moved crl-verify crl.pem to openvpn config templates

2023-01-19 17:49:17 +03:00 · 2023-01-19 17:49:17 +03:00 · 45016b76e7
commit 45016b76e7
parent 8ea80a616e
8 changed files with 7 additions and 9 deletions
--- a/client/server_scripts/openvpn/configure_container.sh
+++ b/client/server_scripts/openvpn/configure_container.sh
@ -18,6 +18,7 @@ user nobody
 group nobody
 persist-key
 persist-tun
+crl-verify crl.pem
 status openvpn-status.log
 verb 1
 tls-server
--- a/client/server_scripts/openvpn/template.ovpn
+++ b/client/server_scripts/openvpn/template.ovpn
@ -5,6 +5,7 @@ resolv-retry infinite
 nobind
 persist-key
 persist-tun
+crl-verify crl.pem
 $OPENVPN_NCP_DISABLE
 cipher $OPENVPN_CIPHER
 auth $OPENVPN_HASH
--- a/client/server_scripts/openvpn_cloak/configure_container.sh
+++ b/client/server_scripts/openvpn_cloak/configure_container.sh
@ -18,6 +18,7 @@ user nobody
 group nobody
 persist-key
 persist-tun
+crl-verify crl.pem
 status openvpn-status.log
 verb 1
 tls-server
--- a/client/server_scripts/openvpn_cloak/template.ovpn
+++ b/client/server_scripts/openvpn_cloak/template.ovpn
@ -5,6 +5,7 @@ resolv-retry infinite
 nobind
 persist-key
 persist-tun
+crl-verify crl.pem
 $OPENVPN_NCP_DISABLE
 cipher $OPENVPN_CIPHER
 auth $OPENVPN_HASH
--- a/client/server_scripts/openvpn_shadowsocks/configure_container.sh
+++ b/client/server_scripts/openvpn_shadowsocks/configure_container.sh
@ -18,6 +18,7 @@ user nobody
 group nobody
 persist-key
 persist-tun
+crl-verify crl.pem
 status openvpn-status.log
 verb 1
 tls-server
--- a/client/server_scripts/openvpn_shadowsocks/template.ovpn
+++ b/client/server_scripts/openvpn_shadowsocks/template.ovpn
@ -5,6 +5,7 @@ resolv-retry infinite
 nobind
 persist-key
 persist-tun
+crl-verify crl.pem
 $OPENVPN_NCP_DISABLE
 cipher $OPENVPN_CIPHER
 auth $OPENVPN_HASH
--- a/client/ui/pages_logic/ClientInfoLogic.cpp
+++ b/client/ui/pages_logic/ClientInfoLogic.cpp
@ -125,6 +125,7 @@ void ClientInfoLogic::onRevokeOpenVpnCertificateClicked()
    auto error = m_serverController->runScript(credentials, script);
    if (isErrorOccured(error)) {
        set_busyIndicatorIsRunning(false);
+        emit uiLogic()->goToPage(Page::ServerSettings);
        return;
    }

@ -136,14 +137,6 @@ void ClientInfoLogic::onRevokeOpenVpnCertificateClicked()
        return;
    }

-    error = m_serverController->uploadTextFileToContainer(container, credentials, "crl-verify crl.pem\n",
-                                                          protocols::openvpn::serverConfigPath,
-                                                          QSsh::SftpOverwriteMode::SftpAppendToExisting);
-    if (isErrorOccured(error)) {
-        set_busyIndicatorIsRunning(false);
-        return;
-    }
-
    const QJsonObject &containerConfig = m_settings->containerConfig(uiLogic()->selectedServerIndex, container);
    error = m_serverController->startupContainerWorker(credentials, container, containerConfig);
    if (isErrorOccured(error)) {
--- a/docs/openVpnRevokeClientCertificate.plantuml
+++ b/docs/openVpnRevokeClientCertificate.plantuml
@ -12,7 +12,6 @@ cont -> cont: cd /opt/amnezia/openvpn
 cont -> cont: easyrsa revoke openvpnCertId
 cont -> cont: easyrsa gen-crl
 cont -> cont: cp pki/crl.pem crl.pem
-cont -> cont: add crl-verify crl.pem to server.conf
 cont -> ovpn: restart openvpn service
 note right
    In the OpenVpn config