cfn-vpn 0.4.2 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/build-gem.yml +25 -0
- data/.github/workflows/release-gem.yml +34 -0
- data/.github/workflows/release-image.yml +33 -0
- data/Dockerfile +26 -0
- data/Gemfile.lock +30 -38
- data/README.md +1 -232
- data/cfn-vpn.gemspec +3 -5
- data/docs/README.md +44 -0
- data/docs/certificate-users.md +89 -0
- data/docs/getting-started.md +128 -0
- data/docs/modifying.md +67 -0
- data/docs/routes.md +84 -0
- data/docs/scheduling.md +32 -0
- data/docs/sessions.md +27 -0
- data/lib/cfnvpn.rb +31 -27
- data/lib/cfnvpn/{client.rb → actions/client.rb} +11 -8
- data/lib/cfnvpn/{embedded.rb → actions/embedded.rb} +21 -19
- data/lib/cfnvpn/actions/init.rb +140 -0
- data/lib/cfnvpn/actions/modify.rb +149 -0
- data/lib/cfnvpn/actions/params.rb +73 -0
- data/lib/cfnvpn/{revoke.rb → actions/revoke.rb} +10 -8
- data/lib/cfnvpn/actions/routes.rb +144 -0
- data/lib/cfnvpn/{sessions.rb → actions/sessions.rb} +7 -6
- data/lib/cfnvpn/{share.rb → actions/share.rb} +10 -10
- data/lib/cfnvpn/actions/subnets.rb +78 -0
- data/lib/cfnvpn/certificates.rb +70 -20
- data/lib/cfnvpn/clientvpn.rb +34 -68
- data/lib/cfnvpn/compiler.rb +23 -0
- data/lib/cfnvpn/config.rb +34 -77
- data/lib/cfnvpn/{cloudformation.rb → deployer.rb} +48 -20
- data/lib/cfnvpn/globals.rb +16 -0
- data/lib/cfnvpn/log.rb +26 -26
- data/lib/cfnvpn/s3.rb +4 -4
- data/lib/cfnvpn/string.rb +29 -0
- data/lib/cfnvpn/templates/helper.rb +14 -0
- data/lib/cfnvpn/templates/vpn.rb +353 -0
- data/lib/cfnvpn/version.rb +1 -1
- metadata +56 -42
- data/lib/cfnvpn/cfhighlander.rb +0 -49
- data/lib/cfnvpn/init.rb +0 -107
- data/lib/cfnvpn/modify.rb +0 -102
- data/lib/cfnvpn/routes.rb +0 -83
- data/lib/cfnvpn/templates/cfnvpn.cfhighlander.rb.tt +0 -27
data/lib/cfnvpn/routes.rb
DELETED
|
@@ -1,83 +0,0 @@
|
|
|
1
|
-
require 'thor'
|
|
2
|
-
require 'cfnvpn/log'
|
|
3
|
-
require 'cfnvpn/s3'
|
|
4
|
-
|
|
5
|
-
module CfnVpn
|
|
6
|
-
class Routes < Thor::Group
|
|
7
|
-
include Thor::Actions
|
|
8
|
-
include CfnVpn::Log
|
|
9
|
-
|
|
10
|
-
argument :name
|
|
11
|
-
|
|
12
|
-
class_option :profile, aliases: :p, desc: 'AWS Profile'
|
|
13
|
-
class_option :region, aliases: :r, default: ENV['AWS_REGION'], desc: 'AWS Region'
|
|
14
|
-
class_option :verbose, desc: 'set log level to debug', type: :boolean
|
|
15
|
-
|
|
16
|
-
class_option :add, desc: 'add cidr to route through the client vpn'
|
|
17
|
-
class_option :del, desc: 'delete cidr route from the client vpn'
|
|
18
|
-
class_option :desc, desc: 'description of the route'
|
|
19
|
-
|
|
20
|
-
def self.source_root
|
|
21
|
-
File.dirname(__FILE__)
|
|
22
|
-
end
|
|
23
|
-
|
|
24
|
-
def set_loglevel
|
|
25
|
-
Log.logger.level = Logger::DEBUG if @options['verbose']
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
def set_directory
|
|
29
|
-
@build_dir = "#{ENV['HOME']}/.cfnvpn/#{@name}"
|
|
30
|
-
end
|
|
31
|
-
|
|
32
|
-
def add_route
|
|
33
|
-
if !@options['add'].nil?
