-
Notifications
You must be signed in to change notification settings - Fork 301
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #298 from furlongm/deb-rpm
support for deb and rpm generation
- Loading branch information
Showing
19 changed files
with
466 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -46,20 +46,48 @@ jobs: | |
run: | | ||
apt update | ||
export DEBIAN_FRONTEND=noninteractive | ||
apt -y install python3-stdeb dh-python | ||
apt -y install python3-setuptools debhelper dh-exec dh-python git-buildpackage | ||
- name: Fix sh so env vars propogate | ||
run: | | ||
rm /bin/sh | ||
ln -sf /bin/bash /bin/sh | ||
- uses: actions/checkout@v4 | ||
with: | ||
fetch-depth: 0 | ||
ref: master | ||
- name: git fetch --all | ||
run: | | ||
git config --global --add safe.directory /__w/openvpn-monitor/openvpn-monitor | ||
git fetch --all | ||
- name: Get version | ||
run: | | ||
export version=$(echo "${{ github.ref }}" | cut -dv -f2) | ||
echo "version=${version}" >> $GITHUB_ENV | ||
- name: Download upload_url artifact | ||
uses: actions/download-artifact@v4 | ||
with: | ||
name: upload_url.txt | ||
path: /home/runner/work/openvpn-monitor/openvpn-monitor | ||
- name: Get upload_url | ||
run: | | ||
export upload_url=$(cat upload_url.txt) | ||
export upload_url=$(<upload_url.txt) | ||
rm upload_url.txt | ||
echo "upload_url=${upload_url}" >> $GITHUB_ENV | ||
- name: Build deb package | ||
- name: Build deb packages | ||
env: | ||
EMAIL: [email protected] | ||
COMMIT_MSG: | | ||
auto-commit | ||
skip-checks: true | ||
run: | | ||
python3 setup.py --command-packages=stdeb.command bdist_deb | ||
export version=$(echo "${{ github.ref }}" | cut -dv -f2) | ||
echo "${version}" > VERSION.txt | ||
git add VERSION.txt | ||
git diff --quiet && git diff --staged --quiet || git commit -m "${COMMIT_MSG}" | ||
gbp dch --new-version=${version}-1 --release --distribution=stable --spawn-editor=never --commit --commit-msg="${COMMIT_MSG}" | ||
git tag --delete v${version} | ||
git tag v${version} | ||
gbp buildpackage --git-upstream-tree=${{ github.ref }} -uc -us | ||
- name: Get version | ||
run: echo "version=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | ||
- name: Upload deb | ||
|
@@ -75,7 +103,7 @@ jobs: | |
needs: create-release | ||
runs-on: ubuntu-latest | ||
container: | ||
image: centos:8 | ||
image: rockylinux:9 | ||
steps: | ||
- name: Install build dependencies | ||
run: | | ||
|
@@ -92,6 +120,7 @@ jobs: | |
echo "upload_url=${upload_url}" >> $GITHUB_ENV | ||
- name: Build rpm packages | ||
run: | | ||
sed -i -e "s/name='.*/name='python3-openvpn-monitor',/" setup.py | ||
python3 setup.py bdist_rpm | ||
- name: Get version | ||
run: echo "version=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV | ||
|
@@ -102,7 +131,7 @@ jobs: | |
with: | ||
upload_url: ${{ env.upload_url }} | ||
asset_name: ${{ format('python3-openvpn-monitor-{0}-1.noarch.rpm', env.version) }} | ||
asset_path: ${{ format('dist/openvpn-monitor-{0}-1.noarch.rpm', env.version) }} | ||
asset_path: ${{ format('dist/python3-openvpn-monitor-{0}-1.noarch.rpm', env.version) }} | ||
asset_content_type: application/x-rpm | ||
upload-package-to-pypi: | ||
needs: create-release | ||
|
@@ -118,9 +147,6 @@ jobs: | |
python -m pip install --upgrade pip | ||
pip install setuptools wheel twine | ||
- name: Build and publish | ||
env: | ||
TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }} | ||
TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }} | ||
run: | | ||
python setup.py sdist bdist_wheel | ||
twine upload dist/* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
*~ | ||
*.orig | ||
*.rej | ||
tmp* | ||
*.pyc | ||
*.pyo | ||
*~ | ||
#* | ||
.svn | ||
.tox | ||
*.egg-info/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
pycompat |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,272 @@ | ||
# openvpn-monitor | ||
|
||
|
||
## Summary | ||
|
||
openvpn-monitor is a flask app that displays the status of OpenVPN servers, | ||
including all current connections. It uses the OpenVPN management console. | ||
It typically runs on the same host as the OpenVPN server, but it can also | ||
manage remote servers. | ||
|
||
