cfn-vpn 0.4.2 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Dockerfile +26 -0
- data/cfn-vpn.gemspec +0 -1
- data/lib/cfnvpn/certificates.rb +68 -18
- data/lib/cfnvpn/client.rb +6 -2
- data/lib/cfnvpn/config.rb +4 -3
- data/lib/cfnvpn/embedded.rb +6 -4
- data/lib/cfnvpn/globals.rb +16 -0
- data/lib/cfnvpn/init.rb +6 -4
- data/lib/cfnvpn/modify.rb +2 -1
- data/lib/cfnvpn/revoke.rb +4 -2
- data/lib/cfnvpn/routes.rb +2 -1
- data/lib/cfnvpn/sessions.rb +2 -1
- data/lib/cfnvpn/version.rb +1 -1
- metadata +4 -22
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 55d1d34bbcec9a355d6b73ce1d9156d4eeaed551ae70d1591771a98bcd81f12a
|
4
|
+
data.tar.gz: 0d79be873bd64fed0f9821c6da9b6f8e39ebbb0c1582a3289046277bf8521bdb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 80e02dc0d11a30bcc07c509d5f1c5e11c5a176e54ca3fd9e6f41d26a8cedeefe292ce2a48fe4e94b804ed2b6974374034a36092e163a77afe39a39beb9a7c2a7
|
7
|
+
data.tar.gz: 9fb519ef4dc2ccc28a7d03fb9c341c8107084ddf6aaadfece24b8108a07b10a2142e675b8fe563d097d8c2c868eb0835ebaa6483ebd744a93380b14a76641a7a
|
data/Dockerfile
ADDED
@@ -0,0 +1,26 @@
|
|
1
|
+
FROM ruby:2.7-alpine
|
2
|
+
|
3
|
+
RUN apk add --no-cache easy-rsa git \
|
4
|
+
# Hack until easy-rsa 3.0.7 is released https://github.com/OpenVPN/easy-rsa/issues/261
|
5
|
+
&& sed -i 's/^RANDFILE\s*=\s\$ENV.*/#&/' /usr/share/easy-rsa/openssl-easyrsa.cnf \
|
6
|
+
&& ln -s /usr/share/easy-rsa/easyrsa /usr/bin/
|
7
|
+
|
8
|
+
ENV EASYRSA=/usr/share/easy-rsa
|
9
|
+
ENV EASYRSA_BATCH=yes
|
10
|
+
|
11
|
+
ARG CFNVPN_VERSION="0.5.0"
|
12
|
+
|
13
|
+
COPY . /src
|
14
|
+
|
15
|
+
WORKDIR /src
|
16
|
+
|
17
|
+
RUN gem build cfn-vpn.gemspec \
|
18
|
+
&& gem install cfn-vpn-${CFNVPN_VERSION}.gem \
|
19
|
+
&& rm -rf /src
|
20
|
+
|
21
|
+
RUN addgroup -g 1000 cfnvpn && \
|
22
|
+
adduser -D -u 1000 -G cfnvpn cfnvpn
|
23
|
+
|
24
|
+
USER cfnvpn
|
25
|
+
|
26
|
+
RUN cfndsl -u 9.0.0
|
data/cfn-vpn.gemspec
CHANGED
@@ -38,7 +38,6 @@ Gem::Specification.new do |spec|
|
|
38
38
|
spec.add_dependency "thor", "~> 0.20"
|
39
39
|
spec.add_dependency "terminal-table", '~> 1', '<2'
|
40
40
|
spec.add_dependency 'cfhighlander', '~> 0.9', '<1'
|
41
|
-
spec.add_dependency 'cfndsl', '~> 0.17', '<1'
|
42
41
|
spec.add_dependency 'netaddr', '2.0.4'
|
43
42
|
spec.add_runtime_dependency 'aws-sdk-ec2', '~> 1.95', '<2'
|
44
43
|
spec.add_runtime_dependency 'aws-sdk-acm', '~> 1', '<2'
|
data/lib/cfnvpn/certificates.rb
CHANGED
@@ -1,4 +1,5 @@
|
|
1
1
|
require 'fileutils'
|
2
|
+
require 'mkmf'
|
2
3
|
require 'cfnvpn/acm'
|
3
4
|
require 'cfnvpn/s3'
|
4
5
|
require 'cfnvpn/log'
|
@@ -7,38 +8,76 @@ module CfnVpn
|
|
7
8
|
class Certificates
|
8
9
|
include CfnVpn::Log
|
9
10
|
|
10
|
-
def initialize(build_dir,cfnvpn_name)
|
11
|
+
