gateway delete + certificate revocation implemented
This commit is contained in:
parent
43790ef31c
commit
cbac72e1e9
21
main.py
21
main.py
|
@ -165,6 +165,27 @@ def get_gateway_config(fqdn):
|
||||||
|
|
||||||
return Response(render_template('config.ovpn', ca=ca, cert=cert, key=key), mimetype='text/plain')
|
return Response(render_template('config.ovpn', ca=ca, cert=cert, key=key), mimetype='text/plain')
|
||||||
|
|
||||||
|
@app.route('/gateway/<fqdn>', methods=['DELETE'])
|
||||||
|
def delete_gateway(fqdn):
|
||||||
|
# TODO sanity check for this parameter! Possible system command injection
|
||||||
|
db = sqlite3.connect(DATABASE)
|
||||||
|
cu = db.cursor()
|
||||||
|
cu.execute('DELETE FROM gateway AS g WHERE g.name = ?', [str(fqdn,)])
|
||||||
|
|
||||||
|
try:
|
||||||
|
r = os.system('easyrsa revoke {}'.format(fqdn))
|
||||||
|
if r != 0:
|
||||||
|
raise Ex(500, 'exit: {} cannot revoke'.format(r))
|
||||||
|
except Ex as e:
|
||||||
|
return jsonify({'status': 'error', 'message': str(e)}), e.getCode()
|
||||||
|
|
||||||
|
db.commit()
|
||||||
|
cu.close()
|
||||||
|
db.close()
|
||||||
|
|
||||||
|
return jsonify({'status': 'ok'})
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
app.run(host="::", port=5000, debug=True)
|
app.run(host="::", port=5000, debug=True)
|
||||||
|
|
||||||
|
|
|
@ -39,7 +39,7 @@ proto udp6
|
||||||
# The hostname/IP and port of the server.
|
# The hostname/IP and port of the server.
|
||||||
# You can have multiple remote entries
|
# You can have multiple remote entries
|
||||||
# to load balance between the servers.
|
# to load balance between the servers.
|
||||||
remote vpntest.andromeda.golem.linux.it 6666
|
remote vpn.golem.linux.it 6666
|
||||||
|
|
||||||
# Choose a random host from the remote
|
# Choose a random host from the remote
|
||||||
# list for load-balancing. Otherwise
|
# list for load-balancing. Otherwise
|
||||||
|
|
Loading…
Reference in New Issue