[![](https://raw.githubusercontent.com/furlongm/openvpn-monitor/gh-pages/screenshots/openvpn-monitor.png)](https://raw.githubusercontent.com/furlongm/openvpn-monitor/gh-pages/screenshots/openvpn-monitor.png) | ||
|
||
## Supported Operating Systems | ||
|
||
- Ubuntu 24.04 LTS (noble) | ||
- Debian 11 (bullseye) | ||
- Rocky/Alma/RHEL 9 | ||
|
||
|
||
## Installation Options | ||
|
||
- [source](#source) | ||
- [deb/rpm](#deb--rpm) | ||
- [apache](#apache) | ||
- [docker](#docker) | ||
- [virtualenv + pip + gunicorn](#virtualenv--pip--gunicorn) | ||
- [nginx + uwsgi](#nginx--uwsgi) | ||
|
||
N.B. all Rocky/Alma/RHEL instructions assume the EPEL repository has been installed: | ||
|
||
```shell | ||
dnf -y install epel-release | ||
dnf makecache | ||
``` | ||
|
||
If selinux is enabled the following changes are required for host/port to work: | ||
|
||
``` | ||
dnf -y install policycoreutils-python-utils | ||
semanage port -a -t openvpn_port_t -p tcp 5555 | ||
setsebool -P httpd_can_network_connect 1 | ||
``` | ||
|
||
### Source | ||
|
||
Checkout the code: | ||
|
||
```shell | ||
cd /var/www/html | ||
git clone https://github.com/furlongm/openvpn-monitor | ||
cd openvpn-monitor | ||
yarnpkg --prod --modules-folder openvpn_monitor/static/dist install | ||
python3 -m venv .venv | ||
. venv/bin/activate | ||
pip install -r requirements.txt | ||
``` | ||
|
||
Run the development server in debug mode: | ||
|
||
```shell | ||
flask --app openvpn_monitor/app run --debug | ||
``` | ||
|
||
### deb/rpm | ||
|
||
### Ubuntu 24.04 (noble) | ||
|
||
```shell | ||
curl -sS https://repo.openbytes.ie/openbytes.gpg > /usr/share/keyrings/openbytes.gpg | ||
echo "deb [signed-by=/usr/share/keyrings/openbytes.gpg] https://repo.openbytes.ie/openvpn-monitor/ubuntu noble main" > /etc/apt/sources.list.d/openvpn-monitor.list | ||
apt update | ||
apt -y install python3-openvpn-monitor | ||
``` | ||
|
||
### Debian 12 (bookworm) | ||
|
||
```shell | ||
curl -sS https://repo.openbytes.ie/openbytes.gpg > /usr/share/keyrings/openbytes.gpg | ||
echo "deb [signed-by=/usr/share/keyrings/openbytes.gpg] https://repo.openbytes.ie/openvpn-monitor/debian bookworm main" > /etc/apt/sources.list.d/openvpn-monitor.list | ||
apt update | ||
apt -y install python3-openvpn-monitor | ||
``` | ||
|
||
### CentOS 9 | ||
|
||
This also applies to Rocky/Alma/RHEL | ||
|
||
```shell | ||
curl -sS https://repo.openbytes.ie/openbytes.gpg > /etc/pki/rpm-gpg/RPM-GPG-KEY-openbytes | ||
cat <<EOF >> /etc/yum.repos.d/openvpn-monitor.repo | ||
[openbytes] | ||
name=openbytes | ||
baseurl=https://repo.openbytes.ie/openvpn-monitor/el9 | ||
enabled=1 | ||
gpgcheck=1 | ||
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-openbytes | ||
EOF | ||
update-crypto-policies --set DEFAULT:SHA1 | ||
dnf -y install epel-release | ||
dnf makecache | ||
dnf -y install python3-openvpn-monitor | ||
systemctl restart httpd | ||
``` | ||
|
||
|
||
### apache | ||
|
||
#### Install dependencies and configure apache | ||
|
||
These instructions assume a source checkout to /var/www/html/openvpn-monitor | ||
|
||
##### Debian / Ubuntu | ||
|
||
```shell | ||
apt -y install git apache2 libapache2-mod-wsgi-py3 python3-geoip2 python3-humanize python3-flask python3-semver yarnpkg | ||
a2enmod rewrite wsgi | ||
echo "WSGIScriptAlias /openvpn-monitor /var/www/html/openvpn-monitor/openvpn_monitor/app.py" > /etc/apache2/conf-available/openvpn-monitor.conf | ||
a2enconf openvpn-monitor | ||
service apache2 restart | ||
``` | ||
|
||
##### CentOS / RHEL | ||
|
||
```shell | ||
dnf -y install git httpd mod_wsgi python3-geoip2 python3-humanize python3-flask python3-semver geolite2-city yarnpkg | ||
echo "WSGIScriptAlias /openvpn-monitor /var/www/html/openvpn-monitor/openvpn_monitor/app.py" > /etc/httpd/conf.d/openvpn-monitor.conf | ||
systemctl restart httpd | ||
``` | ||
|
||
See [configuration](#configuration) for details on configuring openvpn-monitor. | ||
|
||
|
||
### docker | ||
|
||
```shell | ||
docker run -p 80:80 ruimarinho/openvpn-monitor | ||
``` | ||
|
||
Read the [docker installation instructions](https://github.com/ruimarinho/docker-openvpn-monitor#usage) | ||
for details on how to generate a dynamic configuration using only environment | ||
variables. | ||
|
||
|
||
### virtualenv + pip + gunicorn | ||
|
||
```shell | ||