def initialize(build_dir, cfnvpn_name, easyrsa_local = false)
|
11
12
|
@cfnvpn_name = cfnvpn_name
|
13
|
+
@easyrsa_local = easyrsa_local
|
14
|
+
|
15
|
+
if @easyrsa_local
|
16
|
+
unless which('easyrsa')
|
17
|
+
raise "Unable to find `easyrsa` in your path. Check your path or remove the `--easyrsa-local` flag to run from docker"
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
@build_dir = build_dir
|
12
22
|
@config_dir = "#{build_dir}/config"
|
13
23
|
@cert_dir = "#{build_dir}/certificates"
|
24
|
+
@pki_dir = "#{build_dir}/pki"
|
14
25
|
@docker_cmd = %w(docker run -it --rm)
|
15
|
-
@easyrsa_image = "base2/aws-client-vpn"
|
26
|
+
@easyrsa_image = " base2/aws-client-vpn"
|
16
27
|
FileUtils.mkdir_p(@cert_dir)
|
28
|
+
FileUtils.mkdir_p(@pki_dir)
|
17
29
|
end
|
18
30
|
|
19
31
|
def generate_ca(server_cn,client_cn)
|
20
|
-
@
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
32
|
+
if @easyrsa_local
|
33
|
+
ENV["EASYRSA_REQ_CN"] = server_cn
|
34
|
+
ENV["EASYRSA_PKI"] = @pki_dir
|
35
|
+
system("easyrsa init-pki")
|
36
|
+
system("easyrsa build-ca nopass")
|
37
|
+
system("easyrsa build-server-full server nopass")
|
38
|
+
system("easyrsa build-client-full #{client_cn} nopass")
|
39
|
+
FileUtils.cp(["#{@pki_dir}/ca.crt", "#{@pki_dir}/issued/server.crt", "#{@pki_dir}/private/server.key", "#{@pki_dir}/issued/#{client_cn}.crt", "#{@pki_dir}/private/#{client_cn}.key"], @cert_dir)
|
40
|
+
system("tar czfv #{@cert_dir}/ca.tar.gz -C #{@build_dir} pki/")
|
41
|
+
else
|
42
|
+
@docker_cmd << "-e EASYRSA_REQ_CN=#{server_cn}"
|
43
|
+
@docker_cmd << "-e EASYRSA_CLIENT_CN=#{client_cn}"
|
44
|
+
@docker_cmd << "-v #{@cert_dir}:/easy-rsa/output"
|
45
|
+
@docker_cmd << @easyrsa_image
|
46
|
+
@docker_cmd << "sh -c 'create-ca'"
|
47
|
+
Log.logger.debug `#{@docker_cmd.join(' ')}`
|
48
|
+
end
|
26
49
|
end
|
27
50
|
|
28
51
|
def generate_client(client_cn)
|
29
|
-
@
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
52
|
+
if @easyrsa_local
|
53
|
+
ENV["EASYRSA_PKI"] = @pki_dir
|
54
|
+
system("tar xzfv #{@cert_dir}/ca.tar.gz --directory #{@build_dir}")
|
55
|
+
system("easyrsa build-client-full #{client_cn} nopass")
|
56
|
+
system("tar czfv #{@cert_dir}/#{client_cn}.tar.gz -C #{@build_dir} pki/issued/#{client_cn}.crt pki/private/#{client_cn}.key pki/reqs/#{client_cn}.req")
|
57
|
+
else
|
58
|
+
@docker_cmd << "-e EASYRSA_CLIENT_CN=#{client_cn}"
|
59
|
+
@docker_cmd << "-v #{@cert_dir}:/easy-rsa/output"
|
60
|
+
@docker_cmd << @easyrsa_image
|
61
|
+
@docker_cmd << "sh -c 'create-client'"
|
62
|
+
Log.logger.debug `#{@docker_cmd.join(' ')}`
|
63
|
+
end
|
34
64
|
end
|
35
65
|
|
36
66
|
def revoke_client(client_cn)
|
37
|
-
@
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
67
|
+
if @easyrsa_local
|
68
|
+
ENV["EASYRSA_PKI"] = @pki_dir
