Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

www/caddy: Add Layer4 openvpn, winbox and quic matcher #4325

Merged
merged 13 commits into from
Nov 4, 2024

Conversation

Monviech
Copy link
Member

@Monviech Monviech commented Oct 27, 2024

Adds these:
OpenVPN mholt/caddy-l4#251
Winbox mholt/caddy-l4#255
QUIC mholt/caddy-l4#262

Sample configuration for OpenVPN (generated by template) to compare with sample config of above PR:

{
	layer4 {
		import /usr/local/etc/caddy/caddy.d/*.layer4global

		udp/:8843 {
			@72e3a520-7c15-49de-a4dc-e45ab1cba40a openvpn {
				modes auth
				auth_digest sha256
				group_key_direction normal
				group_key_file /var/db/caddy/data/caddy/certificates/temp/b0bf7f56-7a84-4e24-9851-785bedc0b432.key
			}

			route @72e3a520-7c15-49de-a4dc-e45ab1cba40a {
				proxy udp/192.168.1.1:1195 {
				}
			}
			@5b0fd94e-781c-4d48-86f0-a14a5c5c7ad4 openvpn {
				modes auth
				auth_digest sha256
				group_key_direction inverse
				group_key_file /var/db/caddy/data/caddy/certificates/temp/b0bf7f56-7a84-4e24-9851-785bedc0b432.key
			}

			route @5b0fd94e-781c-4d48-86f0-a14a5c5c7ad4 {
				proxy udp/192.168.1.1:1195 {
				}
			}
			@88fe930d-75e0-46ec-ae9a-edb1ca19af37 openvpn {
				modes auth
				auth_digest sha512
				group_key_direction normal
				group_key_file /var/db/caddy/data/caddy/certificates/temp/b0bf7f56-7a84-4e24-9851-785bedc0b432.key
			}

			route @88fe930d-75e0-46ec-ae9a-edb1ca19af37 {
				proxy udp/192.168.1.1:1195 {
				}
			}
			@1f94e9a6-fb0d-4e33-8e15-ec785a81a09b openvpn {
				modes auth
				auth_digest sha512
				group_key_direction inverse
				group_key_file /var/db/caddy/data/caddy/certificates/temp/b0bf7f56-7a84-4e24-9851-785bedc0b432.key
			}

			route @1f94e9a6-fb0d-4e33-8e15-ec785a81a09b {
				proxy udp/192.168.1.1:1195 {
				}
			}
			@de23095e-e808-4c85-8165-57bc0f7db586 openvpn {
				modes crypt
				group_key_file /var/db/caddy/data/caddy/certificates/temp/b0bf7f56-7a84-4e24-9851-785bedc0b432.key
			}

			route @de23095e-e808-4c85-8165-57bc0f7db586 {
				proxy udp/192.168.1.1:1195 {
				}
			}
			@9c850be6-4b36-4c3b-b115-ffc2734e64d2 openvpn {
				modes crypt2
				client_key_file /var/db/caddy/data/caddy/certificates/temp/b0bf7f56-7a84-4e24-9851-785bedc0b432.key
				client_key_file /var/db/caddy/data/caddy/certificates/temp/1457d018-0f4a-4e46-8efe-1c3549207d69.key
			}

			route @9c850be6-4b36-4c3b-b115-ffc2734e64d2 {
				proxy udp/192.168.1.1:1195 {
				}
			}
			@9666d46d-f9be-4c2b-a87b-077971319aaa openvpn {
				modes crypt2
				server_key_file /var/db/caddy/data/caddy/certificates/temp/b0bf7f56-7a84-4e24-9851-785bedc0b432.key
			}

			route @9666d46d-f9be-4c2b-a87b-077971319aaa {
				proxy udp/192.168.1.1:1195 {
				}
			}
			@72045406-6629-4763-b798-a280777e6ed8 openvpn

			route @72045406-6629-4763-b798-a280777e6ed8 {
				proxy udp/192.168.1.1:1195 {
				}
			}
		}
	}
}

@Monviech Monviech self-assigned this Oct 27, 2024
@Monviech Monviech added the feature Adding new functionality label Oct 27, 2024
@Monviech Monviech requested a review from fichtner October 27, 2024 15:27
@Monviech Monviech marked this pull request as ready for review October 27, 2024 15:27
@Monviech Monviech changed the title www/caddy: Add Layer4 openvpn matcher www/caddy: Add Layer4 openvpn, winbox and quic matcher Nov 1, 2024
@Monviech Monviech merged commit 72e09d5 into opnsense:master Nov 4, 2024
@Monviech Monviech deleted the caddy-openvpn-matcher branch November 26, 2024 17:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature Adding new functionality
Development

Successfully merging this pull request may close these issues.

2 participants