Hugging Face's logo

Spaces:
nikhtu10
/
OpenVPN
Sleeping

App Files Community
OpenVPN / app_full.py
likhonsheikh
Restore full-featured Gradio version with working dependencies
63e3a4d
raw
history blame contribute delete
6.78 kB
 #!/usr/bin/env python3
"""
OpenVPN Configuration Manager for Hugging Face Spaces
Full-featured version with Gradio interface
"""
import gradio as gr
from datetime import datetime
def create_openvpn_config(client_name, server_host, server_port, protocol):
"""Generate OpenVPN client configuration"""
config = f"""# OpenVPN Client Configuration
# Generated: {datetime.now().strftime('%Y-%m-%d %H:%M:%S')}
# Client: {client_name}
client
dev tun
proto {protocol}
remote {server_host} {server_port}
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
auth SHA256
verb 3
# Security recommendations:
# - Use strong ciphers (AES-256-GCM)
# - Enable certificate verification
# - Keep certificates secure
# - Update regularly
"""
return config
def generate_ca_script():
"""Generate CA certificate setup script"""
return """#!/bin/bash
# Certificate Authority Setup Script for OpenVPN
# Run this script on your OpenVPN server
# Generate CA private key
openssl genrsa -out ca.key 4096
# Generate CA certificate
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt \\
-subj "/C=US/ST=State/L=City/O=Organization/CN=CA"
# Generate server certificate
openssl genrsa -out server.key 4096
openssl req -new -key server.key -out server.csr \\
-subj "/C=US/ST=State/L=City/O=Organization/CN=server"
openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt
# Generate client certificate
openssl genrsa -out client.key 4096
openssl req -new -key client.key -out client.csr \\
-subj "/C=US/ST=State/L=City/O=Organization/CN=client"
openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out client.crt
echo "Certificates generated successfully!"
"""
def generate_server_config():
"""Generate server configuration"""
return """# OpenVPN Server Configuration
# Network settings
port 1194
proto udp
dev tun
# Certificates
ca ca.crt
cert server.crt
key server.key
dh dh.pem
# Network configuration
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
# Keepalive
keepalive 10 120
# Compression
comp-lzo
# User permissions
user nobody
group nogroup
# Security
cipher AES-256-GCM
auth SHA256
tls-auth ta.key 0
# Logging
log-append /var/log/openvpn.log
verb 3
"""
def main():
"""Main Gradio interface"""
with gr.Blocks(title="OpenVPN Configuration Manager", theme=gr.themes.Soft()) as demo:
gr.Markdown("# πŸ”’ OpenVPN Configuration Manager")
gr.Markdown("Generate OpenVPN configurations, certificates, and deployment guides")
with gr.Tab("Client Configuration"):
with gr.Row():
with gr.Column():
client_name = gr.Textbox(value="client1", label="Client Name")
server_host = gr.Textbox(value="vpn.example.com", label="Server Host")
server_port = gr.Number(value=1194, label="Port", minimum=1, maximum=65535)
protocol = gr.Radio(["udp", "tcp"], value="udp", label="Protocol")
config_output = gr.Textbox(label="Client Configuration", lines=20, interactive=False)
gr.Button("Generate Client Config", variant="primary").click(
create_openvpn_config,
inputs=[client_name, server_host, server_port, protocol],
outputs=[config_output]
)
with gr.Tab("Server Configuration"):
server_config = gr.Textbox(
label="Server Configuration",
lines=25,
value=generate_server_config(),
interactive=False
)
gr.Markdown("**Save this as `/etc/openvpn/server.conf` on your server**")
with gr.Tab("Certificate Scripts"):
ca_script_btn = gr.Button("Generate CA Script")
ca_script_output = gr.Textbox(
label="CA Setup Script",
lines=20,
value=generate_ca_script(),
interactive=False
)
with gr.Tab("Deployment Guide"):
gr.Markdown("""
## πŸš€ Deployment Instructions
### Server Setup:
1. **Install OpenVPN:**
```bash
sudo apt update
sudo apt install openvpn easy-rsa
```
2. **Generate Certificates:**
- Run the CA script from the "Certificate Scripts" tab
- This creates all necessary certificates
3. **Configure Firewall:**
```bash
sudo ufw allow 1194/udp
sudo ufw allow ssh
```
4. **Start OpenVPN:**
```bash
sudo systemctl start openvpn@server
sudo systemctl enable openvpn@server
```
### Client Setup:
1. **Download Configuration:**
- Use the "Client Configuration" tab to generate your config
- Save as `client.ovpn`
2. **Import to Client:**
- OpenVPN GUI (Windows)
- Tunnelblick (macOS)
- NetworkManager (Linux)
### Security Best Practices:
- βœ… Use strong ciphers (AES-256-GCM)
- βœ… Enable certificate verification
- βœ… Keep private keys secure
- βœ… Regular certificate rotation
- βœ… Monitor logs for suspicious activity
- βœ… Use fail2ban for protection
""")
with gr.Tab("Troubleshooting"):
gr.Markdown("""
## πŸ”§ Common Issues & Solutions
### Connection Problems:
- **No internet access:** Check routing and IP forwarding
- **Cannot connect to server:** Verify firewall and port settings
- **Slow performance:** Try different protocols (UDP vs TCP)
### Certificate Issues:
- **Certificate verification failed:** Check CA certificate matches
- **Key errors:** Ensure all certificate files are present
- **Expired certificates:** Regenerate using CA script
### Performance:
- **Use UDP for better performance**
- **Enable compression for slower connections**
- **Monitor bandwidth usage**
""")
return demo
if __name__ == "__main__":
demo = main()
demo.launch(
server_name="0.0.0.0",
server_port=7860,
show_error=True,
quiet=False
)