evilfreelancer/openvpn-php

基于PHP的OpenVPN配置生成器

维护者

详细信息

github.com/EvilFreelancer/openvpn-php

源代码

问题

赞助包维护!
Patreon

安装次数: 3,213

依赖项: 0

建议者: 0

安全: 0

星标: 28

关注者: 7

分支: 4

开放问题: 0

1.3.0 2020-07-12 13:18 UTC

Requires

Requires (Dev)

Suggests

MIT 1fadfb4ec81add8d430efc59061c4d0a288f04fe

packagepluginimportconfiglaravelgenerateopenvpnlumen

This package is auto-updated.

Last update: 2024-09-15 14:12:10 UTC

README

Latest Stable Version Build Status Total Downloads License Code Climate Code Coverage Scrutinizer CQ

OpenVPN配置管理器

基于PHP编写的OpenVPN配置管理器。

composer require evilfreelancer/openvpn-php

顺便说一下,OpenVPN库支持Laravel框架,详情这里

如何使用

非常简单,您需要设置所需的参数,然后生成配置,Voila,一切完成。

更多示例 这里

以OOP风格编写新配置

require_once __DIR__ . '/../vendor/autoload.php';

// Config object
$config = new \OpenVPN\Config();

// Set server options
$config->dev                  = 'tun';
$config->proto                = 'tcp';
$config->port                 = 1194;
$config->resolvRetry          = 'infinite';
$config->cipher               = 'AES-256-CBC';
$config->redirectGateway      = true;
$config->server               = '10.8.0.0 255.255.255.0';
$config->keepalive            = '10 120';
$config->renegSec             = 18000;
$config->user                 = 'nobody';
$config->group                = 'nogroup';
$config->persistKey           = true;
$config->persistTun           = true;
$config->compLzo              = true;
$config->verb                 = 3;
$config->mute                 = 20;
$config->status               = '/var/log/openvpn/status.log';
$config->logAppend            = '/var/log/openvpn/openvpn.log';
$config->clientConfigDir      = 'ccd';
$config->scriptSecurity       = 3;
$config->usernameAsCommonName = true;
$config->verifyClientCert     = 'none';

// Set routes which will be used by server after starting
$config->setRoutes([
    '10.1.1.0 255.255.255.0',
    '10.1.2.0 255.255.255.0',
    '10.1.3.0 255.255.255.0',
]);

// Set additional certificates of server
$config->setCerts([
    'ca'   => '/etc/openvpn/keys/ca.crt',
    'cert' => '/etc/openvpn/keys/issued/server.crt',
]); // You can embed certificates into config by adding true as second parameter of setCerts method

// Another way for adding certificates
$config
    ->setCert('key', '/etc/openvpn/keys/private/server.key')
    ->setCert('dh', '/etc/openvpn/keys/dh.pem');

// Set pushes which will be passed to client
$config->setPushes([
    // Additional routes, which clients will see
    'route 10.1.2.0 255.255.255.0',
    'route 10.1.3.0 255.255.255.0',
    'route 10.1.4.0 255.255.255.0',

    // Replace default gateway, all client's traffic will be routed via VPN
    'redirect-gateway def1',

    // Prepend additional DNS addresses    
    'dhcp-option DNS 8.8.8.8', 
    'dhcp-option DNS 8.8.4.4',
]);

// Generate config by options
echo $config->generate();

导入现有的OpenVPN配置

例如,您有server.conf,要导入此文件,您需要创建\OpenVPN\Import对象并指定您的配置文件名称。

<?php
require_once __DIR__ . '/../vendor/autoload.php';

// Import OpenVPN config file
$import = new \OpenVPN\Import('server.conf');

// or (classic way)
$import = new \OpenVPN\Import();
$import->read('server.conf');

// Parse configuration and return "\OpenVPN\Config" object
$config = $import->parse();

$config变量中将包含\OpenVPN\Config对象。

客户端配置示例

要制作客户端配置,您只需添加所需的参数并生成配置

<?php
require_once __DIR__ . '/../vendor/autoload.php';

// Config object
$config = new \OpenVPN\Config();