|
69
|
+
system("tar xzfv #{@cert_dir}/ca.tar.gz --directory #{@build_dir}")
|
70
|
+
system("tar xzfv #{@cert_dir}/#{client_cn}.tar.gz --directory #{@build_dir}")
|
71
|
+
system("easyrsa revoke #{client_cn}")
|
72
|
+
system("easyrsa gen-crl")
|
73
|
+
FileUtils.cp("#{@pki_dir}/crl.pem", @cert_dir)
|
74
|
+
else
|
75
|
+
@docker_cmd << "-e EASYRSA_CLIENT_CN=#{client_cn}"
|
76
|
+
@docker_cmd << "-v #{@cert_dir}:/easy-rsa/output"
|
77
|
+
@docker_cmd << @easyrsa_image
|
78
|
+
@docker_cmd << "sh -c 'revoke-client'"
|
79
|
+
Log.logger.debug `#{@docker_cmd.join(' ')}`
|
80
|
+
end
|
42
81
|
end
|
43
82
|
|
44
83
|
def upload_certificates(region,cert,type,cn=nil)
|
@@ -65,6 +104,17 @@ module CfnVpn
|
|
65
104
|
`tar xzfv #{tar} -C #{@config_dir} --strip 2`
|
66
105
|
File.delete(tar) if File.exist?(tar)
|
67
106
|
end
|
107
|
+
|
108
|
+
def which(cmd)
|
109
|
+
exts = ENV['PATHEXT'] ? ENV['PATHEXT'].split(';') : ['']
|
110
|
+
ENV['PATH'].split(File::PATH_SEPARATOR).each do |path|
|
111
|
+
exts.each do |ext|
|
112
|
+
exe = File.join(path, "#{cmd}#{ext}")
|
113
|
+
return exe if File.executable?(exe) && !File.directory?(exe)
|
114
|
+
end
|
115
|
+
end
|
116
|
+
nil
|
117
|
+
end
|
68
118
|
|
69
119
|
end
|
70
120
|
end
|
data/lib/cfnvpn/client.rb
CHANGED
@@ -1,6 +1,8 @@
|
|
1
1
|
require 'thor'
|
2
|
+
require 'fileutils'
|
2
3
|
require 'cfnvpn/log'
|
3
4
|
require 'cfnvpn/s3'
|
5
|
+
require 'cfnvpn/globals'
|
4
6
|
|
5
7
|
module CfnVpn
|
6
8
|
class Client < Thor::Group
|
@@ -15,6 +17,7 @@ module CfnVpn
|
|
15
17
|
|
16
18
|
class_option :bucket, desc: 's3 bucket', required: true
|
17
19
|
class_option :client_cn, desc: 'client certificate common name', required: true
|
20
|
+
class_option :easyrsa_local, type: :boolean, default: false, desc: 'run the easyrsa executable from your local rather than from docker'
|
18
21
|
|
19
22
|
def self.source_root
|
20
23
|
File.dirname(__FILE__)
|
@@ -25,15 +28,16 @@ module CfnVpn
|
|
25
28
|
end
|
26
29
|
|
27
30
|
def set_directory
|
28
|
-
@build_dir = "#{
|
31
|
+
@build_dir = "#{CfnVpn.cfnvpn_path}/#{@name}"
|
29
32
|
@cert_dir = "#{@build_dir}/certificates"
|
33
|
+
FileUtils.mkdir_p(@cert_dir)
|
30
34
|
end
|
31
35
|
|
32
36
|
def create_certificate
|
33
37
|
s3 = CfnVpn::S3.new(@options['region'],@options['bucket'],@name)
|
34
38
|
s3.get_object("#{@cert_dir}/ca.tar.gz")
|
35
39
|
Log.logger.info "Generating new client certificate #{@options['client_cn']} using openvpn easy-rsa"
|
36
|
-
cert = CfnVpn::Certificates.new(@build_dir,@name)
|
40
|
+
cert = CfnVpn::Certificates.new(@build_dir,@name,@options['easyrsa_local'])
|
37
41
|
Log.logger.debug cert.generate_client(@options['client_cn'])
|
38
42
|
s3.store_object("#{@cert_dir}/#{@options['client_cn']}.tar.gz")
|
39
43
|
end
