WebSVN – web_pages – Diff – /trunk/totp_opnsense/configure

 #! /usr/bin/env perl
 # Copyright (c) 2025, Daily Data, Inc.
 # All rights reserved.
+#
 # Redistribution and use in source and binary forms, with or without modification,
 # are permitted provided that the following conditions are met:
 # TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
 # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
 # DAMAGE.
+#
+# This script defines the routers that can be managed by loadOpnSense.pl
+# It allows adding, editing, and removing router configurations stored in a JSON file.
+#
+# Change History:
+#  v1.0.0 2025-10-01 RWR
+#     Initial version
 use strict;
 use warnings;
+# use libraries from the directory this script is in
+BEGIN {
+   use FindBin;
+   use File::Spec;
+   # use libraries from the directory this script is in
+   use Cwd 'abs_path';
+   use File::Basename;
+   use lib dirname( abs_path( __FILE__ ) );
+}
 use JSON qw( decode_json encode_json );
 use Data::Dumper;
-use lib '.';
 use opnsense;
+our $VERSION = "1.0.0";
-# default config file name if not specified on command line
+# Default config file name if not specified on command line. Defaults to 'routers.json' in the script directory
-my $configFileName = 'config.json';
+my $configFileName = $FindBin::RealBin . '/routers.json';
+# fields used in the router configuration
-my @fields = ( 'url', 'apiKey', 'apiSecret', 'ovpnIndex', 'template', 'hostname', 'localport' );
+my @fields = ( 'url', 'apiKey', 'apiSecret', 'ovpnIndex', 'template', 'hostname', 'localPort' );
+# Check if running as root
+if ($> != 0) {
+   die "Error: This script must be run as root.\n";
+}
+#-----------------------------
+# usage: Print usage message
+#-----------------------------
 sub usage {
-   print "Usage: $0 <opnsense_config_file>\n";
+   print "Usage: $0 <opnsenseConfigFile>\n";
    exit 1;
+}
-# readConfig
+#-----------------------------
-# Reads in the configuration file and returns a hash ref of the data
+# readConfig: Reads in the configuration file and returns a hash ref of the data
-# if file does not exist, returns empty hash ref
+# If file does not exist, returns empty hash ref
-# file - name of file to read (default config.json if not specified)
+# file - name of file to read (default $configFileName)
+#-----------------------------
 sub readConfig {
-   my ( $file ) = @_;
+   my ($file) = @_;
    my $data = {};
-   if ( -e $file ) {
+   if (-e $file) {
-      open( my $fh, '<', $file ) or die "Cannot open $file: $!";
+      open(my $fh, '<', $file) or die "Cannot open $file: $!";
       local $/;  # slurp mode
-      my $json_text = <$fh>;
+      my $jsonText = <$fh>;
       close $fh;
-      $data = decode_json($json_text);
+      $data = decode_json($jsonText);
+   }
    return $data;
+}
+#-----------------------------
+# writeConfig: Writes the given data to the specified file in JSON format
+# file - name of file to write (default $configFileName)
+# data - reference to the data to write
+# permissions on the file are set to 0600 and ownership to root
+# since it contains sensitive information
+#-----------------------------
 sub writeConfig {
    my ( $file, $data ) = @_;
    open( my $fh, '>', $file ) or die "Cannot open $file: $!";
    print $fh encode_json($data);
    close $fh;
+   chmod 0600, $file or warn "Could not set permissions on $file: $!";
+   chown 0, 0, $file or warn "Could not set ownership to root on $file: $!";
+}
+#-----------------------------
+# trim: Remove leading and trailing whitespace from a string
+# s - the string to trim
+#-----------------------------
 sub trim {
    my ($s) = @_;
    $s =~ s/^\s+|\s+$//g if defined $s;
    return $s;
+}
+#-----------------------------
+# menuSelect: Display a menu of options and prompt the user to select one
+# prompt - the prompt to display to the user
+# options - reference to an array of option strings
+# additionalText - reference to an array of additional text strings to display next to each option
+# returns the selected option string (1-based index)
+#-----------------------------
 sub menuSelect {
    my ( $prompt, $options, $additionalText ) = @_;
    print "$prompt\n";
    for my $i ( 0 .. $#$options ) {
       print "  " . ($i+1) . ". " . $options->[$i] . ($additionalText->[$i] ? $additionalText->[$i] : "") . "\n";
+   }
    print "Select option (1-" . ($#$options + 1) . "): ";
    my $sel = <STDIN>;
    chomp $sel;
    if ( $sel !~ /^\d+$/ || $sel < 1 || $sel > ($#$options + 1) ) {
-      die "Invalid selection\n";
+      warn "Invalid selection\n";
+      return menuSelect( $prompt, $options, $additionalText );
+   }
    return $options->[$sel - 1];
+}
+#-----------------------------
+# selectOvpnIndex: Prompts the user to select an ovpnIndex from the list
+# in the OPNsense router specified in the config hash
+# config - reference to the router's configuration hash
+# returns the selected ovpnIndex string or undef if none selected
+#-----------------------------
+sub selectOvpnIndex {
+   my ( $config ) = @_;
+   if ( defined $config->{'url'} && defined $config->{'apiKey'} && defined $config->{'apiSecret'} ) {
+      my $opnsense = new opnsense(
+         url    => $config->{'url'},
+         apiKey    => $config->{'apiKey'},
+         apiSecret => $config->{'apiSecret'},
+      );
+      my $providers = $opnsense->getVpnProviders();
+      if ( ref($providers) eq 'HASH' && keys %$providers ) {
+         my @providerIndex = sort keys %$providers;
+         my @additionalText = map {
+               defined $config->{'ovpnIndex'} &&
+               ($_ eq $config->{'ovpnIndex'} ? " (current) " : " - ") . $providers->{$_}
