Yes that's why it's failing. Why are you using the development version (master branch)? It's not supposed to be used unless you have a good understanding of how OpenWISP works internally and you know what you are doing. This is not a bug.
PS: this thread was about the OpenVPN Server automation feature, please start a new thread when you want to ask questions about a new subject. On Tue, Sep 11, 2018 at 10:25 AM pari khan <[email protected]> wrote: > Hi all, > > I am facing an issue where while including master branch for netjsonconfig > , when I try to access device option in openwisp GUI, I get server error > but if I try to use TAG-0.8.1 then I can access device option without any > server error. > Please help me. These two branches have mgmt IP changes in it. > I think some bug in master branch because of mgmt IP changes. > # openwisp2_django_netjsonconfig_pip: > https://github.com/openwisp/django-netjsonconfig/tarball/master > OR > openwisp2_django_netjsonconfig_pip: > https://github.com/openwisp/django-netjsonconfig/tarball/0.8.1 > > Thanks > kind regards > Pari > > > On Wed, Aug 29, 2018 at 11:40 PM Federico Capoano < > [email protected]> wrote: > >> Pari, >> >> you have to update the server configuration with Ansible, then you have >> to update the VPN client template manually. >> >> The VPN server object in OpenWISP is needed only for generating the base >> VPN client template, store the server certificate and other internal >> automations, but it can't magically update everything yet. That will >> require a considerable amount of effort to implement. >> >> I hope this helps. >> >> Federico >> >> On Wed, Aug 29, 2018 at 2:59 PM pari khan <[email protected]> wrote: >> >>> HI Federico, >>> Seems like few more issues around these.. >>> >>> I was able to get the openVPN installed and run based on ansible role >>> variables. The /etc/openvpn/server.conf has variables as per the ansible >>> role installed package. I also see a tun0 device with IP subnet as per what >>> I configured on ansible role >>> >>> Now, I configure VPN-SERVER configuration via openwisp2. on saving the >>> configuration, I dont see it getting updated in /etc/openvpn/server.conf >>> and the tun IF also doesnt get IP subnet updated as per VPN-SERVER >>> configuration. >>> >>> Am i missing something? >>> >>> kind regards, >>> Pari Khan >>> >>> >>> On Wed, Aug 29, 2018 at 4:25 PM pari khan <[email protected]> wrote: >>> >>>> Hi Federico,, >>>> >>>> Thanks a lot :) >>>> It worked for me. >>>> kind regards >>>> Pari Khan >>>> >>>> On Wed, Aug 29, 2018 at 1:46 PM Federico Capoano < >>>> [email protected]> wrote: >>>> >>>>> Copy the public and private key of the CA and the server certificate >>>>> from the server, you will find the files in the directory of the server >>>>> which ansible created to install OpenVPN. >>>>> Then paste these in the openwisp web UI, when you create a new CA or >>>>> new certificate select "import existing" and the UI will show you only the >>>>> relevant fields. >>>>> >>>>> Try and let me know :-) >>>>> >>>>> On Wed, Aug 29, 2018 at 9:52 AM pari khan <[email protected]> wrote: >>>>> >>>>>> Hi Federico, >>>>>> >>>>>> Thanks for quick reply. >>>>>> I installed openvpn via ansible. As per the instruction in ( >>>>>> https://github.com/Stouts/Stouts.openvpn) I added variables for CA >>>>>> and certificates in playbook.yml file. >>>>>> When I tried importing the CA and certificate how do we ensure the >>>>>> import is happening from where the ansible role created CA and >>>>>> certificate ? >>>>>> When I tried importing CA the country/state etc fields were empty , >>>>>> am I missing something. >>>>>> Please help. >>>>>> kind regards >>>>>> pari khan >>>>>> >>>>>> On Tue, Aug 28, 2018 at 8:05 PM Federico Capoano < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> One more thing: ensure the firmware image contains a pre-existing >>>>>>> /etc/config/openvpn file, even an empty one is fine, otherwise when a >>>>>>> new >>>>>>> configuration is downloaded