Spaces:
Sleeping
Sleeping
File size: 6,780 Bytes
63e3a4d |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 |
#!/usr/bin/env python3
"""
OpenVPN Configuration Manager for Hugging Face Spaces
Full-featured version with Gradio interface
"""
import gradio as gr
from datetime import datetime
def create_openvpn_config(client_name, server_host, server_port, protocol):
"""Generate OpenVPN client configuration"""
config = f"""# OpenVPN Client Configuration
# Generated: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}
# Client: {client_name}
client
dev tun
proto {protocol}
remote {server_host} {server_port}
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
auth SHA256
verb 3
# Security recommendations:
# - Use strong ciphers (AES-256-GCM)
# - Enable certificate verification
# - Keep certificates secure
# - Update regularly
"""
return config
def generate_ca_script():
"""Generate CA certificate setup script"""
return """#!/bin/bash
# Certificate Authority Setup Script for OpenVPN
# Run this script on your OpenVPN server
# Generate CA private key
openssl genrsa -out ca.key 4096
# Generate CA certificate
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt \\
-subj "/C=US/ST=State/L=City/O=Organization/CN=CA"
# Generate server certificate
openssl genrsa -out server.key 4096
openssl req -new -key server.key -out server.csr \\
-subj "/C=US/ST=State/L=City/O=Organization/CN=server"
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt
# Generate client certificate
openssl genrsa -out client.key 4096
openssl req -new -key client.key -out client.csr \\
-subj "/C=US/ST=State/L=City/O=Organization/CN=client"
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt
echo "Certificates generated successfully!"
"""
def generate_server_config():
"""Generate server configuration"""
return """# OpenVPN Server Configuration
# Network settings
port 1194
proto udp
dev tun
# Certificates
ca ca.crt
cert server.crt
key server.key
dh dh.pem
# Network configuration
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
# Keepalive
keepalive 10 120
# Compression
comp-lzo
# User permissions
user nobody
group nogroup
# Security
cipher AES-256-GCM
auth SHA256
tls-auth ta.key 0
# Logging
log-append /var/log/openvpn.log
verb 3
"""
def main():
"""Main Gradio interface"""
with gr.Blocks(title="OpenVPN Configuration Manager", theme=gr.themes.Soft()) as demo:
gr.Markdown("# π OpenVPN Configuration Manager")
gr.Markdown("Generate OpenVPN configurations, certificates, and deployment guides")
with gr.Tab("Client Configuration"):
with gr.Row():
with gr.Column():
client_name = gr.Textbox(value="client1", label="Client Name")
server_host = gr.Textbox(value="vpn.example.com", label="Server Host")
server_port = gr.Number(value=1194, label="Port", minimum=1, maximum=65535)
protocol = gr.Radio(["udp", "tcp"], value="udp", label="Protocol")
config_output = gr.Textbox(label="Client Configuration", lines=20, interactive=False)
gr.Button("Generate Client Config", variant="primary").click(
create_openvpn_config,
inputs=[client_name, server_host, server_port, protocol],
outputs=[config_output]
)
with gr.Tab("Server Configuration"):
server_config = gr.Textbox(
label="Server Configuration",
lines=25,
value=generate_server_config(),
interactive=False
)
gr.Markdown("**Save this as `/etc/openvpn/server.conf` on your server**")
with gr.Tab("Certificate Scripts"):
ca_script_btn = gr.Button("Generate CA Script")
ca_script_output = gr.Textbox(
label="CA Setup Script",
lines=20,
value=generate_ca_script(),
interactive=False
)
with gr.Tab("Deployment Guide"):
gr.Markdown("""
## π Deployment Instructions
### Server Setup:
1. **Install OpenVPN:**
```bash
sudo apt update
sudo apt install openvpn easy-rsa
```
2. **Generate Certificates:**
- Run the CA script from the "Certificate Scripts" tab
- This creates all necessary certificates
3. **Configure Firewall:**
```bash
sudo ufw allow 1194/udp
sudo ufw allow ssh
```
4. **Start OpenVPN:**
```bash
sudo systemctl start openvpn@server
sudo systemctl enable openvpn@server
```
### Client Setup:
1. **Download Configuration:**
- Use the "Client Configuration" tab to generate your config
- Save as `client.ovpn`
2. **Import to Client:**
- OpenVPN GUI (Windows)
- Tunnelblick (macOS)
- NetworkManager (Linux)
### Security Best Practices:
- β
Use strong ciphers (AES-256-GCM)
- β
Enable certificate verification
- β
Keep private keys secure
- β
Regular certificate rotation
- β
Monitor logs for suspicious activity
- β
Use fail2ban for protection
""")
with gr.Tab("Troubleshooting"):
gr.Markdown("""
## π§ Common Issues & Solutions
### Connection Problems:
- **No internet access:** Check routing and IP forwarding
- **Cannot connect to server:** Verify firewall and port settings
- **Slow performance:** Try different protocols (UDP vs TCP)
### Certificate Issues:
- **Certificate verification failed:** Check CA certificate matches
- **Key errors:** Ensure all certificate files are present
- **Expired certificates:** Regenerate using CA script
### Performance:
- **Use UDP for better performance**
- **Enable compression for slower connections**
- **Monitor bandwidth usage**
""")
return demo
if __name__ == "__main__":
demo = main()
demo.launch(
server_name="0.0.0.0",
server_port=7860,
show_error=True,
quiet=False
) |