Merge 213e1d7b0f0981e68e4181b7c209a984b710eb6e into 39f95e3d2c6e1f0e0fa425d9c45104d607c0e3d9

Small fixes in the README.md Notes
Fix Replication
2026-02-04 01:10:22 -08:00 · 2025-02-19 09:54:26 +05:00 · 2025-02-17 12:04:43 +07:00 · 2023-04-19 19:00:46 -03:00
4 changed files with 30 additions and 18 deletions
--- a/README.md
+++ b/README.md
@ -69,14 +69,14 @@ You can also download and use prebuilt binaries from the [releases](https://gith


 ## Notes
-* this tool uses external calls for `bash`, `coreutils` and `easy-rsa`, thus **Linux systems only are supported** at the moment.
-* to enable additional password authentication provide `--auth` and `--auth.db="/etc/easyrsa/pki/users.db`" flags and install [openvpn-user](https://github.com/pashcovich/openvpn-user/releases/latest). This tool should be available in your `$PATH` and its binary should be executable (`+x`).
-* master-replica synchronization does not work with `--storage.backend=kubernetes.secrets` - **WIP**
-* additional password authentication does not work with `--storage.backend=kubernetes.secrets` -  **WIP**
-* if you use `--ccd` and `--ccd.path="/etc/openvpn/ccd"` abd plan to use static address setup for users do not forget to provide `--ovpn.network="172.16.100.0/24"` with valid openvpn-server network 
-* tested only with Openvpn-server versions 2.4 and 2.5 with only tls-auth mode
-* not tested with EasyRsa version > 3.0.8
-* status of users connections update every 28 second(*no need to ask why =)*)
+* This tool uses external calls for `bash`, `coreutils` and `easy-rsa`, thus **Linux systems only are supported** at the moment.
+* To enable additional password authentication, provide `--auth` and `--auth.db="/etc/easyrsa/pki/users.db`" flags and install [openvpn-user](https://github.com/pashcovich/openvpn-user/releases/latest). This tool should be available in your `$PATH` and its binary should be executable (`+x`).
+* If you use `--ccd` and `--ccd.path="/etc/openvpn/ccd"` and plan to use static address setup for users, do not forget to provide `--ovpn.network="172.16.100.0/24"` with valid openvpn-server network.
+* If you want to pass all the traffic generated by the user, you need to edit `ovpn-admin/templates/client.conf.tpl` and uncomment `redirect-gateway def1`.
+* Tested with openvpn-server versions 2.4 and 2.5 and with tls-auth mode only.
+* Not tested with Easy-RSA version > 3.0.8.
+* Status of user connections update every 28 seconds.
+* Master-replica synchronization and additional password authentication do not work with `--storage.backend=kubernetes.secrets` - **WIP**

 ## Usage

--- a/helpers.go
+++ b/helpers.go
@ -288,6 +288,17 @@ func extractFromArchive(archive, path string) error {
 				log.Fatalf("extractFromArchive: Mkdir() failed: %s", err.Error())
 			}
 		case tar.TypeReg:
+			s := strings.Split(header.Name, "/")
+			dir := ""
+
+			for len(s) > 1 {
+				dir, s = dir+"/"+s[0], s[1:]
+				if _, err := os.Stat(path + dir); os.IsNotExist(err) {
+					if err := os.Mkdir(path+dir, 0755); err != nil {
+						log.Fatalf("extractFromArchive: Mkdir() subdir failed: %s", err.Error())
+					}
+				}
+			}
 			outFile, err := os.Create(path + "/" + header.Name)
 			if err != nil {
 				log.Fatalf("extractFromArchive: Create() failed: %s", err.Error())
--- a/main.go
+++ b/main.go
@ -9,11 +9,7 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
-	"github.com/google/uuid"
 	"io/ioutil"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/client-go/kubernetes"
-	"k8s.io/client-go/rest"
 	"net"
 	"net/http"
 	"os"
@ -25,6 +21,11 @@ import (
 	"time"
 	"unicode/utf8"

+	"github.com/google/uuid"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
+
 	"github.com/gobuffalo/packr/v2"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
@ -520,6 +521,11 @@ func main() {
 		ovpnAdmin.mgmtInterfaces[parts[0]] = parts[len(parts)-1]
 	}

+	if ovpnAdmin.role == "slave" {
+		ovpnAdmin.syncDataFromMaster()
+		go ovpnAdmin.syncWithMaster()
+	}
+
 	ovpnAdmin.mgmtSetTimeFormat()

 	ovpnAdmin.registerMetrics()
@ -547,11 +553,6 @@ func main() {
 		ovpnAdmin.modules = append(ovpnAdmin.modules, "ccd")
 	}

-	if ovpnAdmin.role == "slave" {
-		ovpnAdmin.syncDataFromMaster()
-		go ovpnAdmin.syncWithMaster()
-	}
-
 	ovpnAdmin.templates = packr.New("template", "./templates")

 	staticBox := packr.New("static", "./frontend/static")
--- a/setup/configure.sh
+++ b/setup/configure.sh
@ -15,7 +15,7 @@ if [ -e "$SERVER_CERT" ]; then
 else
  if [ ${OVPN_ROLE:-"master"} = "slave" ]; then
    echo "Waiting for initial sync data from master"
-    while [ $(wget -q localhost/api/sync/last/try -O - | wc -m) -lt 1 ]
+    while [ $(wget -q localhost:${OVPN_LISTEN_PORT:-8080}/api/sync/last/try -O - | wc -m) -lt 1 ]
    do
      sleep 5
    done
Author	SHA1	Message	Date
Pmoranga	371ce54ca6	Merge 213e1d7b0f0981e68e4181b7c209a984b710eb6e into 39f95e3d2c6e1f0e0fa425d9c45104d607c0e3d9	2025-02-19 09:54:26 +05:00
Dmitry Shurupov	39f95e3d2c	Small fixes in the README.md Notes	2025-02-17 12:04:43 +07:00
Pmoranga	213e1d7b0f	Fix Replication Fixes issue when set to `slave` mode, also fix creation of subdirectories from the assets received and fix probe port when waiting to slave process to finish.	2023-04-19 19:00:46 -03:00