Python SQLite3 安装 OpenVP* Web管理后台

一、安装相关

yum install gcc gcc-c++ openssl openssl-devel pam-devel sqlite-devel

二、安装 Openvpn 服务器端

CentOS 7 安装 OpenVP*_tom.ma的博客-CSDN博客

三、添加 SQLite 认证

 1、下载

https://download.csdn.net/download/mshxuyi/87354476

git clone https://gitee.com/mshxuyi/pam_sqlite3.git
 
cd pam_sqlite3
 
make
 
cp pam_sqlite3.so /lib64/security/

2、添加 pam 认证文件

vim /etc/pam.d/openvpn
 
 
auth        required    pam_sqlite3.so db=/etc/openvpn/openvpn.db table=t_user user=username passwd=password expire=expire crypt=1
account     required    pam_sqlite3.so db=/etc/openvpn/openvpn.db table=t_user user=username passwd=password expire=expire crypt=1

3、配置服务器

vim /etc/openvpn/server.conf
 
 
# 最后添加
verify-client-cert none
username-as-common-name
plugin /usr/lib64/openvpn/plugins/openvpn-plugin-auth-pam.so openvpn
 
script-security 3
client-connect /etc/openvpn/server/connect.py
client-disconnect /etc/openvpn/server/disconnect.py

4、配置客户端

client
dev tun
proto tcp
remote 192.168.1.71 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
 
# 注释这两行
;cert tomma.crt
;key tomma.key
 
remote-cert-tls server
tls-auth ta.key 1
cipher AES-256-GCM
comp-lzo
verb 3
auth-nocache
 
 
# 加入这一行，使用用户名密码登录openvpn服务器
auth-user-pass

 5、安装 python 相关

# 安装 python3
yum install python36 -y
 
# 安装相关服务
# Tornado：python编写的web服务器兼web应用框架
# Peewee ：Peewee是一个简单小巧的Python ORM框架
 
pip3 install peewee tornado

 6、下载 openvpn-web

https://download.csdn.net/download/mshxuyi/87354473

 7、导入数据库

cd /opt
 
git clone https://gitee.com/mshxuyi/openvpn_web.git
 
cd openvpn_web
 
sqlite3 /etc/openvpn/openvpn.db < model/openvpn.sql

 8、新建 自动生成 logs 脚本，注意这两个文件设置执行权限

vim /etc/openvpn/server/connect.py
 
#!/usr/bin/python
 
import os
import time
import sqlite3
 
username = os.environ['common_name']
trusted_ip = os.environ['trusted_ip']
trusted_port = os.environ['trusted_port']
local = os.environ['ifconfig_local']
remote = os.environ['ifconfig_pool_remote_ip']
timeunix= os.environ['time_unix']
 
logintime = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(time.time()))
 
conn = sqlite3.connect("/etc/openvpn/openvpn.db")
cursor = conn.cursor()
query = "insert into t_logs(username, timeunix, trusted_ip, trusted_port, local, remote, logintime) values('%s','%s', '%s', '%s', '%s', '%s', '%s')" %  (username, timeunix, trusted_ip, trusted_port, local, remote, logintime)
cursor.execute(query)
conn.commit()
conn.close()

vim /etc/openvpn/server/disconnect.py
 
#!/usr/bin/python
 
import os
import time
import sqlite3
 
username = os.environ['common_name']
trusted_ip = os.environ['trusted_ip']
received = os.environ['bytes_received']
sent = os.environ['bytes_sent']
 
logouttime = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime(time.time()))
 
conn = sqlite3.connect("/etc/openvpn/openvpn.db")
cursor = conn.cursor()
query = "update t_logs set logouttime='%s', received='%s', sent= '%s' where username = '%s' and trusted_ip = '%s'" %  (logouttime, received, sent, username, trusted_ip)
cursor.execute(query)
conn.commit()
conn.close()

chmod +x /etc/openvpn/server/connect.py 
chmod +x /etc/openvpn/server/disconnect.py 

9、启动脚本

# 重启 vpn
systemctl start openvpn@server.service
 
# 开启防火墙
-A INPUT -p tcp -m state --state NEW -m tcp --dport 8000 -j ACCEPT
 
# 启动
python3 myapp.py &

10、进入后台

http://192.168.1.113:8000/login  账号：admin  密码：123456