Commit 66976244 authored by Guillaume Bury's avatar Guillaume Bury

Cleaner handling of arguments

parent 13996eca
...@@ -4,13 +4,15 @@ import upnpigd ...@@ -4,13 +4,15 @@ import upnpigd
VIFIB_NET = "2001:db8:42::/48" VIFIB_NET = "2001:db8:42::/48"
# TODO : - should we use slapos certificates or
# use new ones we create for openvpn ?
def openvpn(*args, **kw): def openvpn(*args, **kw):
args = ['openvpn', args = ['openvpn',
'--dev', 'tap', '--dev', 'tap',
'--ca', ca_path, '--ca', config.ca,
'--cert', cert_path, '--cert', config.cert,
'--key', key_path, '--key', config.key,
'--nobind',
'--persist-tun', '--persist-tun',
'--persist-key', '--persist-key',
'--user' 'nobody', '--user' 'nobody',
...@@ -38,13 +40,12 @@ def server(*args, **kw): ...@@ -38,13 +40,12 @@ def server(*args, **kw):
*args, **kw) *args, **kw)
def client(ip, *args, **kw): def client(ip, *args, **kw):
return openvpn(remote=ip, *args, **kw) return openvpn('--nobind', remote=ip, *args, **kw)
# How do we get our vifib_ip ? # TODO : How do we get our vifib ip ?
def babel(network_ip, network_mask, verbose_level): def babel(network_ip, network_mask, verbose_level):
args = [ '-S', '/var/lib/babeld/state', args = ['-I', 'redistribute local ip %s/%s' % (network_ip, network_mask),
'-I', 'redistribute local ip %s/%s' % (network_ip,network_mask),
'-I', 'redistribute local deny', '-I', 'redistribute local deny',
# Route VIFIB ip adresses # Route VIFIB ip adresses
'-I', 'in ip %s' % VIFIB_NET, '-I', 'in ip %s' % VIFIB_NET,
...@@ -55,28 +56,30 @@ def babel(network_ip, network_mask, verbose_level): ...@@ -55,28 +56,30 @@ def babel(network_ip, network_mask, verbose_level):
# Don't route other addresses # Don't route other addresses
'-I', 'in ip deny', '-I', 'in ip deny',
'-d', str(verbose_level), '-d', str(verbose_level),
'-s' '-s',
] ]
if config.babel_state:
args += '-S', config.babel_state
# TODO : add list of interfaces to use with babel
return Popen(args) return Popen(args)
def main(): def main():
global config
parser = argparse.ArgumentParser( parser = argparse.ArgumentParser(
description="Resilient virtual private network application") description="Resilient virtual private network application")
_ = parser.add_argument _ = parser.add_argument
_('--ca', required=True,
help="Path to ca.crt file")
_('--cert', required=True,
help="Path to host certificate file")
_('--key', required=True,
help="Path to host key file")
_('--dh', required=True, _('--dh', required=True,
help="Path to dh file") help="Path to dh file")
_('--verbose', '-v', action='count', _('--babel-state',
help="Defines the verbose level") help="Path to babeld state-file")
args=parser.parse_args() #_('--verbose', '-v', action='count',
# help="Defines the verbose level")
_('openvpn_args', nargs=argparse.REMAINDER,
help="Common OpenVPN options (e.g. certificates)")
config = parser.parse_args()
# TODO : set the certificates and ker paths, in global variables
# how to setup openvpn connections : # how to setup openvpn connections :
server = server(dev='server', verb=3) server = server(dev='server', verb=3)
pass
if __name__ == "__main__": if __name__ == "__main__":
main() main()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment