Upgrade OpenVPN Access Server version

Remove notification features Use pydantic for validations Add custom exceptions Include image factory to retrieve AMI IDs Disassociate security group before delete Reduce redundancy by reusing boto3 clients Convert interaction commands into objects Add utility scripts to get instance types and regions Update release_notes.rst and README.md
thevickypedia · Sep 25, 2023 · 42f9011 · 42f9011
1 parent 14f5b2b
commit 42f9011
Show file tree

Hide file tree

Showing 36 changed files with 1,961 additions and 1,676 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,3 +1,4 @@
+fail_fast: true
 repos:
   -
     repo: https://github.com/PyCQA/flake8
@@ -8,7 +9,7 @@ repos:
         additional_dependencies:
           - flake8-docstrings
           - flake8-sfs
-        args: [--max-line-length=120, --extend-ignore=SFS3 D107 SFS301 D100 D104 D401 SFS101]
+        args: [--max-line-length=120, --extend-ignore=SFS3 D107 SFS301 D100 D104 D401 SFS101 SFS201]
 
   -
     repo: https://github.com/PyCQA/isort
@@ -21,8 +22,8 @@ repos:
     repo: local
     hooks:
       -
-        id: build_docs
-        name: build_html
+        id: docs
+        name: docs
         entry: /bin/bash gen_docs.sh
         language: system
         pass_filenames: false

diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2021 Vignesh Sivanandha Rao
+Copyright (c) 2021 Vignesh Rao
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/MANIFEST.in b/MANIFEST.in
diff --git a/README.md b/README.md
@@ -7,7 +7,6 @@
 [![GitHub](https://img.shields.io/github/license/thevickypedia/vpn-server)][LICENSE]
 [![GitHub repo size](https://img.shields.io/github/repo-size/thevickypedia/vpn-server)][API_REPO]
 [![GitHub code size](https://img.shields.io/github/languages/code-size/thevickypedia/vpn-server)][API_REPO]
-[![LOC](https://img.shields.io/tokei/lines/github/thevickypedia/vpn-server)][API_REPO]
 
 ###### Deployments
 [![pages-build-deployment](https://github.com/thevickypedia/vpn-server/actions/workflows/pages/pages-build-deployment/badge.svg)](https://github.com/thevickypedia/vpn-server/actions/workflows/pages/pages-build-deployment)
@@ -29,33 +28,32 @@
 - Create an AWS EC2 instance using a pre-built OpenVPN AMI.
 - Create a security group with the necessary ports allowed.
 - Configure the vpn server using SSH.
-- Download the [OpenVPN client](https://openvpn.net/vpn-client/) and connect using public IP of the ec2 instance.
+- Download the [OpenVPN client](https://openvpn.net/vpn-client/) and connect using the public DNS of the ec2 instance.
 - All set! Now the internet traffic will be routed through the VPN. Verify it using an [IP Lookup](https://whatismyipaddress.com/)
 > To take it a step further, if you have a registered domain in AWS,
 > vpn-server can be accessed with an alias record in route53 pointing to the public IP of the ec2 instance.
 - All the above steps are performed automatically when creating a new VPN server.
 - This module can also be used to clean up all the AWS resources spun up for creating a vpn server.
 
 ### ENV Variables
-Environment variables are loaded from `.env` file if present.
+Environment variables are loaded from any `env` file if present.
 
 <details>
 <summary><strong>More on Environment variables</strong></summary>
 
+- **VPN_USERNAME** - Username to access `OpenVPN Connect` client.
+- **VPN_PASSWORD** - Password to access `OpenVPN Connect` client.
+- **VPN_PORT** - Port number for web interfaces.
+
 - **IMAGE_ID** - AMI ID to be used. Defaults to a pre-built AMI from SSM parameter for [OpenVPN Access Server AMI Alias][AMI_ALIAS].
 - **INSTANCE_TYPE** - Instance type to use for the VPN server. Defaults to `t2.nano`, use `t2.micro` if under [free-tier](https://aws.amazon.com/free).
-- **VPN_USERNAME** - Username to access `OpenVPN Connect` client. Defaults to log in profile or `openvpn`
-- **VPN_PASSWORD** - Password to access `OpenVPN Connect` client. Defaults to `awsVPN2021`
-- **DOMAIN** - Domain name for the hosted zone.
-- **RECORD_NAME** - Alias record name using which the VPN server has to be accessed.
-
-**To get notification about login information:**<br>
-- **GMAIL_USER** - Username of the gmail account.
-- **GMAIL_PASS** - Password of the gmail account.
-- **RECIPIENT** - Email address to which the notification has to be sent.
-- **PHONE** - Phone number to which the notification has to be sent (Works only for `US` based cellular)
-
-*Optionally `env vars` for AWS config (`AWS_ACCESS_KEY`, `AWS_SECRET_KEY`, `AWS_REGION_NAME`) can be setup.*
+- **KEY_PAIR** - Name of the key pair file to connect to ec2.
+- **SECURITY_GROUP** - Name of the security group.
+- **VPN_INFO** - Name of the JSON file to dump the server information.
+- **HOSTED_ZONE** - Domain name for the hosted zone.
+- **SUBDOMAIN** - Alias record name using which the VPN server has to be accessed.
+
+*Optionally `env vars` for AWS config (`AWS_PROFILE_NAME`, `AWS_ACCESS_KEY`, `AWS_SECRET_KEY`, `AWS_REGION_NAME`) can be setup.*
 </details>
 
 ### Install
@@ -65,55 +63,43 @@ python -m pip install vpn-server
 
 ### Usage
 ```python
+import os
+
+os.environ['env_file'] = 'custom'  # to load a custom .env file
+
 import vpn
 
 # Instantiates the object, takes the same args as env vars.
 vpn_server = vpn.VPNServer()  # Defaults to console logging, but supports custom logger.
 
 vpn_server.create_vpn_server()  # Create a VPN Server, login information will be saved to a JSON file.
 
-# Re-configure an existing VPN Server (not required, unless the configuration steps have been interrupted)
-# vpn_server.reconfigure_vpn()
-
 # Test an existing VPN Server (not required, as a test is run right after creation anyway)
 # vpn_server.test_vpn()
 
 vpn_server.delete_vpn_server()  # Deletes the VPN Server removing the AWS resources acquired during creation.
 ```
 
+<br>
+
 <details>
-<summary><strong>Manual Configuration</strong></summary>
-
-*Following are the prompts and response required to configure the VPN server.*
-
-- Are you sure you want to continue connecting (yes/no)? `yes` 
-1. Please enter 'yes' to indicate your agreement [no]: `yes`
-2. Will this be the primary Access Server node? Default: `yes`
-3. Please specify the network interface and IP address to be used by the Admin Web UI: `Default: all interfaces: 0.0.0.0`
-4. Please specify the port number for the Admin Web UI. Default: `943`
-5. Please specify the TCP port number for the OpenVPN Daemon. Default: `443`
-6. Should client traffic be routed by default through the VPN? `yes`
-7. Should client DNS traffic be routed by default through the VPN? Default: `No`
-8. Use local authentication via internal DB? Default: `yes`
-9. Should private subnets be accessible to clients by default? Default: `yes`
-10. Do you wish to login to the Admin UI as "openvpn"? Default: `yes`
-11. Specify the username for an existing user or for the new user account: `{USERNAME}`
-12. Type the password for the 'vicky' account: `{PASSWORD}`
-13. Confirm the password for the 'vicky' account: `{PASSWORD}`
-14. Please specify your Activation key (or leave blank to specify later): `{ENTER/RETURN}`
-
-- Download the `OpenVPN` application and get connected to the VPN server.
+<summary><strong>Limitations</strong></summary>
 
+Currently `expose` cannot handle, tunneling multiple port numbers without modifying the following env vars in the `.env` file.
+```shell
+KEY_PAIR        # SSH connection to AWS ec2
+KEY_FILE        # Private key filename for self signed SSL
+CERT_FILE       # Public certificate filename for self signed SSL
+SERVER_INFO     # Filename to dump JSON data with server configuration information
+SECURITY_GROUP  # Ingress and egress firewall rules to control traffic allowed via VPC
+```
 </details>
 
