Hugging Face's logo

Spaces:
nikhtu10
/
OpenVPN
Paused

App Files Community
OpenVPN / app_full.py
likhonsheikh
Restore full-featured Gradio version with working dependencies
63e3a4d
raw
history blame
6.78 kB
#!/usr/bin/env python3
"""
OpenVPN Configuration Manager for Hugging Face Spaces
Full-featured version with Gradio interface
"""
import gradio as gr
from datetime import datetime
def create_openvpn_config(client_name, server_host, server_port, protocol):
 """Generate OpenVPN client configuration"""
 config = f"""# OpenVPN Client Configuration
# Generated: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}
# Client: {client_name}
client
dev tun
proto {protocol}
remote {server_host} {server_port}
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
auth SHA256
verb 3
# Security recommendations:
# - Use strong ciphers (AES-256-GCM)
# - Enable certificate verification
# - Keep certificates secure
# - Update regularly
"""
 return config
def generate_ca_script():
 """Generate CA certificate setup script"""
 return """#!/bin/bash
# Certificate Authority Setup Script for OpenVPN
# Run this script on your OpenVPN server
# Generate CA private key
openssl genrsa -out ca.key 4096
# Generate CA certificate
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt \\
 -subj "/C=US/ST=State/L=City/O=Organization/CN=CA"
# Generate server certificate
openssl genrsa -out server.key 4096
openssl req -new -key server.key -out server.csr \\
 -subj "/C=US/ST=State/L=City/O=Organization/CN=server"
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt
# Generate client certificate
openssl genrsa -out client.key 4096
openssl req -new -key client.key -out client.csr \\
 -subj "/C=US/ST=State/L=City/O=Organization/CN=client"
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt
echo "Certificates generated successfully!"
"""
def generate_server_config():
 """Generate server configuration"""
 return """# OpenVPN Server Configuration
# Network settings
port 1194
proto udp
dev tun
# Certificates
ca ca.crt
cert server.crt
key server.key
dh dh.pem
# Network configuration
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
# Keepalive
keepalive 10 120
# Compression
comp-lzo
# User permissions
user nobody
group nogroup
# Security
cipher AES-256-GCM
auth SHA256
tls-auth ta.key 0
# Logging
log-append /var/log/openvpn.log
verb 3
"""
def main():
 """Main Gradio interface"""
with gr.Blocks(title="OpenVPN Configuration Manager", theme=gr.themes.Soft()) as demo:
 gr.Markdown("# πŸ”’ OpenVPN Configuration Manager")
 gr.Markdown("Generate OpenVPN configurations, certificates, and deployment guides")
with gr.Tab("Client Configuration"):
 with gr.Row():
 with gr.Column():
 client_name = gr.Textbox(value="client1", label="Client Name")
 server_host = gr.Textbox(value="vpn.example.com", label="Server Host")
 server_port = gr.Number(value=1194, label="Port", minimum=1, maximum=65535)
 protocol = gr.Radio(["udp", "tcp"], value="udp", label="Protocol")
config_output = gr.Textbox(label="Client Configuration", lines=20, interactive=False)
gr.Button("Generate Client Config", variant="primary").click(
 create_openvpn_config,
 inputs=[client_name, server_host, server_port, protocol],
 outputs=[config_output]
 )
with gr.Tab("Server Configuration"):
 server_config = gr.Textbox(
 label="Server Configuration",
lines=25,
value=generate_server_config(),
 interactive=False
 )
 gr.Markdown("**Save this as `/etc/openvpn/server.conf` on your server**")
with gr.Tab("Certificate Scripts"):
 ca_script_btn = gr.Button("Generate CA Script")
 ca_script_output = gr.Textbox(
 label="CA Setup Script",
lines=20,
value=generate_ca_script(),
 interactive=False
 )
with gr.Tab("Deployment Guide"):
 gr.Markdown("""
 ## πŸš€ Deployment Instructions
### Server Setup:
 1. **Install OpenVPN:**
 ```bash
 sudo apt update
 sudo apt install openvpn easy-rsa
 ```
2. **Generate Certificates:**
 - Run the CA script from the "Certificate Scripts" tab
 - This creates all necessary certificates
3. **Configure Firewall:**
 ```bash
 sudo ufw allow 1194/udp
 sudo ufw allow ssh
 ```
4. **Start OpenVPN:**
 ```bash
 sudo systemctl start openvpn@server
 sudo systemctl enable openvpn@server
 ```
### Client Setup:
 1. **Download Configuration:**
 - Use the "Client Configuration" tab to generate your config
 - Save as `client.ovpn`
2. **Import to Client:**
 - OpenVPN GUI (Windows)
 - Tunnelblick (macOS)
 - NetworkManager (Linux)
### Security Best Practices:
 - βœ… Use strong ciphers (AES-256-GCM)
 - βœ… Enable certificate verification
- βœ… Keep private keys secure
 - βœ… Regular certificate rotation
 - βœ… Monitor logs for suspicious activity
 - βœ… Use fail2ban for protection
 """)
with gr.Tab("Troubleshooting"):
 gr.Markdown("""
 ## πŸ”§ Common Issues & Solutions
### Connection Problems:
 - **No internet access:** Check routing and IP forwarding
 - **Cannot connect to server:** Verify firewall and port settings
 - **Slow performance:** Try different protocols (UDP vs TCP)
### Certificate Issues:
 - **Certificate verification failed:** Check CA certificate matches
 - **Key errors:** Ensure all certificate files are present
 - **Expired certificates:** Regenerate using CA script
### Performance:
 - **Use UDP for better performance**
 - **Enable compression for slower connections**
 - **Monitor bandwidth usage**
 """)
return demo
if __name__ == "__main__":
 demo = main()
 demo.launch(
 server_name="0.0.0.0",
server_port=7860,
show_error=True,
 quiet=False
 )