|
|
34
|
-
if @options['desc'].nil?
|
|
35
|
-
Log.logger.error "--desc option must be provided if adding a new route"
|
|
36
|
-
exit 1
|
|
37
|
-
end
|
|
38
|
-
|
|
39
|
-
vpn = CfnVpn::ClientVpn.new(@name,@options['region'])
|
|
40
|
-
|
|
41
|
-
if vpn.route_exists?(@options['add'])
|
|
42
|
-
Log.logger.error "route #{@options['add']} already exists in the client vpn"
|
|
43
|
-
exit 1
|
|
44
|
-
end
|
|
45
|
-
|
|
46
|
-
Log.logger.info "Adding new route for #{@options['add']}"
|
|
47
|
-
vpn.add_route(@options['add'],@options['desc'])
|
|
48
|
-
end
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
def del_route
|
|
52
|
-
if !@options['del'].nil?
|
|
53
|
-
vpn = CfnVpn::ClientVpn.new(@name,@options['region'])
|
|
54
|
-
|
|
55
|
-
if !vpn.route_exists?(@options['del'])
|
|
56
|
-
Log.logger.error "route #{@options['del']} doesn't exist in the client vpn"
|
|
57
|
-
exit 1
|
|
58
|
-
end
|
|
59
|
-
delete = yes? "Delete route #{@options['del']}?", :yellow
|
|
60
|
-
if delete
|
|
61
|
-
Log.logger.info "Deleting route for #{@options['del']}"
|
|
62
|
-
vpn.del_route(@options['del'])
|
|
63
|
-
end
|
|
64
|
-
end
|
|
65
|
-
end
|
|
66
|
-
|
|
67
|
-
def get_routes
|
|
68
|
-
vpn = CfnVpn::ClientVpn.new(@name,@options['region'])
|
|
69
|
-
@routes = vpn.get_routes()
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
def display_routes
|
|
73
|
-
rows = @routes.collect do |s|
|
|
74
|
-
[ s.destination_cidr, s.description, s.status.code, s.target_subnet, s.type, s.origin ]
|
|
75
|
-
end
|
|
76
|
-
table = Terminal::Table.new(
|
|
77
|
-
:headings => ['Route', 'Description', 'Status', 'Target', 'Type', 'Origin'],
|
|
78
|
-
:rows => rows)
|
|
79
|
-
puts table
|
|
80
|
-
end
|
|
81
|
-
|
|
82
|
-
end
|
|
83
|
-
end
|
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
CfhighlanderTemplate do
|
|
2
|
-
|
|
3
|
-
Parameters do
|
|
4
|
-
ComponentParam 'EnvironmentName'
|
|
5
|
-
ComponentParam 'AssociationSubnetId'
|
|
6
|
-
ComponentParam 'ClientCidrBlock'
|
|
7
|
-
ComponentParam 'DnsServers'
|
|
8
|
-
ComponentParam 'SplitTunnel'
|
|
9
|
-
ComponentParam 'InternetRoute'
|
|
10
|
-
ComponentParam 'Protocol'
|
|
11
|
-
ComponentParam 'ServerCertificateArn'
|
|
12
|
-
ComponentParam 'ClientCertificateArn'
|
|
13
|
-
end
|
|
14
|
-
|
|
15
|
-
Component template: 'client-vpn@<%= @config['template_version'] %>', name: 'vpn', render: Inline do
|
|
16
|
-
parameter name: 'EnvironmentName', value: Ref('EnvironmentName')
|
|
17
|
-
parameter name: 'AssociationSubnetId', value: Ref('AssociationSubnetId')
|
|
18
|
-
parameter name: 'ClientCidrBlock', value: Ref('ClientCidrBlock')
|
|
19
|
-
parameter name: 'DnsServers', value: Ref('DnsServers')
|
|
20
|
-
parameter name: 'SplitTunnel', value: Ref('SplitTunnel')
|
|
21
|
-
parameter name: 'InternetRoute', value: Ref('InternetRoute')
|
|
22
|
-
parameter name: 'Protocol', value: Ref('Protocol')
|
|
23
|
-
parameter name: 'ServerCertificateArn', value: Ref('ServerCertificateArn')
|
|
24
|
-
parameter name: 'ClientCertificateArn', value: Ref('ClientCertificateArn')
|
|
25
|
-
end
|
|
26
|
-
|
|
27
|
-
end
|