afebc151d0 | 3 years ago | |
---|---|---|
ccvpn | 3 years ago | |
deploy | 4 years ago | |
downloads | 6 years ago | |
kb | 4 years ago | |
lambdainst | 3 years ago | |
locale/fr/LC_MESSAGES | 3 years ago | |
static | 3 years ago | |
templates | 3 years ago | |
tickets | 4 years ago | |
.gitignore | 6 years ago | |
LICENSE | 9 years ago | |
README.md | 3 years ago | |
kb.json | 4 years ago | |
manage.py | 8 years ago | |
manage.sh | 6 years ago | |
poetry.lock | 3 years ago | |
pylintrc | 6 years ago | |
pyproject.toml | 3 years ago | |
requirements.txt | 7 years ago | |
update.sh | 8 years ago |
README.md
CCrypto VPN
CCVPN is the software we use at CCrypto to provide our VPN. You can see it live at https://vpn.ccrypto.org/
It handles user management, support tickets, billing and is used as a backend
for VPN authentication.
It communicates with an external service, lambdacore, that manages VPN servers
and sessions.
Disclaimer: this is a specialized solution that requires proprietary software to function. This repo is a way for us to share our work freely as we don't believe keeping it secret will do any good; feel free to base your own work on it but don't except it to be of an use as-is.
CCrypto's commercial support does not include this and will not help you set it up.
Feel free to contact us about ccvpn, but with no guarantee.
PacketImpact however may provide you commercial support
and more services about ccvpn and lambdacore.
Getting Started
# Install poetry
pip3 install poetry
export PATH=~/.local/bin/:$PATH # also add that to your .profile
# Install ccvpn3
git clone https://git.ccrypto.org/ccrypto/ccvpn3.git
cd ccvpn3
poetry config settings.virtualenvs.in-project true
poetry install
cp ccvpn/local_settings.sample.py ccvpn/local_settings.py
# Edit ccvpn/local_settings.py
# See ccvpn/settings.py for all available settings and defaults
# Those need to be run on installation and updates
poetry run ./manage.py migrate
poetry run ./manage.py compilemessages
poetry run ./manage.py collectstatic
# The standard Django manage.py can be called through poetry
poetry run ./manage.py runserver
# Celery worker & scheduler are needed for background tasks
poetry run celery -A ccvpn.celery worker -l debug
poetry run celery -A ccvpn.celery beat -l debug
Debian Deployment
# Install uwsgi and a web server, and python deps
apt install gettext git nginx uwsgi uwsgi-plugin-python3 python3-venv python3-setuptools python3-pip
# Create a new account and switch to it
adduser --disabled-login ccvpn
su - ccvpn
# As ccvpn, follow the instructions in Getting Started
# then Ctrl-D/exit back to root
cp /home/ccvpn/ccvpn3/deploy/nginx.conf /etc/nginx/sites-enabled/ccvpn3.conf
cp /etc/ccvpn/ccvpn3/deploy/uwsgi.ini /etc/uwsgi/apps-enabled/ccvpn3.ini
systemctl restart uwsgi
systemctl reload nginx
Celery
# run celery background processes
poetry run celery -A ccvpn worker -l info
poetry run celery -A ccvpn beat -l info
# celery flower monitoring web ui
poetry run flower --port=5555 -A ccvpn
# ~ with systemd services ~
cp ./deploy/ccvpn-*.service /etc/systemd/
systemctl daemon-reload
systemctl enable --now ccvpn-{worker,scheduler,flower}.service