--- a/applications/luci-openvpn/luasrc/view/openvpn/pageswitch.htm
+++ b/applications/luci-openvpn/luasrc/view/openvpn/pageswitch.htm
@@ -9,28 +9,31 @@ You may obtain a copy of the License at
 
        http://www.apache.org/licenses/LICENSE-2.0
 
 
        http://www.apache.org/licenses/LICENSE-2.0
 
-$Id: value.htm 3333 2008-09-16 10:08:20Z Cyrus $
+$Id$
 
 -%>
 
 <fieldset class="cbi-section">
        <legend>
                <a href="<%=luci.dispatcher.build_url("admin", "services", "openvpn")%>"><%:openvpn_overview Overview%></a> &raquo;
 
 -%>
 
 <fieldset class="cbi-section">
        <legend>
                <a href="<%=luci.dispatcher.build_url("admin", "services", "openvpn")%>"><%:openvpn_overview Overview%></a> &raquo;
-               <a href="<%=luci.dispatcher.build_url("admin", "services", "openvpn", self.instance)%>"><%=self.instance%></a>
+               <a href="<%=luci.dispatcher.build_url("admin", "services", "openvpn", self.mode, self.instance)%>"><%=self.instance%></a>
        </legend>
 
        </legend>
 
-       <ul><% for _, c in ipairs(self.categories) do %>
-               <li><%=c[1]%><ul><li>
-                       <% for i, s in ipairs(c[2]) do %>
-                               <% if s == self.csection then %>
-                                       <strong><%=translate("openvpn_%s" % s, s)%></strong>
-                               <% else %>
-                                       <a href="<%=luci.dispatcher.build_url(
-                                               "admin", "services", "openvpn", c[1], s, self.instance
-                                       )%>"><%=translate("openvpn_%s" % s, s)%></a>
-                               <% end %>
-                               <% if next(c[2], i) then %>|<% end %>
+       <% if self.mode == "basic" then %>
+               <a href="<%=luci.dispatcher.build_url("admin", "services", "openvpn", "advanced", self.instance)%>"><%:openvpn_switch_advanced Switch to advanced configuration &raquo;%></a>
+       <% else %>
+               <a href="<%=luci.dispatcher.build_url("admin", "services", "openvpn", "basic", self.instance)%>"><%:openvpn_switch_basic &laquo; Switch to basic configuration%></a>
+               <hr style="margin:0.5em 0" />
+               <%:openvpn_confcategory Configuration category%>:
+               <% for i, c in ipairs(self.categories) do %>
+                       <% if c == self.category then %>
+                               <strong><%=translate("openvpn_%s" % c, c)%></strong>
+                       <% else %>
+                               <a href="<%=luci.dispatcher.build_url(
+                                       "admin", "services", "openvpn", "advanced", self.instance, c
+                               )%>"><%=translate("openvpn_%s" % c, c)%></a>
                        <% end %>
                        <% end %>
-               </li></ul></li>
-       <% end %></ul>
+                       <% if next(self.categories, i) then %>|<% end %>
+               <% end %>
+       <% end %>
 </fieldset>
 </fieldset>
diff --git a/applications/luci-openvpn/root/etc/config/openvpn_recipes b/applications/luci-openvpn/root/etc/config/openvpn_recipes
index 0f2ee4f..94e879b 100644 (file)
--- a/applications/luci-openvpn/root/etc/config/openvpn_recipes
+++ b/applications/luci-openvpn/root/etc/config/openvpn_recipes
@@ -16,7 +16,7 @@ config openvpn_recipe client_tun_ptp
        option _description     "Simple client configuration for a routed point-to-point VPN"
        option _role            "client"
        option dev                      "tun"
        option _description     "Simple client configuration for a routed point-to-point VPN"
        option _role            "client"
        option dev                      "tun"
-       option remote           "mypeer.dyndns.org"
+       list   remote           "mypeer.dyndns.org"
        option port             "1194"
        option ifconfig         "10.0.0.2 10.0.0.1"
        option secret           "shared-secret.key"
        option port             "1194"
        option ifconfig         "10.0.0.2 10.0.0.1"
        option secret           "shared-secret.key"
@@ -48,7 +48,7 @@ config openvpn_recipe client_tun
        option _role            "client"
        option client           "1"
        option dev                      "tun"
        option _role            "client"
        option client           "1"
        option dev                      "tun"
-       option remote           "vpnserver.example.org 1194"
+       list   remote           "vpnserver.example.org 1194"
        option ca                       "ca.crt"
        option cert                     "my_client.crt"
        option key                      "my_client.key"
        option ca                       "ca.crt"
        option cert                     "my_client.crt"
        option key                      "my_client.key"
@@ -84,7 +84,7 @@ config openvpn_recipe client_tap_bridge
        option _role            "client"
        option client           "1"
        option dev                      "tap"
        option _role            "client"
        option client           "1"
        option dev                      "tap"
-       option remote           "vpnserver.example.org 1194"
+       list   remote           "vpnserver.example.org 1194"
        option ca                       "ca.crt"
        option cert                     "my_client.crt"
        option key                      "my_client.key"
        option ca                       "ca.crt"
        option cert                     "my_client.crt"
        option key                      "my_client.key"
Lua Configuration Interface (mirror)