summaryrefslogtreecommitdiff
path: root/src/leap/eip/specs.py
blob: 57e7537b906b27d75a4eba94fe0eb35f7c934eeb (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

from __future__ import (unicode_literals)
import os

from leap import __branding
from leap.base import config as baseconfig

# XXX move provider stuff to base config

PROVIDER_CA_CERT = __branding.get(
    'provider_ca_file',
    'cacert.pem')

provider_ca_path = lambda domain: str(os.path.join(
    #baseconfig.get_default_provider_path(),
    baseconfig.get_provider_path(domain),
    'keys', 'ca',
    'cacert.pem'
)) if domain else None

default_provider_ca_path = lambda: str(os.path.join(
    baseconfig.get_default_provider_path(),
    'keys', 'ca',
    PROVIDER_CA_CERT
))

PROVIDER_DOMAIN = __branding.get('provider_domain', 'testprovider.example.org')


client_cert_path = lambda domain: unicode(os.path.join(
    baseconfig.get_provider_path(domain),
    'keys', 'client',
    'openvpn.pem'
)) if domain else None

default_client_cert_path = lambda: unicode(os.path.join(
    baseconfig.get_default_provider_path(),
    'keys', 'client',
    'openvpn.pem'
))

eipconfig_spec = {
    'description': 'sample eipconfig',
    'type': 'object',
    'properties': {
        'provider': {
            'type': unicode,
            'default': u"%s" % PROVIDER_DOMAIN,
            'required': True,
        },
        'transport': {
            'type': unicode,
            'default': u"openvpn",
        },
        'openvpn_protocol': {
            'type': unicode,
            'default': u"tcp"
        },
        'openvpn_port': {
            'type': int,
            'default': 80
        },
        'openvpn_ca_certificate': {
            'type': unicode,  # path
            'default': default_provider_ca_path
        },
        'openvpn_client_certificate': {
            'type': unicode,  # path
            'default': default_client_cert_path
        },
        'connect_on_login': {
            'type': bool,
            'default': True
        },
        'block_cleartext_traffic': {
            'type': bool,
            'default': True
        },
        'primary_gateway': {
            'type': unicode,
            'default': u"turkey",
            #'required': True
        },
        'secondary_gateway': {
            'type': unicode,
            'default': u"france"
        },
        'management_password': {
            'type': unicode
        }
    }
}

eipservice_config_spec = {
    'description': 'sample eip service config',
    'type': 'object',
    'properties': {
        'serial': {
            'type': int,
            'required': True,
            'default': 1
        },
        'version': {
            'type': unicode,
            'required': True,
            'default': "0.1.0"
        },
        'capabilities': {
            'type': dict,
            'default': {
                "transport": ["openvpn"],
                "ports": ["80", "53"],
                "protocols": ["udp", "tcp"],
                "static_ips": True,
                "adblock": True}
        },
        'gateways': {
            'type': list,
            'default': [{"country_code": "us",
                        "label": {"en":"west"},
                        "capabilities": {},
                        "hosts": ["1.2.3.4", "1.2.3.5"]}]
        }
    }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-01 17:49:46 +0000