search

idlab-discover / easy-openvpn-server

Plug-and-play OpenVPN server which generates server and client config files for you
https://snapcraft.io/easy-openvpn-server
GNU Affero General Public License v3.0
69 stars 9 forks source link

Snap refresh fails on Raspberry Pi #11

Open mgabielk opened 2 years ago

mgabielk commented 2 years ago

Refreshing snaps on Raspberry Pi fails with the following error:

$ sudo snap refresh
error: cannot perform the following tasks:
- Run configure hook of "easy-openvpn-server" snap if present (run hook "configure": 
-----
RUNNING configure hook
INFO: Generating config for vpn daemons.
INFO: CA key already exists, not creating a new one..
Traceback (most recent call last):
  File "/snap/easy-openvpn-server/106/bin/setup.py", line 819, in <module>
    cli() #pylint: disable=E1123,E1120
  File "/snap/easy-openvpn-server/106/lib/python3.6/site-packages/click/core.py", line 1137, in __call__
    return self.main(*args, **kwargs)
  File "/snap/easy-openvpn-server/106/lib/python3.6/site-packages/click/core.py", line 1062, in main
    rv = self.invoke(ctx)
  File "/snap/easy-openvpn-server/106/lib/python3.6/site-packages/click/core.py", line 1668, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/snap/easy-openvpn-server/106/lib/python3.6/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/snap/easy-openvpn-server/106/lib/python3.6/site-packages/click/core.py", line 763, in invoke
    return __callback(*args, **kwargs)
  File "/snap/easy-openvpn-server/106/lib/python3.6/site-packages/click/decorators.py", line 26, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/snap/easy-openvpn-server/106/bin/setup.py", line 745, in setup
    create_crl(ctx.obj["result_dir"])
  File "/snap/easy-openvpn-server/106/bin/setup.py", line 245, in create_crl
    cert_revocation_list = builder.sign(private_key=ca_key,algorithm=hashes.SHA256(),backend=default_backend())
  File "/snap/easy-openvpn-server/106/usr/lib/python3/dist-packages/cryptography/x509/base.py", line 669, in sign
    return backend.create_x509_crl(self, private_key, algorithm)
  File "/snap/easy-openvpn-server/106/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/backend.py", line 890, in create_x509_crl
    self._ffi.NULL, calendar.timegm(builder._next_update.timetuple())
OverflowError: integer 4791619178 does not fit '32-bit int'
-----)
$ uname -a
Linux raspberrypi 5.10.60-v7l+ #1449 SMP Wed Aug 25 15:00:44 BST 2021 armv7l GNU/Linux

$ lsb_release -a
No LSB modules are available.
Distributor ID: Raspbian
Description:    Raspbian GNU/Linux 10 (buster)
Release:    10
Codename:   buster

$ snap info easy-openvpn-server 
name:      easy-openvpn-server
summary:   A dead-simple OpenVPN server.
publisher: Merlijn Sebrechts
store-url: https://snapcraft.io/easy-openvpn-server
contact:   https://github.com/IBCNServices/easy-openvpn-server/issues
license:   Apache-2.0
description: |
  A plug-and-play OpenVPN server that "Just Works" and has secure defaults.

  Install the snap, download the client config and connect!

  * Supports both IPv4 and IPv6 with secure encryption and DDoS protection.
  * Defaults to a fast udp connection. If that is blocked, clients will fall back to a more covert
  tcp connection that mimicks HTTPS.
  * Generates `.ovpn` client config files that work on Linux, Windows, Mac, Android and iOS.

  **Getting Started**

  1. Install the snap on the server.

     `sudo snap install easy-openvpn-server`

  2. Export the client config.

     `sudo easy-openvpn-server.show-client default > default.ovpn`

  3. Import the `.ovpn` config file into the VPN application of your device and connect!

  By default, all the traffic of your device will go over the VPN.

  If you don't want this, run

  `sudo snap set easy-openvpn-server push-default-gateway=False`.

  **Changing the public address**

  The snap will do its best to figure out what the public address of the server is. However, when
  that fails, you can manually set the public address.

  `sudo snap set easy-openvpn-server public-address=example.com`

  **Managing clients**

  The snap automatically creates a client profile and config with the name `default`. However, it's
  recommended to create a separate client profile for each user. This way, you can revoke the client
  profile when that user does not need access to the VPN anymore.

  `sudo easy-openvpn-server add-client alice`

  `sudo easy-openvpn-server show-client alice > alice.ovpn`

  `sudo easy-openvpn-server remove-client alice`

  **Changing ports**

  By default the server runs on port 443/tcp (https) and 1194/udp (OpenVPN). If those ports are
  already used, you can change which ports the server runs on.

  `sudo snap set easy-openvpn-server udp-server.port=1234`

  `sudo snap set easy-openvpn-server tcp-server.port=80`
commands:
  - easy-openvpn-server
  - easy-openvpn-server.openvpn
  - easy-openvpn-server.status
services:
  easy-openvpn-server.tcp-server: simple, enabled, active
  easy-openvpn-server.udp-server: simple, enabled, active
snap-id:      Do4uE6pkNRGc6TF20TxVl6skbjznWSqz
tracking:     latest/candidate
refresh-date: today at 13:19 EET
channels:
  latest/stable:    0.1 2021-09-17 (106) 11MB -
  latest/candidate: 0.1 2021-09-17 (106) 11MB -
  latest/beta:      ↑                         
  latest/edge:      0.1 2021-09-17 (106) 11MB -
installed:          0.1             (69) 13MB -