+               } @providerIndex;
+         my $selectedProvider = &menuSelect( "Select VPN Provider", \@providerIndex, \@additionalText );
+         return $selectedProvider;
+      } else {
+         warn "No VPN providers found or error retrieving providers. Please check your connection details.\n";
+      }
+   } else {
+      warn "Please set url, apiKey, and apiSecret before selecting ovpnIndex.\n";
+   }
+   return undef;
+}
+#-----------------------------
+# editRouter: Edit the configuration for a router
+# config - reference to the router's configuration hash
+# routerName - name of the router being edited
+# keys - reference to an array of keys (fields) that can be edited
+# works on one router at a time, allows setting fields for that router
+# returns true if configuration was saved, false if not
+#-----------------------------
 sub editRouter {
-   my ( $config, $keys ) = @_;
+   my ( $config, $routerName, $keys ) = @_;
    my $option = '';
+   my $saved = 1;
+   my $currentRouter = $config->{$routerName};
-   $config->{'template'} = 'PlainOpenVPN' unless defined $config->{'template'};
+   $currentRouter->{'template'} = 'PlainOpenVPN' unless defined $currentRouter->{'template'};
    my $vpnProviders = ();
    while ( $option ne 'Done' ) {
-      print "\nEditing router configuration:\n";
+      print "\nEditing router configuration for $routerName" . ($saved ? "" : " (Changed)") . ":\n";
       $option = &menuSelect(
          "Select field to edit",
-         [ @$keys, 'Done' ],
+         [ @$keys, 'Save Config', 'Done' ],
-         [ map { defined $config->{$_} ? " (current: $config->{$_})" : " (not set)" } @$keys, '' ]
+         [ map { defined $currentRouter->{$_} ? " (current: $currentRouter->{$_})" : " (not set)" } @$keys, '' ]
          );
-      if ( $option ne 'Done' ) {
-         if ( $option eq 'ovpnIndex' ) {
+      if ( $option eq 'ovpnIndex' ) {
-            # special handling for ovpnIndex to show available providers
+         $currentRouter->{'ovpnIndex'} = &selectOvpnIndex( $currentRouter );
-            if ( defined $config->{'url'} && defined $config->{'apiKey'} && defined $config->{'apiSecret'} ) {
-               my $opnsense = new opnsense(
+         $saved = 0; # mark as unsaved
-                  url    => $config->{'url'},
-                  apiKey    => $config->{'apiKey'},
+      } elsif ( $option eq 'Save Config' ) {
-                  apiSecret => $config->{'apiSecret'},
+         writeConfig( $configFileName, $config );
-               );
-               my $providers = $opnsense->get_vpn_providers();
-               if ( ref($providers) eq 'HASH' && keys %$providers ) {
-                  #die Dumper( $providers );
-                  my @providerIndex = sort keys %$providers;
-                  my @additionalText = map {
-                        defined $config->{'ovpnIndex'} &&
-                        ($_ eq $config->{'ovpnIndex'} ? " (current) " : "") . $providers->{$_}
-                        } @providerIndex;
+         $saved = 1; # mark as saved
-                  my $selectedProvider = &menuSelect( "Select VPN Provider", \@providerIndex, \@additionalText );
-                  $config->{'ovpnIndex'} = $selectedProvider;
+         print "Configuration saved to $configFileName\n";
-                  next; # skip the rest of the loop
-               } else {
+      } elsif ($option eq 'Done') {
-                  print "No VPN providers found or error retrieving providers. Please check your connection details.\n";
+         $option = &menuSelect( "Exiting configuration editor, but changes were not saved.", [ 'Exit', 'Save and Exit' ] );
-               }
-            } else {
-               print "Please set url, apiKey, and apiSecret before selecting ovpnIndex.\n";
-               next; # skip the rest of the loop
+         if ( $option eq 'Save and Exit' ) {
-            }
-         }  else {
-            print "Enter value for $option: ";
+            writeConfig( $configFileName, $config );
-            my $value = <STDIN>;
-            chomp $value;
-            $value = trim($value);
+            $saved = 1; # mark as saved
-            $config->{$option} = $value;
+            print "Configuration saved to $configFileName\n";
+         }
+         last;
+      } else {
+         $saved = 0; # mark as unsaved
+         print "Enter value for $option: ";
+         my $value = <STDIN>;
+         chomp $value;
+         $value = trim($value);
+         $currentRouter->{$option} = $value if $value ne '';
+      }
+   }
-   return $config;
+   return $saved;
+}
-$configFileName = shift if defined shift;
+$configFileName = shift if @ARGV;
+# read the configuration file, if it exists, and place hash in $config
 my $config = &readConfig( $configFileName );
+# display menu of existing routers plus option to add new router
 my $routerName = &menuSelect( "Select router to configure", [ keys %$config, 'Add new router' ] );
+# adding a new router, so get the name, then create an empty hashref for it
 if ( $routerName eq 'Add new router' ) {
    print "Enter new router name: ";
    $routerName = <STDIN>;
    chomp $routerName;
    $routerName = trim($routerName);
    $config->{$routerName} = {};
+}
+# edit the router configuration
+&editRouter( $config, $routerName, \@fields );
-$config->{$routerName} = &editRouter( $config->{$routerName}, \@fields );
-#print Dumper( $config );
-writeConfig( $configFileName, $config );
 ;
 Generated by GNU Enscript 1.6.5.90.

Subversion Repositories web_pages

(root)/trunk/totp_opnsense/configure – Rev 15 → 16