-
Notifications
You must be signed in to change notification settings - Fork 25
/
config_panel.toml
139 lines (117 loc) · 5.13 KB
/
config_panel.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
version = "1.0"
[main]
name = "Auto-configuration"
[main.vpn]
name = ""
optional = false
[main.vpn.status]
ask = "The status of your VPN is unknown."
type = "alert"
style = "info"
[main.vpn.service_enabled]
ask = "Enable VPN"
type = "boolean"
help = "If disabled, the VPN service will not automatically be started at boot."
[main.vpn.doc]
ask.en = "VPNclient only interfaces with *dedicated, public IP VPNs accepting inbound traffic*, preferably with an associated `.cube` (or `.ovpn/.conf`) configuration file. Checkout the [list of known compatible providers](https://yunohost.org/providers/vpn) for more info."
ask.fr = "VPNclient est prévu pour fonctionner avec des *VPN dédiés et à IP publique qui acceptent le traffic entrant*, et de préférence avec un fichier de configuration `.cube` (ou `.ovpn/.conf`) associé. Consultez [la liste des fournisseurs connus et compatibles](https://yunohost.org/providers/vpn) pour plus d'infos."
type = "alert"
style = "info"
[main.vpn.config_file]
ask = "Configuration file"
type = "file"
accept = [".cube", ".ovpn", ".conf", "application/json", "text/plain"]
help = ".cube file recommended, .ovpn file accepted"
bind = "/etc/openvpn/client.conf"
redact = true
[main.vpn.config_template]
type = "file"
bind = "/etc/openvpn/client.conf.tpl"
redact = true
optional = true
visible = false
[main.vpn.cube_file]
type = "file"
bind = "/etc/openvpn/client.cube"
redact = true
optional = true
visible = false
[main.vpn.ovpn_file]
type = "file"
bind = "/etc/openvpn/client.ovpn"
redact = true
optional = true
visible = false
[main.auth]
name = "Authentication"
optional = true
visible = 'config_file && ((match(config_file,"^\s*ca\s") && ! match(config_file,"^\s*<ca>")) || (match(config_file,"^\s*cert\s") && ! match(config_file,"^\s*<cert>")) || (match(config_file,"^\s*key\s") && ! match(config_file,"^\s*<key>")) || (match(config_file,"^\s*tls-auth\s") && ! match(config_file,"^\s*<tls-auth>")) || match(config_file,"^\s*auth-user-pass(\s.*)?$"))'
[main.auth.crt_server_ca]
ask = "Update Server CA"
type = "file"
bind = "/etc/openvpn/keys/ca-server.crt"
visible = 'config_file && match(config_file,"^\s*ca\s") && ! match(config_file,"^\s*<ca>")'
[main.auth.crt_client]
ask = "Update Client Certificate"
type = "file"
bind = "/etc/openvpn/keys/user.crt"
visible = 'config_file && match(config_file,"^\s*cert\s") && ! match(config_file,"^\s*<cert>")'
[main.auth.crt_client_key]
ask = "Update Client Key"
type = "file"
help = "This file begins with -----BEGIN PRIVATE KEY-----"
bind = "/etc/openvpn/keys/user.key"
visible = 'config_file && match(config_file,"^\s*key\s") && ! match(config_file,"^\s*<key>")'
redact = true
[main.auth.login_user]
ask = "Username"
type = "string"
example = "camille"
pattern.regexp = '^[a-zA-Z0-9_\-\\\.@]+$'
pattern.error = "OpenVPN accept only alphabetic chars and -_\\.@"
visible = 'config_file && match(config_file,"^\s*auth-user-pass\s")'
[main.auth.login_passphrase]
ask = "Password"
type = "password"
visible = 'config_file && match(config_file,"^\s*auth-user-pass(\s.*)?$")'
[main.auth.crt_client_ta]
ask = "TLS Auth shared secret"
type = "file"
example = "ta.key"
help = "Some servers have an additional protection agains Deny of Service attack. If you have no tls-auth key in your ovpn, skip this question."
bind = "/etc/openvpn/keys/user_ta.key"
visible = 'config_file && match(config_file,"^\s*tls-auth\s") && ! match(config_file,"^\s*<tls-auth>")'
redact = true
[advanced]
name = "DNS & IPv6"
[advanced.dns]
name = "DNS"
[advanced.dns.dns_method]
ask = "DNS resolvers"
type = "select"
choices.yunohost = "Default DNS resolvers from YunoHost"
choices.custom = "Use custom DNS resolvers"
[advanced.dns.nameservers]
ask = "Custom DNS resolvers"
type = "tags"
optional = true
visible = "dns_method == 'custom'"
pattern.regexp = "^([0-9.]{7,15}|[0-9a-fA-F:]+)$"
pattern.error = "Not an ip"
[advanced.ipv6]
name = "IPv6"
[advanced.ipv6.ip6_net]
ask = "IPv6 prefix"
type = "string"
optional = true
example = "2001:db8:42::"
pattern.regexp = "^[0-9a-fA-F:]+$"
pattern.error = "Please provide a valid IPv6 Prefix"
[advanced.ipv6.ip6_addr]
ask = "IPv6"
type = "string"
optional = true
example = "2001:db8:42::2"
help = "If no IPv6 address is pushed directly by your VPN provider, you can indicate a specific IP to use here."
pattern.regexp = "^[0-9a-fA-F:]+$"
pattern.error = "Please provide a valid IPv6"