Small Rack (Ruby) application serving OpenVPN status file

Go to file

renovate[bot] 85791c1b74 docker: update alpine Docker tag to v3.19		2024-03-03 11:31:17 +01:00
.github	ci: update actions/checkout action to v4	2024-03-03 11:31:01 +01:00
docs	docker: update alpine Docker tag to v3.19	2024-03-03 11:31:17 +01:00
examples	gem: support date format used by OpenVPN 2.5	2022-01-18 17:07:33 +01:00
exe	gem: adopt frozen string literals	2020-03-07 01:30:57 +01:00
lib	gem: release 3.4.0	2023-01-20 14:57:35 +01:00
spec	gem: fix rubocop warning	2023-03-07 22:56:27 +01:00
.editorconfig	gem: add editorconfig	2020-08-14 14:07:47 +02:00
.gitignore	gem: add solargraph support	2020-03-01 22:12:38 +01:00
.rubocop.yml	gem: add Ruby 3.3 support, drop Ruby 2.7 due to EOL	2024-03-03 11:28:40 +01:00
.solargraph.yml	gem: add solargraph support	2020-03-01 22:12:38 +01:00
Gemfile	gems: revert back to upstream solargraph now with rubocop 1.0 compat	2020-12-25 17:51:25 +01:00
LICENSE	Add license	2013-02-25 22:56:33 +01:00
README.md	docs: add example docker-compose usage	2023-02-16 16:00:18 +01:00
Rakefile	gems: include rubocop-rake and fix linting	2020-12-25 18:16:27 +01:00
openvpn-status-web.gemspec	gems: update rubocop to version 1.61.0	2024-03-03 11:30:47 +01:00

README.md

openvpn-status-web

Description

Small (another word for naive in this case, it's simple and serves my needs) Rack application providing the information an OpenVPN server collects in it's status file especially including a list of currently connected clients (common name, remote address, traffic, ...).

It lacks:

caching (parses file on each request, page does auto-refresh every minute as OpenVPN updates the status file these often by default)
management interface support
possibly more...

Usage

Install the gem:

gem install openvpn-status-web

Create a configuration file in YAML format somewhere:

# listen address and port
host: "0.0.0.0"
port: "8080"
# optional: drop priviliges in case you want to but you should give this user at least read access on the log files
user: "nobody"
group: "nogroup"
# logfile is optional, logs to STDOUT else
logfile: "openvpn-status-web.log"
# hash with each VPNs display name for humans as key and further config as value
vpns:
  My Small VPN:
    # the status file path and status file format version are required
    version: 1
    status_file: "/var/log/openvpn-status.log"
  My Other VPN:
    version: 3
    status_file: "/var/log/other-openvpn-status.log"

Your OpenVPN configuration should contain something like this:

# ...snip...
status /var/log/openvpn-status.log
status-version 1
# ...snip...

For more information about OpenVPN status file and version, see their man page. openvpn-status-web is able to parse all versions from 1 to 3.

Advanced topics

Authentication

If the information exposed is important to you serve it via the VPN or use a webserver as a proxy to handle SSL and/or HTTP authentication.

Startup

There is a Dockerfile that can be used to build a Docker image for running openvpn-status-web.

This can for example be used with docker-compose via:

version: "2.4"
services:
  openvpn-status-web:
    image: your-selfbuilt-docker-image
    user: root  # needed since the default status files are chmod 600
    volumes:
    - /path/to/host/config.yml:/etc/openvpn-status-web/config.yml:ro
    - /run/openvpn-server:/run/openvpn-server
    ports:
    - "8080:8080"

The /path/to/host/config.yml could be:

host: "0.0.0.0"
port: "8080"
vpns:
  my-cool-vpn:  # the following depends on your setup
    version: 2
    status_file: "/run/openvpn-server/status-my-cool-vpn.log"

License

openvpn-status-web is licensed under the Apache License, Version 2.0. See LICENSE for more information.