the OpenVPN process won't be started, you >>>>>>> will >>>>>>> have to manually launch it but that would invalidate all the work >>>>>>> towards >>>>>>> automation we are doing. >>>>>>> >>>>>>> Federico >>>>>>> >>>>>>> >>>>>>> On Tuesday, August 28, 2018 at 1:38:06 PM UTC+2, Federico Capoano >>>>>>> wrote: >>>>>>>> >>>>>>>> Hi Pari and welcome, >>>>>>>> >>>>>>>> this process is not documented yet (we have a ticket for it >>>>>>>> <https://github.com/openwisp/openwisp2-docs/issues/44>), the >>>>>>>> process is roughly the following: >>>>>>>> >>>>>>>> - ensure OpenVPN is included in your OpenWRT firmware image or >>>>>>>> install it manually on your devices (the former option is >>>>>>>> recommended) >>>>>>>> - install OpenVPN on the server, you can use this ansible role >>>>>>>> if you like: https://github.com/Stouts/Stouts.openvpn >>>>>>>> - import the CA, and the server certificate in OpenWISP >>>>>>>> - create a new VPN server, select the CA and server certificate >>>>>>>> just imported, copy the configuration parameters generated by >>>>>>>> ansible >>>>>>>> - now create a new template of type "VPN-client" >>>>>>>> - ensure the auto-cert option is enabled so OpenWISP will >>>>>>>> generate client x509 certificates automatically >>>>>>>> - enable "default template" option if you want the VPN to be >>>>>>>> enabled on all the devices of that organization >>>>>>>> - if you want to use this VPN for all the organizations >>>>>>>> leave the "organization" parameter empty >>>>>>>> - leave the conf empty, hit "save and continue", now you can >>>>>>>> tweak the client VPN conf if you need >>>>>>>> >>>>>>>> After all these passages, devices which will have the new VPN >>>>>>>> template will get the OpenVPN conf and the x509 certificate >>>>>>>> automatically >>>>>>>> created by OpenWISP. This does not assure the VPN will work >>>>>>>> straightaway, >>>>>>>> you may need to do some testing and tweaking before getting it right. >>>>>>>> >>>>>>>> If you need to do some tests on the OpenWRT side, I suggest doing >>>>>>>> it on the device directly first and once you have a configuration that >>>>>>>> works you copy it into the OpenWISP web UI. >>>>>>>> >>>>>>>> To debug, check the logs of both clients and server. >>>>>>>> >>>>>>>> I hope this helps! >>>>>>>> Let me know how it goes and if anything is not clear don't hesitate >>>>>>>> to ask. >>>>>>>> >>>>>>>> Federico >>>>>>>> >>>>>>>> >>>>>>>> On Tuesday, August 28, 2018 at 1:11:42 PM UTC+2, pari khan wrote: >>>>>>>>> >>>>>>>>> Hi, >>>>>>>>> I am new to openwisp. >>>>>>>>> with regards to openwisp I am able to get it up and running.I was >>>>>>>>> able to connect few APs to openwisp controller. My concern is I want >>>>>>>>> to >>>>>>>>> understand how can we install openvpn server .Is CA and certificates >>>>>>>>> related to openvpn server? Can we use the keys installed as part of >>>>>>>>> openvpn >>>>>>>>> server for CA and certificates options in openwisp, I mean can we >>>>>>>>> import or >>>>>>>>> we have to create new ? >>>>>>>>> >>>>>>>>> little confused with these options, if I could get any documents >>>>>>>>> or guidance will be thankful. >>>>>>>>> >>>>>>>>> Kind Regards, >>>>>>>>> pari >>>>>>>>> >>>>>>>>> -- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "OpenWISP" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>> >>>>>> -- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "OpenWISP" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "OpenWISP" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> -- >>> You received this message because you are subscribed to the Google >>> Groups "OpenWISP" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/d/optout. >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "OpenWISP" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. >> > -- > You received this message because you are subscribed to the Google Groups > "OpenWISP" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "OpenWISP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