// Set client options
$config->client();
$config->dev             = 'tun';
$config->proto           = 'tcp';
$config->resolvRetry     = 'infinite';
$config->cipher          = 'AES-256-CB';
$config->redirectGateway = true;
$config->keyDirection    = 1;
$config->remoteCertTls   = 'server';
$config->authUserPass    = true;
$config->authNocache     = true;
$config->nobind          = true;
$config->persistKey      = true;
$config->persistTun      = true;
$config->compLzo         = true;
$config->verb            = 3;
$config->httpProxy       = 'proxy-http.example.com 3128';

// Set multiple remote servers
$config->setRemotes([
    'vpn1.example.com 1194',
    'vpn2.example.com 11194'
]);

// Set single remote
$config->setRemote('vpn1.example.com 1194');

// Or set remote server as parameter of object
$config->remote = 'vpn.example.com 1194';

// Set additional certificates of client
$config->setCerts([
    'ca'   => '/etc/openvpn/keys/ca.crt',
    'cert' => '/etc/openvpn/keys/issued/client1.crt',
    'key'  => '/etc/openvpn/keys/private/client1.key',
], true); // true - mean embed certificates into config, false by default

// Generate config by options
echo $config->generate();

可下载配置

只是一个简单的使用示例

header('Content-Type:text/plain');
header('Content-Disposition: attachment; filename=client.ovpn');
header('Pragma: no-cache');
header('Expires: 0');

echo $config->generate();
die();

Laravel框架支持

此库针对作为正常Laravel包的使用进行了优化,所有功能均通过\OpenVPN外观访问,例如,要访问客户端对象,您需要

// Config og client object
$config = \OpenVPN::client([
    'dev'              => 'tun',
    'proto'            => 'tcp',
    'resolv-retry'     => 'infinite',
    'cipher'           => 'AES-256-CB',
    'redirect-gateway' => true,
    'key-direction'    => 1,
    'remote-cert-tls'  => 'server',
    'auth-user-pass'   => true,
    'auth-nocache'     => true,
    'persist-key'      => true,
    'persist-tun'      => true,
    'comp-lzo'         => true,
    'verb'             => 3,
]);

// Another way for change values
$config->set('verb', 3);
$config->set('nobind');

// Yet another way for change values via magic methods
$config->remote    = 'vpn.example.com 1194';
$config->httpProxy = 'proxy-http.example.com 3128';

// Set multiple remote servers
$config->setRemotes([
    'vpn1.example.com 1194',
    'vpn2.example.com 11194'
]);

// Set additional certificates of client
$config->setCerts([
    'ca'   => '/etc/openvpn/keys/ca.crt',
    'cert' => '/etc/openvpn/keys/issued/client1.crt',
    'key'  => '/etc/openvpn/keys/private/client1.key',
], true); // true mean embed certificates into config, false by default

// Generate config by options
echo $config->generate();

它将从config文件夹中读取openvpn-client.php配置(如果已发布当然),然后将您的参数合并到该数组中,然后您将看到\OpenVPN\Config对象。

可用方法列表

  • \OpenVPN::server(array $parameters = []) - 将返回从openvpn-server.php加载设置的\OpenVPN\Config对象
  • \OpenVPN::client(array $parameters = []) - 将返回从openvpn-client.php加载设置的\OpenVPN\Config对象
  • \OpenVPN::importer(string $filename = null, bool $isContent = false) - 将返回\OpenVPN\Import对象,通过此对象您可以读取服务器或客户端的OpenVPN配置
  • \OpenVPN::generator(\OpenVPN\Config $config) - 将返回带有->generate()方法的\OpenVPN\Generator对象,该方法可用于根据配置对象的参数渲染OpenVPN配置

安装

包的服务提供程序将自动注册其服务提供程序。

发布openvpn-server.phpopenvpn-client.php配置文件

php artisan vendor:publish --provider="OpenVPN\Laravel\ServiceProvider"

测试

在开始之前,需要安装dev依赖项

composer install --dev

然后运行测试

composer test

# which same as
composer test:lint
composer test:unit

./vendor/bin/phpunit

链接