-### AWS Resources Used
-- EC2
-  - Instance - _To redirect traffic through the instance's IP_
-  - SecurityGroup - _To allow traffic over specific TCP ports_
-  - Systems Manager - _To access [OpenVPN SSM parameter store][AMI_ALIAS] to retrieve the AMI ID_
-  - Route53 [Optional] - _To access VPN server using an `A` record in `Route 53`_
-- VPC [Default]
-- Subnet [Default]
+## Coding Standards
+Docstring format: [`Google`](https://google.github.io/styleguide/pyguide.html#38-comments-and-docstrings) <br>
+Styling conventions: [`PEP 8`](https://www.python.org/dev/peps/pep-0008/) <br>
+Clean code with pre-commit hooks: [`flake8`](https://flake8.pycqa.org/en/latest/) and 
+[`isort`](https://pycqa.github.io/isort/)
 
 ### [Release Notes](https://github.com/thevickypedia/vpn-server/blob/main/release_notes.rst)
 **Requirement**
@@ -148,7 +134,7 @@ pre-commit run --all-files
 
 ## License & copyright
 
-&copy; Vignesh Sivanandha Rao
+&copy; Vignesh Rao
 
 Licensed under the [MIT License][LICENSE]
 

diff --git a/doc_generator/Makefile → doc_gen/Makefile b/doc_generator/Makefile → doc_gen/Makefile
diff --git a/doc_generator/conf.py → doc_gen/conf.py b/doc_generator/conf.py → doc_gen/conf.py
@@ -18,8 +18,8 @@
 # -- Project information -----------------------------------------------------
 
 project = 'VPN Server'
-copyright = '2021, Vignesh Sivanandha Rao'
-author = 'Vignesh Sivanandha Rao'
+copyright = '2021, Vignesh Rao'
+author = 'Vignesh Rao'
 
 # -- General configuration ---------------------------------------------------
 

diff --git a/doc_gen/index.rst b/doc_gen/index.rst
@@ -0,0 +1,101 @@
+.. VPN Server documentation master file, created by
+   sphinx-quickstart on Tue Sep 14 23:25:43 2021.
+   You can adapt this file completely to your liking, but it should at least
+   contain the root `toctree` directive.
+
+Welcome to VPN Server's documentation!
+======================================
+
+.. toctree::
+   :maxdepth: 2
+   :caption: Read Me:
+
+   README
+
+VPN Server
+==========
+
+.. automodule:: vpn.main
+   :members:
+   :private-members:
+   :undoc-members:
+
+Configuration
+=============
+
+.. autoclass:: vpn.models.config.ConfigurationSettings(pydantic.BaseModel)
+   :members:
+   :exclude-members: _abc_impl, model_config, model_fields
+
+====
+
+.. autoclass:: vpn.models.config.AMIBase(pydantic.BaseModel)
+   :members:
+   :exclude-members: _abc_impl, model_config, model_fields
+
+====
+
+.. autoclass:: vpn.models.config.EnvConfig(pydantic.BaseSettings)
+   :members:
+   :exclude-members: _abc_impl, model_config, model_fields
+
+====
+
+.. autoclass:: vpn.models.config.Settings(pydantic.BaseModel)
+   :members:
+   :exclude-members: _abc_impl, model_config, model_fields
+
+Exceptions
+==========
+
+.. automodule:: vpn.models.exceptions
+   :members:
+   :private-members:
+   :undoc-members:
+
+ImageFactory
+============
+
+.. automodule:: vpn.models.image_factory
+   :members:
+   :private-members:
+   :undoc-members:
+
+LOGGER
+======
+
+.. automodule:: vpn.models.logger
+   :members:
+   :private-members:
+   :undoc-members:
+
+Route53
+=======
+
+.. automodule:: vpn.models.route53
+   :members:
+   :private-members:
+   :undoc-members:
+
+SSH Configuration
+=================
+
+.. automodule:: vpn.models.server
+   :members:
+   :private-members:
+   :undoc-members:
+
+Utilities
+=========
+
+.. automodule:: vpn.models.util
+   :members:
+   :private-members:
+   :undoc-members:
+
+Indices and tables
+==================
+
+* :ref:`genindex`
+* :ref:`modindex`
+* :ref:`search`
diff --git a/doc_generator/make.bat → doc_gen/make.bat b/doc_generator/make.bat → doc_gen/make.bat
diff --git a/doc_generator/index.rst b/doc_generator/index.rst