apt -y install python3-venv # (debian/ubuntu) | ||
dnf -y install python3 geolite2-city # (rocky/alma/rhel) | ||
mkdir /srv/openvpn-monitor | ||
cd /srv/openvpn-monitor | ||
python3 -m venv .venv | ||
. venv/bin/activate | ||
pip install openvpn-monitor gunicorn | ||
gunicorn openvpn_monitor.app -b 0.0.0.0:80 | ||
``` | ||
|
||
See [configuration](#configuration) for details on configuring openvpn-monitor. | ||
|
||
|
||
### nginx + uwsgi | ||
|
||
#### Install openvpn-monitor | ||
|
||
```shell | ||
apt -y install git gcc nginx uwsgi uwsgi-plugin-python3 python3-dev python3-venv libgeoip-dev yarnpkg # (debian/ubuntu) | ||
dnf -y install git gcc nginx uwsgi uwsgi-plugin-python3 python3-devel geolite2-city yarnpkg # (centos/rhel) | ||
cd /srv | ||
git clone https://github.com/furlongm/openvpn-monitor | ||
cd openvpn-monitor | ||
python3 -m venv .venv | ||
. .venv/bin/activate | ||
pip install -r requirements.txt | ||
yarnpkg --prod --modules-folder openvpn_monitor/static/dist install | ||
``` | ||
|
||
#### uWSGI app config | ||
|
||
Create a uWSGI config: `/etc/uwsgi/apps-available/openvpn-monitor.ini` | ||
|
||
``` | ||
[uwsgi] | ||
base = /srv | ||
project = openvpn-monitor | ||
logto = /var/log/uwsgi/app/%(project).log | ||
plugins = python3 | ||
chdir = %(base)/%(project) | ||
virtualenv = %(chdir)/.venv | ||
module = openvpn-monitor:application | ||
manage-script-name = true | ||
mount=/openvpn-monitor=openvpn_monitor/app.py | ||
``` | ||
|
||
#### Nginx site config | ||
|
||
Create an Nginx config: `/etc/nginx/sites-available/openvpn-monitor` | ||
|
||
``` | ||
server { | ||
listen 80; | ||
location /openvpn-monitor/ { | ||
uwsgi_pass unix:///run/uwsgi/app/openvpn-monitor/socket; | ||
include uwsgi_params; | ||
} | ||
} | ||
``` | ||
|
||
#### Enable uWSGI app and Nginx site, and restart services | ||
|
||
```shell | ||
ln -s /etc/uwsgi/apps-available/openvpn-monitor.ini /etc/uwsgi/apps-enabled/ | ||
systemctl restart uwsgi | ||
ln -s /etc/nginx/sites-available/openvpn-monitor /etc/nginx/sites-enabled/ | ||
rm /etc/nginx/sites-enabled/default | ||
systemctl restart nginx | ||
``` | ||
|
||
See [configuration](#configuration) for details on configuring openvpn-monitor. | ||
|
||
## Configuration | ||
|
||
### Configure OpenVPN | ||
|
||
Add the following line to your OpenVPN server configuration to run the | ||
management console on 127.0.0.1 port 5555, with the management password | ||
in /etc/openvpn/pw-file: | ||
|
||
``` | ||
management 127.0.0.1 5555 pw-file | ||
``` | ||
|
||
To run the management console on a socket, with the management password | ||
in /etc/openvpn/pw-file: | ||
|
||
``` | ||
management socket-name unix pw-file | ||
``` | ||
|
||
Refer to the OpenVPN documentation for further information on how to secure | ||
access to the management interface. | ||
|
||
|
||
### Configure openvpn-monitor | ||
|
||
Copy the example configuration file `openvpn-monitor.conf.example` to the same | ||
directory as app.py or to /etc/openvpn-monitor/openvpn-monitor.conf | ||
|
||
```shell | ||
cp openvpn-monitor.conf.example openvpn_monitor/openvpn-monitor.conf | ||
``` | ||
or | ||
```shell | ||
mkdir -p /etc/openvpn-monitor | ||
cp openvpn-monitor.conf.example /etc/openvpn_monitor/openvpn-monitor.conf | ||
``` | ||
|
||
In this file you can set site name, add a logo, set the default map location | ||
(latitude and longitude). If not set, the default location is New York, USA. | ||
|
||
Once configured, navigate to `http://myipaddress/openvpn-monitor/` | ||
|
||
|
||
## License | ||
|
||
openvpn-monitor is licensed under the GPLv3, a copy of which can be found in | ||
the COPYING file. | ||
|
||
|
||
## Acknowledgements | ||
|
||
Flags are created by Matthias Slovig ([email protected]) and are licensed under | ||
Creative Commons License Deed Attribution-ShareAlike 3.0 Unported | ||
(CC BY-SA 3.0). See http://flags.blogpotato.de/ for more details. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
openvpn-monitor (2.0.0-1) stable; urgency=medium | ||
|
||
[ Marcus Furlong ] | ||
* initial debian release | ||
|
||
-- Marcus Furlong <[email protected]> Sun, 22 Dec 2024 11:54:13 -0500 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
10 |
Oops, something went wrong.