PurpleNet purplenet
Status: Alpha
Brought to you by:
kkh
Menu
▾
▴
Tree [cec4d9] master purplenet-0.7.2 / History
Santtu Pajukanta
Read Me
vim: shiftwidth=4 expandtab
encoding: utf-8
================================
PurpleNet OpenVPN User Interface
================================
Author: Santtu Pajukanta <santtu.pajukanta@tut.fi>
Department of Communications Engineering
Tampere University of Technology
Copyright
=========
PurpleNet - a Web User Interface for OpenVPN
Copyright (C) 2009 Santtu Pajukanta
Copyright (C) 2008, 2009 Tuure Vartiainen, Antti Niemelä, Vesa Salo
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Introduction
============
Purplenet is a web user interface for OpenVPN tunnelling servers aimed
to make it easier to control, manage, deploy OpenVPN based
connectivity services to the end users and devices. This kind of
connectivity services can be utilised for example for providing secure
VPN connectivity as well as in general providing better access and
connectivity to the network services offered by the service provider.
Current features include:
* Management of the PKI
* creating the CA hierarchy
* granting certificates
* revoking your own certificates
* administrator access to revoking others' certificates
* Config generation for client and server
* Customizable through Django templates
* Shibboleth integration
* Login via Shibboleth
* Mapping of Shibboleth properties (envvars) into groups
For missing and incomplete functionality, see the file TODO.
Concepts
========
ORGANIZATIONS - Several organizations may be configured in the system, each of
which has access to one or more networks.
CLIENTS, ADMINISTRATORS AND SUPERUSERS - Three levels of access are available
in this release of PurpleNet:
* Clients are normal users that may request certificates and revoke their
own existing certificates.
* Administrators have management access to one or more organizations. They
can revoke certificates of users in their organizations and (in
standalone mode) manage their membership.
* Superusers can change and configure just about anything in the system.
ORGANIZATIONAL MAPPING - The system can be configured to use Shibboleth as its
authentication backend.
Installation
============
1. Put the purplenet and libpurplenet packages in your PYTHON_PATH.
2. Create a database in an RDBMS supported by Django (PostgreSQL recommended).
3. Copy purplenet/settings.py.dist to purplenet/settings.py and edit it to
match your installation.
4. Source "env.sh" and run "manage syncdb".
5. Configure the web server (see configuration examples below)
6. Prepare a directory that is writable by your web server. This directory will
contain the Certificate Authorities of your installation.
7. Point your browser to http://path/to/purplenet/setup and fill in the
setup form.
8. Log in as a superuser and create at least one organization, network and
server.
9. Download the OpenVPN server configuration from your PurpleNet portal and
use it to deploy the OpenVPN server.
Configuration example
=====================
This configuration example is for Apache 2.2, Django 1.0.2 and mod_python.
Paths will need to be adjusted for your installation.
/etc/apache2/sites-available/default:
<Location /purplenet>
SetHandler python-program
PythonHandler django.core.handlers.modpython
SetEnv DJANGO_SETTINGS_MODULE purplenet.settings
PythonOption django.root /purplenet
PythonDebug On
PythonAutoReload On
PythonPath "['/path/to/purplenet'] + sys.path"
PythonInterpreter purplenet
</Location>
Alias "/public_demo/media/admin" "/usr/lib/python2.5/site-packages/Django-1.0.2_final-py2.5.egg/django/contrib/admin/media"
Alias "/public_demo/media" "/path/to/purplenet/media"
<Location /purplenet/media>
SetHandler None
</Location>
Authors and acknowledgements
============================
See the file AUTHORS for a full list of people that have contributed to
PurpleNet.
PurpleNet is licensed under the GNU General Public License, version 2 or
later. See the files LICENSE.GPLv2 and LICENSE.GPLv3 for the full legal text
of the licenses.