Closed TheAlbanian closed 8 months ago
Hi @TheAlbanian,
Thanks for reporting this issue.
In the next release I'll fix template issue and add 3 more custom fields to use with the template.
At the moment, as crappy workaround you can manually take certificates from ./openvpn-server/clients
there are *.ovpn
files which been created during certificates generation, during this process OpenVPN-UI using config.conf
.
hello @d3vilh i have small issue..
i'm try to add some config
auth-user-pass-verify plugins/checkpsw.sh via-env client-cert-not-required username-as-common-name script-security 3 execve
i get this error..
Options error: --auth-user-pass-verify script fails with 'plugins/checkpsw.sh': No such file or directory (errno=2)
Options error: Please correct this error.
Use --help for more information.
i try change many folders. /root/openvpn/plugins/ also in no root folder..
file exist checkpsw.sh need chmod 0755 chmod +x /root/openvpn/checkpsw.sh
honestly first time
i try change many folders.
which openvpn-server docker container do you use?
i try change many folders.
which openvpn-server docker container do you use?
openvpn-aws
i try change many folders.
which openvpn-server docker container do you use?
openvpn-aws
you can put your authentication script in ~/openvpn/
directory of your main OS and add into ~/openvpn/config/server.conf
this line: auth-user-pass-verify /opt/app/checkpsw.sh via-env
then restart server and it should works fine.
auth-user-pass-verify /opt/app/checkpsw.sh via-env
OK, I see 2 ways to fix this:
Put file in the /root/openvpn/config/checkpsw.sh
and update server.conf
with this line: auth-user-pass-verify /etc/openvpn/config/checkpsw.sh via-env
update docker-compose volumes configuration with your script (last line in config below):
~/openvpn $ cat docker-compose.yml
---
version: "3.5"
services:
openvpn:
container_name: openvpn
build: ./openvpn-docker
privileged: true
ports:
- "1194:1194/udp"
environment:
TRUST_SUB: 10.0.70.0/24
GUEST_SUB: 10.0.71.0/24
HOME_SUB: 192.168.0.0/24
volumes:
- ./pki:/etc/openvpn/pki
- ./clients:/etc/openvpn/clients
- ./config:/etc/openvpn/config
- ./staticclients:/etc/openvpn/staticclients
- ./log:/var/log/openvpn
- ./fw-rules.sh:/opt/app/fw-rules.sh
- ./checkpsw.sh:/opt/app/checkpsw.sh
and keep auth-user-pass-verify /opt/app/checkpsw.sh via-env
in server.conf
.
You have to restart container to apply the change:
cd ~openvpn
docker-compose up -d
BTW, I'll add checkpsw.sh
dummy file to be passed via volume in next release into /opt/app/checkpsw.sh
done... i'm sorry bro i dont know in dacker need mount volume points
@d3vilh What do you think to add a. Radius plugin connected in openvpn-ui database? https://github.com/rakasatria/ovpn-radius
@d3vilh What do you think to add a. Radius plugin connected in openvpn-ui database? https://github.com/rakasatria/ovpn-radius
I'll include 2FA based on oath-tool in release 0.9.3
which will be out later this week.
Radius can be in the roadmap as well.
@d3vilh What do you think to add a. Radius plugin connected in openvpn-ui database? https://github.com/rakasatria/ovpn-radius
I'll include 2FA based on oath-tool in release
0.9.3
which will be out later this week. Radius can be in the roadmap as well.
i have build 0.9.3 i'm try to connect by radius no get success .. from .OVPN i see same Classic Auth...
i think by radius username/ password [-----BEGIN ENCRYPTED PRIVATE KEY----- ] no need be included.
example.... like surfshark
example certs files https://my.surfshark.com/vpn/api/v1/server/configurations
only auth-user-pass ... user/pass
@d3vilh i hope give this. is very Nice.
@d3vilh What do you think to add a. Radius plugin connected in openvpn-ui database? https://github.com/rakasatria/ovpn-radius
I'll include 2FA based on oath-tool in release
0.9.3
which will be out later this week. Radius can be in the roadmap as well.i have build 0.9.3 i'm try to connect by radius no get success .. from .OVPN i see same Classic Auth...
i think by radius username/ password [-----BEGIN ENCRYPTED PRIVATE KEY----- ] no need be included.
example.... like surfshark
example certs files https://my.surfshark.com/vpn/api/v1/server/configurations
only auth-user-pass ... user/pass
yes, I just add MFA in the 0.9.3 for the Radius authentication we need to have Radius server I tested @rakasatira plugin, its cool and be good functionality hike for OpenVPN UI. But this will take even more time, because it demands the Radius server itself and standalone sqlite database. There are lot of options for integration - code plugins functionality and add openvpn-radius as a plugin itself via API or merge it inside of OpenVPN-UI itself (don't like this option), we can have it running in separate container, etc.
I justness to live with it and decide regarding architectural design and all the efforts I can spend on it.
I'm also running into issues where when I make changes on the openvpn client page, it doesn't appear to be getting set anywhere.
I am trying to comment out the #redirect-gateway def1
and it shows as commented on the "view" and the config page, but when I create a user, it is still uncommented.
Also need a way to change the group from nogroup
to nobody
(Do you want me to create a separate issue with these problems?)
I'm also running into issues where when I make changes on the openvpn client page, it doesn't appear to be getting set anywhere. I am trying to comment out the
#redirect-gateway def1
and it shows as commented on the "view" and the config page, but when I create a user, it is still uncommented.Also need a way to change the group from
nogroup
tonobody
(Do you want me to create a separate issue with these problems?)
Thanks for the reporting, I'll focus on testing and bug fix tomorrow, no new issue is necessary.
I drop the client template editing option via the editor in the latest push(you still can view, but read only), as it is contradicts with the design. That is why I'll include all the client config options to be editable with the main template.
hello i want from template 2 extra setting in .opvn file. askpass UserAuth.file log /etc/openvpn/openvpn.log
here no option add extra settings
directly from /root/openvpn/config/client.conf dont load the config.
also from panel config no load extra config