From 08f4c51cbbf9a4307375278ab42d31aa65d57645 Mon Sep 17 00:00:00 2001 From: irregulator Date: Wed, 28 May 2014 15:25:21 +0300 Subject: Include obfsproxy descriptors in openvpn.json This is needed so as obfsproxy service is automatically deployed along with eip service. --- provider_base/services/openvpn.json | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'provider_base/services/openvpn.json') diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json index 090afcd6..1ce397d0 100644 --- a/provider_base/services/openvpn.json +++ b/provider_base/services/openvpn.json @@ -26,5 +26,12 @@ "keepalive": "10 30", "tun-ipv6": true } + }, + "obfsproxy": { + "scramblesuit": { + "password": "= base32_secret :scramblesuit_password", + "port" : "= rand_range :scramblesuit_port, 18000..32000" + }, + "gateway_address": "= try{openvpn.gateway_address} || try{nodes_like_me[:services => 'openvpn']['location.name' => location.name].field('openvpn.gateway_address').shuffle.first} || try{nodes_like_me[:services => 'openvpn'].field('openvpn.gateway_address').shuffle.first}" } } -- cgit v1.2.3 From 02963cea38c916256a6c9c959c58ed5a222f1767 Mon Sep 17 00:00:00 2001 From: irregulator Date: Fri, 30 May 2014 04:04:24 +0300 Subject: Attach node's name to scramblesuit password and port secrets This makes every node with obfsproxy service have unique port and password for scramblesuit pluggable transport. --- provider_base/services/openvpn.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'provider_base/services/openvpn.json') diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json index 1ce397d0..c62fa04b 100644 --- a/provider_base/services/openvpn.json +++ b/provider_base/services/openvpn.json @@ -29,8 +29,8 @@ }, "obfsproxy": { "scramblesuit": { - "password": "= base32_secret :scramblesuit_password", - "port" : "= rand_range :scramblesuit_port, 18000..32000" + "password": "= base32_secret('scramblesuit_password_'+name)", + "port" : "= rand_range('scramblesuit_port_'+name, 18000..32000)" }, "gateway_address": "= try{openvpn.gateway_address} || try{nodes_like_me[:services => 'openvpn']['location.name' => location.name].field('openvpn.gateway_address').shuffle.first} || try{nodes_like_me[:services => 'openvpn'].field('openvpn.gateway_address').shuffle.first}" } -- cgit v1.2.3 From 87e997658dae6655aa0a3f2da7dc8737ec9041bc Mon Sep 17 00:00:00 2001 From: irregulator Date: Tue, 3 Jun 2014 21:36:09 +0300 Subject: A vpn node picks its openvpn.gateway as obfsproxy gateway address --- provider_base/services/openvpn.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'provider_base/services/openvpn.json') diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json index c62fa04b..1906244c 100644 --- a/provider_base/services/openvpn.json +++ b/provider_base/services/openvpn.json @@ -32,6 +32,6 @@ "password": "= base32_secret('scramblesuit_password_'+name)", "port" : "= rand_range('scramblesuit_port_'+name, 18000..32000)" }, - "gateway_address": "= try{openvpn.gateway_address} || try{nodes_like_me[:services => 'openvpn']['location.name' => location.name].field('openvpn.gateway_address').shuffle.first} || try{nodes_like_me[:services => 'openvpn'].field('openvpn.gateway_address').shuffle.first}" + "gateway_address": "= openvpn.gateway_address" } } -- cgit v1.2.3