PiVPN support

[alexschomb]

I'd just like to note that there have been breaking changes with https://pivpn.dev that result in OpenRSD not working as expected. First, the new recommended installation method of PiVPN would be WireGuard (which doesn't seem to be supported with OpenRSD yet). Second, the OpenVPN version will be detected, but the webinterface seems to be broken (no profiles available to download after creation, status message seems off).

[mitchellurgero]

@alexschomb Thanks for the information! I'll at this in the next few days and create a new UI for the wireguard portion and fix the openvpn UI as well. I'll keep this open in the mean time.

[alexschomb]

Thanks a lot! Concerning the WireGuard part: It would be awesome if you could implement the QR code generation for OpenRSD as well, that makes adding mobile clients a breeze. It should be as easy as using a PHP qrencode function on the config file. This is the command to generate the qrcode on the commandline:

qrencode -t ansiutf8 < client.conf

You can see the CLI implementation of PiVPN here: https://github.com/pivpn/pivpn/blob/master/scripts/wireguard/qrcodeCONF.sh

Thank you for this great project :)

[mitchellurgero]

I've used wireguard in the past, as for qrcodes - a qrcode is a qrcode, I can generate one from any string of text - difference here is wireguard has on their site an ansi (sprite-like text font to simplify it) encoded qr generator they recommend.

I'll probably implement some PHP-based qr library and might even move away from OpenVPN as Wireguard will eventually become the new standard in open source VPN.

Once I get something in place, can I have you test it out?

[alexschomb]

Sure, I‘ll happily test it and give feedback 👍 Concerning OpenVPN vs WireGuard: I myself am planing on switching my networks to WireGuard as well, but there are still circumstances that require usage of OpenVPN over WireGuard (TCP fallback, clients, integrations) - although that might be our of scope for this project. I read that you implemented a new plugin system (which is great), I‘d favor both systems to be supported as plugins - with focus on WireGuard. So that anyone could implement the OpenVPN plugin by your example afterwards.

[mitchellurgero]

As it stands right now, due to security implications, I am removing official VPN support from OpenRSD. I can potentially make these plugins down the road - however you should use ShellInABox (if you followed the README this is installed and usable from the get-go) to manage pivpn.