|
data/lib/cfnvpn/config.rb
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
require 'cfnvpn/clientvpn'
|
2
2
|
require 'cfnvpn/log'
|
3
|
+
require 'cfnvpn/globals'
|
3
4
|
|
4
5
|
module CfnVpn
|
5
6
|
class Config < Thor::Group
|
@@ -13,7 +14,7 @@ module CfnVpn
|
|
13
14
|
class_option :verbose, desc: 'set log level to debug', type: :boolean
|
14
15
|
class_option :bucket, required: true, desc: 's3 bucket'
|
15
16
|
class_option :client_cn, required: true, desc: "client certificates to download"
|
16
|
-
|
17
|
+
class_option :easyrsa_local, type: :boolean, default: false, desc: 'run the easyrsa executable from your local rather than from docker'
|
17
18
|
class_option :ignore_routes, alias: :i, type: :boolean, desc: "Ignore client VPN pushed routes and set routes in config file"
|
18
19
|
|
19
20
|
def self.source_root
|
@@ -25,7 +26,7 @@ module CfnVpn
|
|
25
26
|
end
|
26
27
|
|
27
28
|
def create_config_directory
|
28
|
-
@build_dir = "#{
|
29
|
+
@build_dir = "#{CfnVpn.cfnvpn_path}/#{@name}"
|
29
30
|
@config_dir = "#{@build_dir}/config"
|
30
31
|
Log.logger.debug("Creating config directory #{@config_dir}")
|
31
32
|
FileUtils.mkdir_p(@config_dir)
|
@@ -48,7 +49,7 @@ module CfnVpn
|
|
48
49
|
Log.logger.info "Downloading certificates for #{@options['client_cn']} to #{@config_dir}"
|
49
50
|
s3 = CfnVpn::S3.new(@options['region'],@options['bucket'],@name)
|
50
51
|
s3.get_object("#{@config_dir}/#{@options['client_cn']}.tar.gz")
|
51
|
-
cert = CfnVpn::Certificates.new(@build_dir,@name)
|
52
|
+
cert = CfnVpn::Certificates.new(@build_dir,@name,@options['easyrsa_local'])
|
52
53
|
Log.logger.debug cert.extract_certificate(@options['client_cn'])
|
53
54
|
end
|
54
55
|
end
|
data/lib/cfnvpn/embedded.rb
CHANGED
@@ -1,5 +1,6 @@
|
|
1
1
|
require 'cfnvpn/log'
|
2
2
|
require 'cfnvpn/s3'
|
3
|
+
require 'cfnvpn/globals'
|
3
4
|
|
4
5
|
module CfnVpn
|
5
6
|
class Embedded < Thor::Group
|
@@ -13,7 +14,8 @@ module CfnVpn
|
|
13
14
|
class_option :verbose, desc: 'set log level to debug', type: :boolean
|
14
15
|
|
15
16
|
class_option :bucket, required: true, desc: 'S3 bucket'
|
16
|
-
class_option :client_cn, required: true, desc: 'Client certificates to download'
|
17
|
+
class_option :client_cn, required: true, default: false, desc: 'Client certificates to download'
|
18
|
+
class_option :easyrsa_local, type: :boolean, default: false, desc: 'run the easyrsa executable from your local rather than from docker'
|
17
19
|
class_option :ignore_routes, alias: :i, type: :boolean, desc: 'Ignore client VPN pushed routes and set routes in config file'
|
18
20
|
|
19
21
|
def self.source_root
|
@@ -25,7 +27,7 @@ module CfnVpn
|
|
25
27
|
end
|
26
28
|
|
27
29
|
def create_config_directory
|
28
|
-
@build_dir = "#{
|
30
|
+
