foris-controller-openvpn-module issueshttps://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/issues2020-11-11T12:13:03+01:00https://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/issues/16remove unicode strings as depraceted by utilizing python32020-11-11T12:13:03+01:00Filip Hronremove unicode strings as depraceted by utilizing python3unicode strings are no longer required in pythonunicode strings are no longer required in pythonFilip HronFilip Hronhttps://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/issues/15Return certificate name within get_client_config api call2020-11-11T12:13:03+01:00Martin MatějekReturn certificate name within get_client_config api callWe should also return certificate name so we could use it on frontend when offering download of such file.
Just add `name` to json schema reply:
https://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/blob/maste...We should also return certificate name so we could use it on frontend when offering download of such file.
Just add `name` to json schema reply:
https://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/blob/master/foris_controller_modules/openvpn/schema/openvpn.json#L426
We could reuse or get inspiration by this object:
https://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/blob/master/foris_controller_modules/openvpn/schema/openvpn.json#L84
Dependency for: turris/reforis/reforis-openvpn#17Filip HronFilip Hronhttps://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/issues/17Change topology net30 to topology subnet2021-05-03T13:17:11+02:00Jan BetikChange topology net30 to topology subnetBy default, the OpenVPN server sends to the client the option **topology net30**
```
Nov 6 15:58:45 omnia1 openvpn(turris)[8508]: PUSH: Received control message: 'PUSH_REPLY,route 198.18.2.0 255.255.255.0,route 48.0.0.0 255.255.0.0,route...By default, the OpenVPN server sends to the client the option **topology net30**
```
Nov 6 15:58:45 omnia1 openvpn(turris)[8508]: PUSH: Received control message: 'PUSH_REPLY,route 198.18.2.0 255.255.255.0,route 48.0.0.0 255.255.0.0,route 10.111.111.1,topology net30,ping 10,ping-restart 120,ifconfig 10.111.111.6 10.111.111.5,peer-id 0,cipher AES-256-GCM'
```
This option is deprecated and for legacy clients only (year 2014). By configuring the **topology subnet** directive, it makes the routing table easier to read and simplifies the routing.
```
uci set openvpn.server_turris.topology='subnet'
```
```
Nov 6 16:10:42 omnia1 openvpn(turris)[11847]: PUSH: Received control message: 'PUSH_REPLY,route 198.18.2.0 255.255.255.0,route 48.0.0.0 255.255.0.0,route-gateway 10.111.111.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.111.111.4 255.255.255.0,peer-id 0,cipher AES-256-GCM'
```
[OpenVPN Topology](https://community.openvpn.net/openvpn/wiki/Topology)Filip HronFilip Hronhttps://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/issues/23dh params generation takes awfully long2021-05-26T22:24:34+02:00Michal Hruseckydh params generation takes awfully longdh params should not be generated when user is creating a ca. It takes awfully long. Those are needed on server only and there is AFAIK no security issue if they are large enough (2048 and more) and well known. This issue was solved a lo...dh params should not be generated when user is creating a ca. It takes awfully long. Those are needed on server only and there is AFAIK no security issue if they are large enough (2048 and more) and well known. This issue was solved a long time ago by dhparam package that used shared big dhparams and started generating its own in the background which then replaced the shared one. To avoid blocking openvpn server setup, so people can start using it in few minutes not in half an hour. In foris controller, it should be quite easy to fix, but needs to resurrect dhparams package.
Caused by turris/foris-controller/foris-controller-openvpn-module!4 and turris/os/packages!606, so assigning @kkocihttps://gitlab.nic.cz/turris/foris-controller/foris-controller-openvpn-module/-/issues/13Update push route when LAN subnet changes2021-08-05T22:54:03+02:00Vojtech MyslivecUpdate push route when LAN subnet changesWhen you have OpenVPN server configured and then changed LAN subnet, push route to the LAN segment in the `/etc/config/openvpn` stays with the original LAN subnet.
Changing LAN subnet in the *Foris interface should update OpenVPN push r...When you have OpenVPN server configured and then changed LAN subnet, push route to the LAN segment in the `/etc/config/openvpn` stays with the original LAN subnet.
Changing LAN subnet in the *Foris interface should update OpenVPN push route configuration as well.Foris Controller 2.1.0