Spaces:

likhonsheikh
/

OpenVPN

Sleeping

OpenVPN / app_full.py

likhonsheikh

Restore full-featured Gradio version with working dependencies

63e3a4d 24 days ago

6.78 kB

	#!/usr/bin/env python3
	"""
	OpenVPN Configuration Manager for Hugging Face Spaces
	Full-featured version with Gradio interface
	"""

	import gradio as gr
	from datetime import datetime

	def create_openvpn_config(client_name, server_host, server_port, protocol):
	"""Generate OpenVPN client configuration"""
	config = f"""# OpenVPN Client Configuration
	# Generated: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}
	# Client: {client_name}

	client
	dev tun
	proto {protocol}
	remote {server_host} {server_port}
	resolv-retry infinite
	nobind
	persist-key
	persist-tun
	remote-cert-tls server
	cipher AES-256-GCM
	auth SHA256
	verb 3

	# Security recommendations:
	# - Use strong ciphers (AES-256-GCM)
	# - Enable certificate verification
	# - Keep certificates secure
	# - Update regularly
	"""
	return config

	def generate_ca_script():
	"""Generate CA certificate setup script"""
	return """#!/bin/bash
	# Certificate Authority Setup Script for OpenVPN
	# Run this script on your OpenVPN server

	# Generate CA private key
	openssl genrsa -out ca.key 4096

	# Generate CA certificate
	openssl req -new -x509 -days 3650 -key ca.key -out ca.crt \\
	-subj "/C=US/ST=State/L=City/O=Organization/CN=CA"

	# Generate server certificate
	openssl genrsa -out server.key 4096
	openssl req -new -key server.key -out server.csr \\
	-subj "/C=US/ST=State/L=City/O=Organization/CN=server"
	openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt

	# Generate client certificate
	openssl genrsa -out client.key 4096
	openssl req -new -key client.key -out client.csr \\
	-subj "/C=US/ST=State/L=City/O=Organization/CN=client"
	openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt

	echo "Certificates generated successfully!"
	"""

	def generate_server_config():
	"""Generate server configuration"""
	return """# OpenVPN Server Configuration

	# Network settings
	port 1194
	proto udp
	dev tun

	# Certificates
	ca ca.crt
	cert server.crt
	key server.key
	dh dh.pem

	# Network configuration
	server 10.8.0.0 255.255.255.0
	ifconfig-pool-persist ipp.txt

	# Keepalive
	keepalive 10 120

	# Compression
	comp-lzo

	# User permissions
	user nobody
	group nogroup

	# Security
	cipher AES-256-GCM
	auth SHA256
	tls-auth ta.key 0

	# Logging
	log-append /var/log/openvpn.log
	verb 3
	"""

	def main():
	"""Main Gradio interface"""

	with gr.Blocks(title="OpenVPN Configuration Manager", theme=gr.themes.Soft()) as demo:
	gr.Markdown("# 🔒 OpenVPN Configuration Manager")
	gr.Markdown("Generate OpenVPN configurations, certificates, and deployment guides")

	with gr.Tab("Client Configuration"):
	with gr.Row():
	with gr.Column():
	client_name = gr.Textbox(value="client1", label="Client Name")
	server_host = gr.Textbox(value="vpn.example.com", label="Server Host")
	server_port = gr.Number(value=1194, label="Port", minimum=1, maximum=65535)
	protocol = gr.Radio(["udp", "tcp"], value="udp", label="Protocol")

	config_output = gr.Textbox(label="Client Configuration", lines=20, interactive=False)

	gr.Button("Generate Client Config", variant="primary").click(
	create_openvpn_config,
	inputs=[client_name, server_host, server_port, protocol],
	outputs=[config_output]
	)

	with gr.Tab("Server Configuration"):
	server_config = gr.Textbox(
	label="Server Configuration",
	lines=25,
	value=generate_server_config(),
	interactive=False
	)
	gr.Markdown("Save this as `/etc/openvpn/server.conf` on your server")

	with gr.Tab("Certificate Scripts"):
	ca_script_btn = gr.Button("Generate CA Script")
	ca_script_output = gr.Textbox(
	label="CA Setup Script",
	lines=20,
	value=generate_ca_script(),
	interactive=False
	)

	with gr.Tab("Deployment Guide"):
	gr.Markdown("""
	## 🚀 Deployment Instructions

	### Server Setup:
	1. Install OpenVPN:
	```bash
	sudo apt update
	sudo apt install openvpn easy-rsa
	```

	2. Generate Certificates:
	- Run the CA script from the "Certificate Scripts" tab
	- This creates all necessary certificates

	3. Configure Firewall:
	```bash
	sudo ufw allow 1194/udp
	sudo ufw allow ssh
	```

	4. Start OpenVPN:
	```bash
	sudo systemctl start openvpn@server
	sudo systemctl enable openvpn@server
	```

	### Client Setup:
	1. Download Configuration:
	- Use the "Client Configuration" tab to generate your config
	- Save as `client.ovpn`

	2. Import to Client:
	- OpenVPN GUI (Windows)
	- Tunnelblick (macOS)
	- NetworkManager (Linux)

	### Security Best Practices:
	- ✅ Use strong ciphers (AES-256-GCM)
	- ✅ Enable certificate verification
	- ✅ Keep private keys secure
	- ✅ Regular certificate rotation
	- ✅ Monitor logs for suspicious activity
	- ✅ Use fail2ban for protection
	""")

	with gr.Tab("Troubleshooting"):
	gr.Markdown("""
	## 🔧 Common Issues & Solutions

	### Connection Problems:
	- No internet access: Check routing and IP forwarding
	- Cannot connect to server: Verify firewall and port settings
	- Slow performance: Try different protocols (UDP vs TCP)

	### Certificate Issues:
	- Certificate verification failed: Check CA certificate matches
	- Key errors: Ensure all certificate files are present
	- Expired certificates: Regenerate using CA script

	### Performance:
	- Use UDP for better performance
	- Enable compression for slower connections
	- Monitor bandwidth usage
	""")

	return demo

	if __name__ == "__main__":
	demo = main()
	demo.launch(
	server_name="0.0.0.0",
	server_port=7860,
	show_error=True,
	quiet=False
	)