From 7f58926aa23a68efe9a25694f109b8a8e780aa58 Mon Sep 17 00:00:00 2001 From: Kyle Manna Date: Tue, 29 Sep 2015 10:01:01 -0700 Subject: [PATCH 1/3] tests: Add test for paranoid ovpn_copy_server_files * Make sure this works * Related to #73 --- tests/paranoid.sh | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100755 tests/paranoid.sh diff --git a/tests/paranoid.sh b/tests/paranoid.sh new file mode 100755 index 0000000..e9da883 --- /dev/null +++ b/tests/paranoid.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +set -ex + +IMG=${IMG:-kylemanna/openvpn} + +temp=$(mktemp -d) + +pushd $temp + +SERV_IP=$(ip -4 -o addr show scope global | awk '{print $4}' | sed -e 's:/.*::' | head -n1) + +docker run --net=none --rm -t -i -v $PWD:/etc/openvpn $IMG ovpn_genconfig -u udp://$SERV_IP + +docker run --net=none --rm -t -i -v $PWD:/etc/openvpn -e "EASYRSA_BATCH=1" -e "EASYRSA_REQ_CN=Travis-CI Test CA" kylemanna/openvpn ovpn_initpki nopass + +docker run --net=none --rm -t -i -v $PWD:/etc/openvpn $IMG ovpn_copy_server_files + +popd +# Can't delete the temp directory as docker creates some files as root. +# Just let it die with the test instance. +rm -rf $temp || true From f00de363c773e00bf27812e752b60934b1dad3a3 Mon Sep 17 00:00:00 2001 From: Kyle Manna Date: Tue, 29 Sep 2015 11:19:19 -0700 Subject: [PATCH 2/3] ovpn_copy_server_files: Copy files without rsync * Hack around the missing rsync by using tar to preserve the directory structure. * Fixes #73 --- bin/ovpn_copy_server_files | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/bin/ovpn_copy_server_files b/bin/ovpn_copy_server_files index be92f0e..ed10eac 100755 --- a/bin/ovpn_copy_server_files +++ b/bin/ovpn_copy_server_files @@ -2,6 +2,8 @@ ## @licence MIT ## @author Copyright (C) 2015 Robin Schneider +set -e + if [ -z "$OPENVPN" ]; then export OPENVPN="$PWD" fi @@ -10,27 +12,30 @@ if ! source "$OPENVPN/ovpn_env.sh"; then exit 1 fi -TARGET="/tmp/openvpn_${OVPN_CN}" +TARGET="$OPENVPN/server" if [ -n "$1" ]; then TARGET="$1" -else - TARGET="$OPENVPN/server" fi +mkdir -p "${TARGET}" ## Ensure that no other keys then the one for the server is present. rm --recursive --force "$TARGET/pki/private" "$TARGET/pki/issued" -echo " -openvpn.conf -ovpn_env.sh -pki/private/${OVPN_CN}.key -pki/issued/${OVPN_CN}.crt -pki/dh.pem -pki/ta.key -pki/ca.crt -" | rsync --recursive --verbose \ - --files-from - \ - "$OPENVPN/" "$TARGET" +FILES=( + "openvpn.conf" + "ovpn_env.sh" + "pki/private/${OVPN_CN}.key" + "pki/issued/${OVPN_CN}.crt" + "pki/dh.pem" + "pki/ta.key" + "pki/ca.crt" +) + +# rsync isn't available to keep size down +# cp --parents isn't in busybox version +# hack the directory structure with tar +tar cf - -C "${OPENVPN}" "${FILES[@]}" | tar xvf - -C "${TARGET}" + mkdir -p "$TARGET/ccd" echo "Created the openvpn configuration for the server: $TARGET" From 1498795de2fcc77f958a9e1238243c59b9b76291 Mon Sep 17 00:00:00 2001 From: Kyle Manna Date: Tue, 29 Sep 2015 11:41:36 -0700 Subject: [PATCH 3/3] ovpn_copy_server_files: Use short flags with rm * The busybox tool in the alpine distro doesn't support long flags. --- bin/ovpn_copy_server_files | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/ovpn_copy_server_files b/bin/ovpn_copy_server_files index ed10eac..42fa827 100755 --- a/bin/ovpn_copy_server_files +++ b/bin/ovpn_copy_server_files @@ -19,7 +19,7 @@ fi mkdir -p "${TARGET}" ## Ensure that no other keys then the one for the server is present. -rm --recursive --force "$TARGET/pki/private" "$TARGET/pki/issued" +rm -rf "$TARGET/pki/private" "$TARGET/pki/issued" FILES=( "openvpn.conf"