Skip to content
This repository has been archived by the owner on May 19, 2023. It is now read-only.

Commit

Permalink
Fix #12: Build softether from source and rewrite hardcoded radius tim…
Browse files Browse the repository at this point in the history
…eout
  • Loading branch information
cageyv committed Feb 23, 2021
1 parent 49e66f2 commit 8ffe1a3
Show file tree
Hide file tree
Showing 4 changed files with 23 additions and 18 deletions.
2 changes: 1 addition & 1 deletion ami/softether-radius-vpn/scripts/vpnserver
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
#!/bin/sh
# chkconfig: 2345 99 01
# description: SoftEther VPN Server
DAEMON=/usr/local/vpnserver/vpnserver
DAEMON=/usr/vpnserver/vpnserver
LOCK=/var/lock/subsys/vpnserver
test -x $DAEMON || exit 0
case "$1" in
Expand Down
25 changes: 15 additions & 10 deletions ami/softether-radius-vpn/softether-radius-vpn.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,7 @@
"name": "softether-radius-vpn",
"ami_region": "{{env `AWS_DEFAULT_REGION`}}",
"rserver_version": "v0.0.2",
"softether_vpnserver_version": "v4.34-9745-beta",
"softether_vpnserver_release_date": "2020.04.05"
"softether_vpnserver_version": "4.34-9745-beta"
},
"builders": [
{
Expand Down Expand Up @@ -90,16 +89,22 @@
{
"type": "shell",
"inline": [
"curl -OL https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/releases/download/{{ user `softether_vpnserver_version` }}/softether-vpnserver-{{ user `softether_vpnserver_version` }}-{{ user `softether_vpnserver_release_date` }}-linux-x64-64bit.tar.gz",
"tar xvf softether-vpnserver-{{ user `softether_vpnserver_version` }}-{{ user `softether_vpnserver_release_date` }}-linux-x64-64bit.tar.gz",
"rm -rf softether-vpnserver-{{ user `softether_vpnserver_version` }}-{{ user `softether_vpnserver_release_date` }}-linux-x64-64bit.tar.gz",
"sudo mv vpnserver /usr/local",
"curl -OL https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/archive/v{{ user `softether_vpnserver_version` }}.tar.gz",
"tar xvf v{{ user `softether_vpnserver_version` }}.tar.gz && rm -rf v{{ user `softether_vpnserver_version` }}.tar.gz",
"cd SoftEtherVPN_Stable-{{ user `softether_vpnserver_version` }}",
"echo Use development tools to build VPN",
"sudo yum groupinstall \"Development Tools\" -y",
"cd /usr/local/vpnserver/",
"make i_read_and_agree_the_license_agreement",
"chmod 600 *",
"chmod 700 vpncmd vpnserver",
"sudo yum install readline-devel ncurses-devel openssl-devel -y",
"echo Set RADIUS_RETRY_TIMEOUT to 60. Currently hardcoded to 10",
"sed -i 's|#define\\s\\{1,\\}RADIUS_RETRY_TIMEOUT\\s\\{1,\\}(10\\s\\{1,\\}\\*\\s\\{1,\\}1000)|#define RADIUS_RETRY_TIMEOUT (60 * 1000)|' src/Cedar/Radius.h",
"grep RADIUS_RETRY_TIMEOUT src/Cedar/Radius.h",
"./configure",
"make",
"sudo make install",
"rm -rf ~/SoftEtherVPN_Stable-{{ user `softether_vpnserver_version` }}",
"cd /usr/vpncmd/",
"sudo chmod 600 .",
"sudo chmod 700 vpncmd",
"sudo yum groups remove \"Development Tools\" -y",
"echo based on base on https://www.softether.org/4-docs/1-manual/7._Installing_SoftEther_VPN_Server/7.3_Install_on_Linux_and_Initial_Configurations#7.3.8_Registering_a_Startup_Script",
"sudo mv /tmp/vpn/scripts/vpnserver /etc/init.d/vpnserver",
Expand Down
6 changes: 3 additions & 3 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ resource "aws_iam_instance_profile" "this" {
##################################

locals {
path_softether_config = "/usr/local/vpnserver/softether.config"
path_softether_config = "/usr/vpnserver/softether.config"
path_rserver_config = "/usr/local/rserver/config.gcfg"
path_iptables_rules = "/etc/iptables.rules"
path_awslogs_config = "/etc/awslogs/awslogs.conf"
Expand Down Expand Up @@ -198,7 +198,7 @@ data "template_file" "awscli_conf" {
data "template_cloudinit_config" "this" {
gzip = true
base64_encode = true
# Generate softether_config.template and put it to /usr/local/vpnserver/softether.config
# Generate softether_config.template and put it to /usr/vpnserver/softether.config
part {
content_type = "text/x-shellscript"
content = data.template_file.softether_config.rendered
Expand Down Expand Up @@ -228,7 +228,7 @@ data "template_cloudinit_config" "this" {
content_type = "text/x-shellscript"
content = <<-EOF
#!/bin/bash
sudo /usr/local/vpnserver/vpncmd localhost:"${var.vpn_admin_port}" /SERVER /IN:"${local.path_softether_config}" /OUT:config.log
sudo /usr/vpncmd/vpncmd localhost:"${var.vpn_admin_port}" /SERVER /IN:"${local.path_softether_config}" /OUT:config.log
sudo chmod 700 "${local.path_rserver_config}" && sudo chown nobody:nobody "${local.path_rserver_config}"
sudo systemctl restart vpnserver
sudo systemctl enable rserver.service
Expand Down
8 changes: 4 additions & 4 deletions templates/awslogs.conf.tpl.sh
Original file line number Diff line number Diff line change
Expand Up @@ -11,17 +11,17 @@ log_stream_name = {instance_id}
initial_position = start_of_file
log_group_name = ${RSERVER_LOG}
[/usr/local/vpnserver/security_log/DEFAULT]
[/usr/vpnserver/security_log/DEFAULT]
datetime_format = %b %d %H:%M:%S
file = /usr/local/vpnserver/security_log/DEFAULT/sec_*
file = /usr/vpnserver/security_log/DEFAULT/sec_*
buffer_duration = 5000
log_stream_name = {instance_id}
initial_position = start_of_file
log_group_name = ${VPN_SERVER_LOG}
[/usr/local/vpnserver/server_log]
[/usr/vpnserver/server_log]
datetime_format = %b %d %H:%M:%S
file = /usr/local/vpnserver/server_log/vpn_*
file = /usr/vpnserver/server_log/vpn_*
buffer_duration = 5000
log_stream_name = {instance_id}
initial_position = start_of_file
Expand Down

0 comments on commit 8ffe1a3

Please sign in to comment.