@build_dir = "#{CfnVpn.cfnvpn_path}/#{@name}"
|
29
31
|
@config_dir = "#{@build_dir}/config"
|
30
32
|
Log.logger.debug("Creating config directory #{@config_dir}")
|
31
33
|
FileUtils.mkdir_p(@config_dir)
|
@@ -41,7 +43,7 @@ module CfnVpn
|
|
41
43
|
Log.logger.info "Downloading certificates for #{@options['client_cn']} to #{@config_dir}"
|
42
44
|
s3 = CfnVpn::S3.new(@options['region'],@options['bucket'],@name)
|
43
45
|
s3.get_object("#{@config_dir}/#{@options['client_cn']}.tar.gz")
|
44
|
-
cert = CfnVpn::Certificates.new(@build_dir,@name)
|
46
|
+
cert = CfnVpn::Certificates.new(@build_dir,@name,@options['easyrsa_local'])
|
45
47
|
Log.logger.debug cert.extract_certificate(@options['client_cn'])
|
46
48
|
end
|
47
49
|
end
|
@@ -74,7 +76,7 @@ module CfnVpn
|
|
74
76
|
end
|
75
77
|
|
76
78
|
def embed_certs
|
77
|
-
cert = CfnVpn::Certificates.new(@build_dir,@name)
|
79
|
+
cert = CfnVpn::Certificates.new(@build_dir,@name,@options['easyrsa_local'])
|
78
80
|
Log.logger.debug cert.extract_certificate(@options['client_cn'])
|
79
81
|
Log.logger.debug "Reading extracted certificate and private key"
|
80
82
|
key = File.read("#{@config_dir}/#{@options['client_cn']}.key")
|
@@ -0,0 +1,16 @@
|
|
1
|
+
module CfnVpn
|
2
|
+
class << self
|
3
|
+
|
4
|
+
# Returns the filepath to the location CfnVpn will use for
|
5
|
+
# storage. Used for certificate generation as well as the
|
6
|
+
# download and upload location. Can be overridden by specifying
|
7
|
+
# a value for the ENV variable
|
8
|
+
# 'CFNVPN_PATH'.
|
9
|
+
#
|
10
|
+
# @return [String]
|
11
|
+
def cfnvpn_path
|
12
|
+
@cfnvpn_path ||= File.expand_path(ENV["CFNVPN_PATH"] || "~/.cfnvpn")
|
13
|
+
end
|
14
|
+
|
15
|
+
end
|
16
|
+
end
|
data/lib/cfnvpn/init.rb
CHANGED
@@ -6,6 +6,7 @@ require 'cfnvpn/cfhighlander'
|
|
6
6
|
require 'cfnvpn/cloudformation'
|
7
7
|
require 'cfnvpn/log'
|
8
8
|
require 'cfnvpn/clientvpn'
|
9
|
+
require 'cfnvpn/globals'
|
9
10
|
|
10
11
|
module CfnVpn
|
11
12
|
class Init < Thor::Group
|
@@ -20,6 +21,7 @@ module CfnVpn
|
|
20
21
|
|
21
22
|
class_option :server_cn, required: true, desc: 'server certificate common name'
|
22
23
|
class_option :client_cn, desc: 'client certificate common name'
|
24
|
+
class_option :easyrsa_local, type: :boolean, default: false, desc: 'run the easyrsa executable from your local rather than from docker'
|
23
25
|
class_option :bucket, required: true, desc: 's3 bucket'
|
24
26
|
|
25
27
|
class_option :subnet_id, required: true, desc: 'subnet id to associate your vpn with'
|
@@ -40,7 +42,7 @@ module CfnVpn
|
|
40
42
|
end
|
41
43
|
|
42
44
|
def create_build_directory
|
43
|
-
@build_dir = "#{
|
45
|
+
@build_dir = "#{CfnVpn.cfnvpn_path}/#{@name}"
|
44
46
|
Log.logger.debug "creating directory #{@build_dir}"
|
45
47
|
