cfn-vpn 0.5.0 → 0.5.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +15 -0
- data/lib/cfnvpn/cloudformation.rb +3 -3
- data/lib/cfnvpn/modify.rb +9 -9
- data/lib/cfnvpn/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a41e3f9d96119e2dd991397c46dd76a4b2a3512b96019ca0a26882423ffd4d58
|
4
|
+
data.tar.gz: ed90e797f95c1a36cdbc740102bd8f764f1168b3fa13cfb0b30cd76b57d857dd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 739c501d83e59f546eff20f0e6e5f1e4cbe521ee744b469eaa686209738c561c8fc06168354ad110647525e6074919387b8fe46bce6d652d5a52a583d787d0f2
|
7
|
+
data.tar.gz: 7ec851a23a53e3f6d670fde5fd7348fe4f23f3b01c372efb3bc1487682514555a57a9b173f273e46b3808c8878b4589a6350ce7fc6c2471c5c5273139fbb437c
|
data/README.md
CHANGED
@@ -16,11 +16,22 @@ Install `cfn-vpn` gem
|
|
16
16
|
gem install cfn-vpn
|
17
17
|
```
|
18
18
|
|
19
|
+
### easy-rsa
|
20
|
+
|
21
|
+
**Option 1 - Docker**
|
22
|
+
|
19
23
|
Install [docker](https://docs.docker.com/install/)
|
20
24
|
|
21
25
|
Docker is required to generate the certificates required for the client vpn.
|
22
26
|
The gem uses [openvpn/easy-rsa](https://github.com/OpenVPN/easy-rsa) project in [base2/aws-client-vpn](https://hub.docker.com/r/base2/aws-client-vpn) docker image. [repo](https://github.com/base2Services/ciinabox-containers/tree/master/easy-rsa)
|
23
27
|
|
28
|
+
**Option 1 - local**
|
29
|
+
|
30
|
+
If you would rather setup easy-rsa than install docker, you can use the `--easyrsa-local` flag when running the commands to use a local copy of easy-rsa, the binary just needs to be available in the `$PATH`. Install from [openvpn/easy-rsa](https://github.com/OpenVPN/easy-rsa)
|
31
|
+
|
32
|
+
|
33
|
+
### AWS Credentials
|
34
|
+
|
24
35
|
Setup your [AWS credentials](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html) by either setting a profile or exporting them as environment variables.
|
25
36
|
|
26
37
|
```bash
|
@@ -35,6 +46,10 @@ Optionally export the AWS region if not providing `--region` flag
|
|
35
46
|
export AWS_REGION="us-east-1"
|
36
47
|
```
|
37
48
|
|
49
|
+
## Docker Image
|
50
|
+
|
51
|
+
[base2/cfn-vpn](https://hub.docker.com/r/base2/cfn-vpn) docker image for usage in a pipeline which comes pre packaged with all dependencies.
|
52
|
+
|
38
53
|
## Scenarios
|
39
54
|
|
40
55
|
For further AWS documentation please visit https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/scenario.html
|
@@ -41,11 +41,11 @@ module CfnVpn
|
|
41
41
|
|
42
42
|
params.each do |param|
|
43
43
|
if !parameters[param[:parameter_key]].nil?
|
44
|
-
param[
|
45
|
-
param[
|
44
|
+
param[:parameter_value] = parameters[param[:parameter_key]]
|
45
|
+
param[:use_previous_value] = false
|
46
46
|
end
|
47
47
|
end
|
48
|
-
|
48
|
+
|
49
49
|
template_body = File.read(template_path)
|
50
50
|
Log.logger.debug "Creating changeset"
|
51
51
|
change_set = @client.create_change_set({
|
data/lib/cfnvpn/modify.rb
CHANGED
@@ -23,9 +23,9 @@ module CfnVpn
|
|
23
23
|
class_option :cidr, desc: 'cidr from which to assign client IP addresses'
|
24
24
|
class_option :dns_servers, desc: 'DNS Servers to push to clients.'
|
25
25
|
|
26
|
-
class_option :split_tunnel, type: :boolean,
|
27
|
-
class_option :internet_route, type: :boolean,
|
28
|
-
class_option :protocol, type: :string,
|
26
|
+
class_option :split_tunnel, type: :boolean, desc: 'only push routes to the client on the vpn endpoint'
|
27
|
+
class_option :internet_route, type: :boolean, desc: 'create a default route to the internet'
|
28
|
+
class_option :protocol, type: :string, enum: ['udp','tcp'], desc: 'set the protocol for the vpn connections'
|
29
29
|
|
30
30
|
def self.source_root
|
31
31
|
File.dirname(__FILE__)
|
@@ -44,12 +44,12 @@ module CfnVpn
|
|
44
44
|
def initialize_config
|
45
45
|
@config = {}
|
46
46
|
@config['parameters'] = {}
|
47
|
-
@config['parameters']['AssociationSubnetId'] = @options['subnet_id']
|
48
|
-
@config['parameters']['ClientCidrBlock'] = @options['cidr']
|
49
|
-
@config['parameters']['DnsServers'] = @options['dns_servers']
|
50
|
-
@config['parameters']['SplitTunnel'] = @options['split_tunnel'].to_s
|
51
|
-
@config['parameters']['InternetRoute'] = @options['internet_route'].to_s
|
52
|
-
@config['parameters']['Protocol'] = @options['protocol']
|
47
|
+
@config['parameters']['AssociationSubnetId'] = @options['subnet_id'] unless @options['subnet_id'].nil?
|
48
|
+
@config['parameters']['ClientCidrBlock'] = @options['cidr'] unless @options['cidr'].nil?
|
49
|
+
@config['parameters']['DnsServers'] = @options['dns_servers'] unless @options['dns_servers'].nil?
|
50
|
+
@config['parameters']['SplitTunnel'] = @options['split_tunnel'].to_s unless @options['split_tunnel'].nil?
|
51
|
+
@config['parameters']['InternetRoute'] = @options['internet_route'].to_s unless @options['internet_route'].nil?
|
52
|
+
@config['parameters']['Protocol'] = @options['protocol'] unless @options['protocol'].nil?
|
53
53
|
@config['template_version'] = '0.2.0'
|
54
54
|
end
|
55
55
|
|
data/lib/cfnvpn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfn-vpn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.5.
|
4
|
+
version: 0.5.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Guslington
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-05-18 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|