search

ThePorgs / Exegol

Fully featured and community-driven hacking environment
https://exegol.readthedocs.io/
GNU General Public License v3.0
1.95k stars 191 forks source link

Add certificate support for openvpn #236

Closed pure-nomad closed 8 hours ago

pure-nomad commented 3 weeks ago

Description

This pull requests adds an additional option --vpn-cert when configuring a container with a vpn. This will append the --ca command to the ovpn cli allowing for a openvpn connection to be made with a certificate authority.

Related issues

I had to manually connect by putting the certificate into the container myself so I decided to make it easier for any of those in the future who have a certificate in their openvpn config pack.

Point of attention

I'm not sure if having ca option in config will overwrite --ca in cli command so I wrote a msg to remove it.

Dramelac commented 1 week ago

Hello @pure-nomad,

First of all, thank you for supporting Exegol with this PR !

The problem of external files isn't just limited to the CA, there may also be the user's certificate and private key, and so on. We didn't want to add too much complexity to exegol by creating as many parameters as possible, so the wrapper implements another logic: with the --vpn parameter, it's possible to specify a folder containing an .ovpn file and other files (configured with a relative path in the .ovpn file), thus covering all these types of needs.

This use-case is explained in the documentation, but it may not be clear enough: https://exegol.readthedocs.io/en/latest/the-exegol-project/python-wrapper.html#openvpn-connection

If you have any suggestions for improving the visibility of this feature, don't hesitate to contact us.

You can try to use this mechanism in your context and let me know if you run into any problems,