FileUtils.mkdir_p(@build_dir)
|
46
48
|
end
|
@@ -69,13 +71,13 @@ module CfnVpn
|
|
69
71
|
# create certificates
|
70
72
|
def generate_server_certificates
|
71
73
|
Log.logger.info "Generating certificates using openvpn easy-rsa"
|
72
|
-
cert = CfnVpn::Certificates.new(@build_dir,@name)
|
74
|
+
cert = CfnVpn::Certificates.new(@build_dir,@name,@options['easyrsa_local'])
|
73
75
|
@client_cn = @options['client_cn'] ? @options['client_cn'] : "client-vpn.#{@options['server_cn']}"
|
74
|
-
|
76
|
+
cert.generate_ca(@options['server_cn'],@client_cn)
|
75
77
|
end
|
76
78
|
|
77
79
|
def upload_certificates
|
78
|
-
cert = CfnVpn::Certificates.new(@build_dir,@name)
|
80
|
+
cert = CfnVpn::Certificates.new(@build_dir,@name,@options['easyrsa_local'])
|
79
81
|
@config['parameters']['ServerCertificateArn'] = cert.upload_certificates(@options['region'],'server','server',@options['server_cn'])
|
80
82
|
@config['parameters']['ClientCertificateArn'] = cert.upload_certificates(@options['region'],@client_cn,'client')
|
81
83
|
s3 = CfnVpn::S3.new(@options['region'],@options['bucket'],@name)
|
data/lib/cfnvpn/modify.rb
CHANGED
@@ -6,6 +6,7 @@ require 'cfnvpn/cfhighlander'
|
|
6
6
|
require 'cfnvpn/cloudformation'
|
7
7
|
require 'cfnvpn/log'
|
8
8
|
require 'cfnvpn/clientvpn'
|
9
|
+
require 'cfnvpn/globals'
|
9
10
|
|
10
11
|
module CfnVpn
|
11
12
|
class Modify < Thor::Group
|
@@ -35,7 +36,7 @@ module CfnVpn
|
|
35
36
|
end
|
36
37
|
|
37
38
|
def create_build_directory
|
38
|
-
@build_dir = "#{
|
39
|
+
@build_dir = "#{CfnVpn.cfnvpn_path}/#{@name}"
|
39
40
|
Log.logger.debug "creating directory #{@build_dir}"
|
40
41
|
FileUtils.mkdir_p(@build_dir)
|
41
42
|
end
|
data/lib/cfnvpn/revoke.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'thor'
|
2
2
|
require 'cfnvpn/log'
|
3
3
|
require 'cfnvpn/s3'
|
4
|
+
require 'cfnvpn/globals'
|
4
5
|
|
5
6
|
module CfnVpn
|
6
7
|
class Revoke < Thor::Group
|
@@ -15,6 +16,7 @@ module CfnVpn
|
|
15
16
|
|
16
17
|
class_option :bucket, desc: 's3 bucket', required: true
|
17
18
|
class_option :client_cn, desc: 'client certificate common name', required: true
|
19
|
+
class_option :easyrsa_local, type: :boolean, default: false, desc: 'run the easyrsa executable from your local rather than from docker'
|
18
20
|
|
19
21
|
def self.source_root
|
20
22
|
File.dirname(__FILE__)
|
@@ -25,12 +27,12 @@ module CfnVpn
|
|
25
27
|
end
|
26
28
|
|
27
29
|
def set_directory
|
28
|
-
@build_dir = "#{
|
30
|
+
@build_dir = "#{CfnVpn.cfnvpn_path}/#{@name}"
|
29
31
|
@cert_dir = "#{@build_dir}/certificates"
|
30
32
|
end
|
31
33
|
|
32
34
|
def revoke_certificate
|
33
|
-
cert = CfnVpn::Certificates.new(@build_dir,@name)
|
35
|
+
cert = CfnVpn::Certificates.new(@build_dir,@name,@options['easyrsa_local'])
|
34
36
|
