This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
services:openvpn [2020/03/12 20:34] dmick |
services:openvpn [2020/10/27 19:22] (current) djgalloway old revision restored (2020/10/27 17:55) |
||
---|---|---|---|
Line 7: | Line 7: | ||
The process for requesting lab access is documented [[https://ceph.github.io/sepia/adding_users/#requesting-lab-access|here]]. | The process for requesting lab access is documented [[https://ceph.github.io/sepia/adding_users/#requesting-lab-access|here]]. | ||
- | ===== Adding Users ===== | + | ===== Ops Tasks ===== |
+ | ==== Adding Users ==== | ||
A ticket should be filed for paper trail purposes. Put the ticket in the commit messages for the PRs created below. | A ticket should be filed for paper trail purposes. Put the ticket in the commit messages for the PRs created below. | ||
Line 19: | Line 20: | ||
<code>ansible-playbook gateway.yml --tags="users"</code> | <code>ansible-playbook gateway.yml --tags="users"</code> | ||
- | ===== fail2ban ===== | + | ==== fail2ban ==== |
fail2ban is configured via the gateway role. It's configured to work with firewalld. Run ''ipset list'' to see list of currently banned IPs. | fail2ban is configured via the gateway role. It's configured to work with firewalld. Run ''ipset list'' to see list of currently banned IPs. | ||
Line 27: | Line 28: | ||
^%(__prefix_line)sReceived disconnect from <HOST>: 11: (Bye Bye)? \[preauth\]$ | ^%(__prefix_line)sReceived disconnect from <HOST>: 11: (Bye Bye)? \[preauth\]$ | ||
</code> | </code> | ||
+ | |||
+ | ==== Updating sepia-vpn-client.tar.gz ==== | ||
+ | This shouldn't need to happen often but was necessary when python3 came out. | ||
+ | |||
+ | - ''%%ssh www.ceph.com%%'' | ||
+ | - ''sudo -i'' | ||
+ | - ''cd /var/www/ceph.com/sage/'' | ||
+ | - ''mkdir wip && cp sepia-vpn-client.tar.gz wip/ && cd wip && tar xzf sepia-vpn-client.tar.gz'' | ||
+ | - Make your edits in the sepia dir | ||
+ | - When you're done, ''tar -czvf sepia-vpn-client.tar.gz sepia'' | ||
+ | - ''mv sepia-vpn-client.tar.gz /var/www/ceph.com/sage/'' | ||
+ | - ''chown dgalloway:www-data /var/www/ceph.com/sage/sepia-vpn-client.tar.gz'' | ||
+ | - ''rm -rf /var/www/ceph.com/sage/wip'' | ||
+ | |||
+ | ===== Troubleshooting ===== | ||
+ | ==== ValueError: need more than 2 values to unpack ==== | ||
+ | |||
+ | **Resolution:** You likely forgot a space in a user's hashed credential. Check recent commits in ceph-sepia-secrets.git and make sure all users have three values per ''ovpn'' key. | ||
===== To-Do ===== | ===== To-Do ===== |