Merge 213e1d7b0f0981e68e4181b7c209a984b710eb6e into 39f95e3d2c6e1f0e0fa425d9c45104d607c0e3d9

Fixes issue when set to `slave` mode, also fix creation of subdirectories
from the assets received and fix probe port when waiting to slave process
to finish.

README.md

@@ -69,14 +69,14 @@ You can also download and use prebuilt binaries from the [releases](https://gith
 
 
 ## Notes
-* this tool uses external calls for `bash`, `coreutils` and `easy-rsa`, thus **Linux systems only are supported** at the moment.
+* This tool uses external calls for `bash`, `coreutils` and `easy-rsa`, thus **Linux systems only are supported** at the moment.
-* to enable additional password authentication provide `--auth` and `--auth.db="/etc/easyrsa/pki/users.db`" flags and install [openvpn-user](https://github.com/pashcovich/openvpn-user/releases/latest). This tool should be available in your `$PATH` and its binary should be executable (`+x`).
+* To enable additional password authentication, provide `--auth` and `--auth.db="/etc/easyrsa/pki/users.db`" flags and install [openvpn-user](https://github.com/pashcovich/openvpn-user/releases/latest). This tool should be available in your `$PATH` and its binary should be executable (`+x`).
-* master-replica synchronization does not work with `--storage.backend=kubernetes.secrets` - **WIP**
+* If you use `--ccd` and `--ccd.path="/etc/openvpn/ccd"` and plan to use static address setup for users, do not forget to provide `--ovpn.network="172.16.100.0/24"` with valid openvpn-server network.
-* additional password authentication does not work with `--storage.backend=kubernetes.secrets` -  **WIP**
+* If you want to pass all the traffic generated by the user, you need to edit `ovpn-admin/templates/client.conf.tpl` and uncomment `redirect-gateway def1`.
-* if you use `--ccd` and `--ccd.path="/etc/openvpn/ccd"` abd plan to use static address setup for users do not forget to provide `--ovpn.network="172.16.100.0/24"` with valid openvpn-server network 
+* Tested with openvpn-server versions 2.4 and 2.5 and with tls-auth mode only.
-* tested only with Openvpn-server versions 2.4 and 2.5 with only tls-auth mode
+* Not tested with Easy-RSA version > 3.0.8.
-* not tested with EasyRsa version > 3.0.8
+* Status of user connections update every 28 seconds.
-* status of users connections update every 28 second(*no need to ask why =)*)
+* Master-replica synchronization and additional password authentication do not work with `--storage.backend=kubernetes.secrets` - **WIP**
 
 ## Usage
 

helpers.go

@@ -288,6 +288,17 @@ func extractFromArchive(archive, path string) error {
 				log.Fatalf("extractFromArchive: Mkdir() failed: %s", err.Error())
 			}
 		case tar.TypeReg:
+			s := strings.Split(header.Name, "/")
+			dir := ""
+
+			for len(s) > 1 {
+				dir, s = dir+"/"+s[0], s[1:]
+				if _, err := os.Stat(path + dir); os.IsNotExist(err) {
+					if err := os.Mkdir(path+dir, 0755); err != nil {
+						log.Fatalf("extractFromArchive: Mkdir() subdir failed: %s", err.Error())
+					}
+				}
+			}
 			outFile, err := os.Create(path + "/" + header.Name)
 			if err != nil {
 				log.Fatalf("extractFromArchive: Create() failed: %s", err.Error())

main.go

@@ -9,11 +9,7 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
-	"github.com/google/uuid"
 	"io/ioutil"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/client-go/kubernetes"
-	"k8s.io/client-go/rest"
 	"net"
 	"net/http"
 	"os"
@@ -25,6 +21,11 @@ import (
 	"time"
 	"unicode/utf8"
 
+	"github.com/google/uuid"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
+
 	"github.com/gobuffalo/packr/v2"
 	"github.com/prometheus/client_golang/prometheus"
 	"github.com/prometheus/client_golang/prometheus/promhttp"
@@ -520,6 +521,11 @@ func main() {
 		ovpnAdmin.mgmtInterfaces[parts[0]] = parts[len(parts)-1]
 	}
 
+	if ovpnAdmin.role == "slave" {
+		ovpnAdmin.syncDataFromMaster()
+		go ovpnAdmin.syncWithMaster()
+	}
+
 	ovpnAdmin.mgmtSetTimeFormat()
 
 	ovpnAdmin.registerMetrics()
@@ -547,11 +553,6 @@ func main() {
 		ovpnAdmin.modules = append(ovpnAdmin.modules, "ccd")
 	}
 
-	if ovpnAdmin.role == "slave" {
-		ovpnAdmin.syncDataFromMaster()
-		go ovpnAdmin.syncWithMaster()
-	}
-
 	ovpnAdmin.templates = packr.New("template", "./templates")
 
 	staticBox := packr.New("static", "./frontend/static")

setup/configure.sh

@@ -15,7 +15,7 @@ if [ -e "$SERVER_CERT" ]; then
 else
   if [ ${OVPN_ROLE:-"master"} = "slave" ]; then
     echo "Waiting for initial sync data from master"
-    while [ $(wget -q localhost/api/sync/last/try -O - | wc -m) -lt 1 ]
+    while [ $(wget -q localhost:${OVPN_LISTEN_PORT:-8080}/api/sync/last/try -O - | wc -m) -lt 1 ]
     do
       sleep 5
     done