Implement openvpn logging

includes/openvpn.php

@@ -20,7 +20,9 @@ function DisplayOpenVPNConfig()
             if (isset($_POST['authPassword'])) {
                 $authPassword = strip_tags(trim($_POST['authPassword']));
             }
-            $return = SaveOpenVPNConfig($status, $_FILES['customFile'], $authUser, $authPassword);
+            if (is_uploaded_file( $_FILES["customFile"]["tmp_name"])) {
+                $return = SaveOpenVPNConfig($status, $_FILES['customFile'], $authUser, $authPassword);
+            }
         } elseif (isset($_POST['StartOpenVPN'])) {
             $status->addMessage('Attempting to start OpenVPN', 'info');
             exec('sudo /bin/systemctl start openvpn-client@client', $return);
@@ -53,11 +55,19 @@ function DisplayOpenVPNConfig()
     }
     $clients = preg_grep('~\login.(conf)$~', scandir(pathinfo(RASPI_OPENVPN_CLIENT_LOGIN, PATHINFO_DIRNAME)));
 
+    if (isset($_POST['log-openvpn'])) {
+        $logEnable = 1;
+        exec("sudo /etc/raspap/openvpn/openvpnlog.sh", $logOutput);
+        $logOutput = file_get_contents('/tmp/openvpn.log');
+    }
+
     echo renderTemplate(
         "openvpn", compact(
             "status",
             "serviceStatus",
             "openvpnstatus",
+            "logEnable",
+            "logOutput",
             "public_ip",
             "authUser",
             "authPassword",

installers/openvpnlog.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+touch /tmp/openvpn.log
+grep -m 50 openvpn /var/log/syslog | sudo tee /tmp/openvpn.log

installers/raspap.sudoers

@@ -36,6 +36,7 @@ www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/disablelog.sh
 www-data ALL=(ALL) NOPASSWD:/etc/raspap/hostapd/servicestart.sh
 www-data ALL=(ALL) NOPASSWD:/etc/raspap/lighttpd/configport.sh
 www-data ALL=(ALL) NOPASSWD:/etc/raspap/openvpn/configauth.sh
+www-data ALL=(ALL) NOPASSWD:/etc/raspap/openvpn/openvpnlog.sh
 www-data ALL=(ALL) NOPASSWD:/bin/chmod o+r /tmp/hostapd.log
 www-data ALL=(ALL) NOPASSWD:/bin/chmod o+r /tmp/dnsmasq.log
 www-data ALL=(ALL) NOPASSWD:/bin/cp /tmp/dnsmasqdata /etc/dnsmasq.d/090_adblock.conf

templates/openvpn/logging.php

@@ -1,11 +1,16 @@
+<!-- logging tab -->
 <div class="tab-pane fade" id="openvpnlogging">
-  <h4 class="mt-3"><?php echo _("Client log"); ?></h4>
+  <h4 class="mt-3 mb-3"><?php echo _("Logging") ?></h4>
-  <div class="row">
+  <p><?php echo _("Enable this option to log <code>openvpn</code> activity.") ?></p>
-    <div class="form-group col-md-8">
+
-      <?php
+  <div class="custom-control custom-switch">
-          echo '<textarea class="logoutput"></textarea>';
+    <input class="custom-control-input" id="log-openvpn" type="checkbox" name="log-openvpn" value="<?php echo $logEnable; ?>" <?php echo $logEnable ? ' checked="checked"' : "" ?> aria-describedby="log-openvpn">
-      ?>
+    <label class="custom-control-label" for="log-openvpn"><?php echo _("Enable logging") ?></label>
-    </div>
+  </div>
-  </div><!-- /.row -->
+  <div class="row">
-</div><!-- /.tab-pane | logging tab -->
+    <div class="form-group col-md-8 mt-2">
+      <textarea class="logoutput"><?php echo htmlspecialchars($logOutput, ENT_QUOTES); ?></textarea>
+    </div>
+  </div>
+</div><!-- /.tab-pane -->