s3 = CfnVpn::S3.new(@options['region'],@options['bucket'],@name)
|
35
37
|
s3.get_object("#{@cert_dir}/ca.tar.gz")
|
36
38
|
s3.get_object("#{@cert_dir}/#{@options['client_cn']}.tar.gz")
|
data/lib/cfnvpn/routes.rb
CHANGED
@@ -1,6 +1,7 @@
|
|
1
1
|
require 'thor'
|
2
2
|
require 'cfnvpn/log'
|
3
3
|
require 'cfnvpn/s3'
|
4
|
+
require 'cfnvpn/globals'
|
4
5
|
|
5
6
|
module CfnVpn
|
6
7
|
class Routes < Thor::Group
|
@@ -26,7 +27,7 @@ module CfnVpn
|
|
26
27
|
end
|
27
28
|
|
28
29
|
def set_directory
|
29
|
-
@build_dir = "#{
|
30
|
+
@build_dir = "#{CfnVpn.cfnvpn_path}/#{@name}"
|
30
31
|
end
|
31
32
|
|
32
33
|
def add_route
|
data/lib/cfnvpn/sessions.rb
CHANGED
@@ -2,6 +2,7 @@ require 'thor'
|
|
2
2
|
require 'terminal-table'
|
3
3
|
require 'cfnvpn/log'
|
4
4
|
require 'cfnvpn/clientvpn'
|
5
|
+
require 'cfnvpn/globals'
|
5
6
|
|
6
7
|
module CfnVpn
|
7
8
|
class Sessions < Thor::Group
|
@@ -25,7 +26,7 @@ module CfnVpn
|
|
25
26
|
end
|
26
27
|
|
27
28
|
def set_directory
|
28
|
-
@build_dir = "#{
|
29
|
+
@build_dir = "#{CfnVpn.cfnvpn_path}/#{@name}"
|
29
30
|
end
|
30
31
|
|
31
32
|
def get_endpoint
|
data/lib/cfnvpn/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: cfn-vpn
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.5.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Guslington
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-02-
|
11
|
+
date: 2020-02-20 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
@@ -64,26 +64,6 @@ dependencies:
|
|
64
64
|
- - "<"
|
65
65
|
- !ruby/object:Gem::Version
|
66
66
|
version: '1'
|
67
|
-
- !ruby/object:Gem::Dependency
|
68
|
-
name: cfndsl
|
69
|
-
requirement: !ruby/object:Gem::Requirement
|
70
|
-
requirements:
|
71
|
-
- - "~>"
|
72
|
-
- !ruby/object:Gem::Version
|
73
|
-
version: '0.17'
|
74
|
-
- - "<"
|
75
|
-
- !ruby/object:Gem::Version
|
76
|
-
version: '1'
|
77
|
-
type: :runtime
|
78
|
-
prerelease: false
|
79
|
-
version_requirements: !ruby/object:Gem::Requirement
|
80
|
-
requirements:
|
81
|
-
- - "~>"
|
82
|
-
- !ruby/object:Gem::Version
|
83
|
-
version: '0.17'
|
84
|
-
- - "<"
|
85
|
-
- !ruby/object:Gem::Version
|
86
|
-
version: '1'
|
87
67
|
- !ruby/object:Gem::Dependency
|
88
68
|
name: netaddr
|
89
69
|
requirement: !ruby/object:Gem::Requirement
|
@@ -216,6 +196,7 @@ extra_rdoc_files: []
|
|
216
196
|
files:
|
217
197
|
- ".gitignore"
|
218
198
|
- ".travis.yml"
|
199
|
+
- Dockerfile
|
219
200
|
- Gemfile
|
220
201
|
- Gemfile.lock
|
221
202
|
- LICENSE.txt
|
@@ -232,6 +213,7 @@ files:
|
|
232
213
|
- lib/cfnvpn/cloudformation.rb
|
233
214
|
- lib/cfnvpn/config.rb
|
234
215
|
- lib/cfnvpn/embedded.rb
|
216
|
+
- lib/cfnvpn/globals.rb
|
235
217
|
- lib/cfnvpn/init.rb
|
236
218
|
- lib/cfnvpn/log.rb
|
237
219
|
- lib/cfnvpn/modify.rb
|