core197: Rewrite the entire OpenVPN server configuration

This also updates all CCD configuration files.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index ed7a68455ebd3aae496625917e31e584e96da235..c9bc14355153f81adab5ee552d0da5ad62c9d8ff 100644 (file)
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -350,32 +350,7 @@ restore_backup() {
        fi
 
        # Update the OpenVPN configuration
-       sed -r \
-               -e "s/^writepid .*/writepid \/var\/run\/openvpn-rw.pid/" \
-               -e "/ncp-disable/d" \
-               -e "s/^cipher (.*)/data-ciphers-fallback \1/" \
-               -e "s/^status .*/status \/var\/run\/openvpn-rw.log/" \
-               -i /var/ipfire/ovpn/server.conf
-
-       # Change to the subnet topology
-       if ! grep -q "topology subnet" /var/ipfire/ovpn/server.conf; then
-               echo "topology subnet" >> /var/ipfire/ovpn/server.conf
-       fi
-
-       # Migrate away from compression
-       if ! grep -q "compress migrate" /var/ipfire/ovpn/server.conf; then
-               echo "compress migrate" >> /var/ipfire/ovpn/server.conf
-       fi
-
-       # Enable the legacy provider (just in case)
-       if ! grep -q "providers legacy default" /var/ipfire/ovpn/server.conf; then
-               echo "providers legacy default" >> /var/ipfire/ovpn/server.conf
-       fi
-
-       # Enable explicit exit notification
-       if ! grep -q "explicit-exit-notify" /var/ipfire/ovpn/server.conf; then
-               echo "explicit-exit-notify" >> /var/ipfire/ovpn/server.conf
-       fi
+       sudo -u nobody /srv/web/ipfire/cgi-bin/ovpnmain.cgi
 
        return 0
 }

diff --git a/config/rootfiles/core/197/update.sh b/config/rootfiles/core/197/update.sh
index dc91494993ab9dc57d098455bd650bc2dcdb1133..0fd5cc6f038e8795353f914a5cb7973984594cf2 100644 (file)
--- a/config/rootfiles/core/197/update.sh
+++ b/config/rootfiles/core/197/update.sh
@@ -123,32 +123,7 @@ ldconfig
 /usr/local/bin/filesystem-cleanup
 
 # Update the OpenVPN configuration
-sed -r \
-       -e "s/^writepid .*/writepid \/var\/run\/openvpn-rw.pid/" \
-       -e "/ncp-disable/d" \
-       -e "s/^cipher (.*)/data-ciphers-fallback \1/" \
-       -e "s/^status .*/status \/var\/run\/openvpn-rw.log/" \
-       -i /var/ipfire/ovpn/server.conf
-
-# Change to the subnet topology
-if ! grep -q "topology subnet" /var/ipfire/ovpn/server.conf; then
-       echo "topology subnet" >> /var/ipfire/ovpn/server.conf
-fi
-
-# Migrate away from compression
-if ! grep -q "compress migrate" /var/ipfire/ovpn/server.conf; then
-       echo "compress migrate" >> /var/ipfire/ovpn/server.conf
-fi
-
-# Enable the legacy provider (just in case)
-if ! grep -q "providers legacy default" /var/ipfire/ovpn/server.conf; then
-       echo "providers legacy default" >> /var/ipfire/ovpn/server.conf
-fi
-
-# Enable explicit exit notification
-if ! grep -q "explicit-exit-notify" /var/ipfire/ovpn/server.conf; then
-       echo "explicit-exit-notify" >> /var/ipfire/ovpn/server.conf
-fi
+sudo -u nobody /srv/web/ipfire/cgi-bin/ovpnmain.cgi
 
 # Apply SSH configuration
 /usr/local/bin/sshctrl