* [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 8d611ffd0424ba20aac45f63f5bdaa398b4cb557
@ 2025-08-14 10:03 Michael Tremer
0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2025-08-14 10:03 UTC (permalink / raw)
To: ipfire-scm
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".
The branch, master has been updated
via 8d611ffd0424ba20aac45f63f5bdaa398b4cb557 (commit)
via 3e82d9990cbdd4b0f022e16aecec164008926717 (commit)
via 4c0b4194ff24e4ddeb8a1311facfec71d2101a39 (commit)
from 87e1047a08ca522f28807b3fde7a2f2faa75b733 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8d611ffd0424ba20aac45f63f5bdaa398b4cb557
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu Aug 14 11:03:04 2025 +0100
core197: Rewrite the entire OpenVPN server configuration
This also updates all CCD configuration files.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 3e82d9990cbdd4b0f022e16aecec164008926717
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu Aug 14 11:01:23 2025 +0100
ovpnmain.cgi: Add option to rewrite all configuration files
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
commit 4c0b4194ff24e4ddeb8a1311facfec71d2101a39
Author: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu Aug 14 11:01:10 2025 +0100
ovpnmain.cgi: Disable logging warnings
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
-----------------------------------------------------------------------
Summary of changes:
config/backup/backup.pl | 27 +--------------------------
config/rootfiles/core/197/update.sh | 27 +--------------------------
html/cgi-bin/ovpnmain.cgi | 10 ++++++++--
3 files changed, 10 insertions(+), 54 deletions(-)
Difference in files:
diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index ed7a68455..c9bc14355 100644
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -350,32 +350,7 @@ restore_backup() {
fi
# Update the OpenVPN configuration
- sed -r \
- -e "s/^writepid .*/writepid \/var\/run\/openvpn-rw.pid/" \
- -e "/ncp-disable/d" \
- -e "s/^cipher (.*)/data-ciphers-fallback \1/" \
- -e "s/^status .*/status \/var\/run\/openvpn-rw.log/" \
- -i /var/ipfire/ovpn/server.conf
-
- # Change to the subnet topology
- if ! grep -q "topology subnet" /var/ipfire/ovpn/server.conf; then
- echo "topology subnet" >> /var/ipfire/ovpn/server.conf
- fi
-
- # Migrate away from compression
- if ! grep -q "compress migrate" /var/ipfire/ovpn/server.conf; then
- echo "compress migrate" >> /var/ipfire/ovpn/server.conf
- fi
-
- # Enable the legacy provider (just in case)
- if ! grep -q "providers legacy default" /var/ipfire/ovpn/server.conf; then
- echo "providers legacy default" >> /var/ipfire/ovpn/server.conf
- fi
-
- # Enable explicit exit notification
- if ! grep -q "explicit-exit-notify" /var/ipfire/ovpn/server.conf; then
- echo "explicit-exit-notify" >> /var/ipfire/ovpn/server.conf
- fi
+ sudo -u nobody /srv/web/ipfire/cgi-bin/ovpnmain.cgi
return 0
}
diff --git a/config/rootfiles/core/197/update.sh b/config/rootfiles/core/197/update.sh
index dc9149499..0fd5cc6f0 100644
--- a/config/rootfiles/core/197/update.sh
+++ b/config/rootfiles/core/197/update.sh
@@ -123,32 +123,7 @@ ldconfig
/usr/local/bin/filesystem-cleanup
# Update the OpenVPN configuration
-sed -r \
- -e "s/^writepid .*/writepid \/var\/run\/openvpn-rw.pid/" \
- -e "/ncp-disable/d" \
- -e "s/^cipher (.*)/data-ciphers-fallback \1/" \
- -e "s/^status .*/status \/var\/run\/openvpn-rw.log/" \
- -i /var/ipfire/ovpn/server.conf
-
-# Change to the subnet topology
-if ! grep -q "topology subnet" /var/ipfire/ovpn/server.conf; then
- echo "topology subnet" >> /var/ipfire/ovpn/server.conf
-fi
-
-# Migrate away from compression
-if ! grep -q "compress migrate" /var/ipfire/ovpn/server.conf; then
- echo "compress migrate" >> /var/ipfire/ovpn/server.conf
-fi
-
-# Enable the legacy provider (just in case)
-if ! grep -q "providers legacy default" /var/ipfire/ovpn/server.conf; then
- echo "providers legacy default" >> /var/ipfire/ovpn/server.conf
-fi
-
-# Enable explicit exit notification
-if ! grep -q "explicit-exit-notify" /var/ipfire/ovpn/server.conf; then
- echo "explicit-exit-notify" >> /var/ipfire/ovpn/server.conf
-fi
+sudo -u nobody /srv/web/ipfire/cgi-bin/ovpnmain.cgi
# Apply SSH configuration
/usr/local/bin/sshctrl
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 1fe0978c6..83f9fdc02 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -41,8 +41,8 @@ require "${General::swroot}/countries.pl";
require "${General::swroot}/location-functions.pl";
# enable only the following on debugging purpose
-use warnings;
-use CGI::Carp 'fatalsToBrowser';
+#use warnings;
+#use CGI::Carp 'fatalsToBrowser';
my %mainsettings = ();
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
@@ -1001,6 +1001,12 @@ sub openvpn_status($) {
return $status;
}
+# Hook to regenerate the configuration files
+if ($ENV{"REMOTE_ADDR"} eq "") {
+ &writeserverconf();
+ exit(0);
+}
+
###
### Save Advanced options
###
hooks/post-receive
--
IPFire 2.x development tree
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-08-14 10:03 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-08-14 10:03 [git.ipfire.org] IPFire 2.x development tree branch, master, updated. 8d611ffd0424ba20aac45f63f5bdaa398b4cb557 Michael Tremer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox