Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 33 Next »

Overview

OpenVPN (BrightSign currently uses OpenVPN 2.4.7) can be used to create a connection to your servers. The OpenVPN "configuration" interface is a path to a complete configuration file and (optionally) the passphrase needed to decrypt the private key. The process is limited by —script-security=1 for the entire duration of that process. 

The configuration is extracted to flash, meaning that it will persist across device reboots and/or if the SD card is reformatted. If the device is configured for OpenVPN, it will automatically run on startup of the BrightSign application.

When configuring output files, you should use the applicable attached storage device (for example, /storage/sd/).

Note that:

  • archive_file (for BrightScript) or archiveFile (for JavaScript) must point to a zip archive containing a valid OpenVPN configuration file named client.conf in the top level directory (see the Appendix for an example client.conf file).
  • All paths configured in client.conf are assumed to be absolute. In order to refer to files extracted on the player after running installAndRun, the following directory path should be assumed /var/lib/brightsign/openvpn/


roOpenVpn (BrightScript API)

The roOpenVpn BrightScript API ensures that the files can be placed correctly, and with the right ownership, without making them accessible to everyone. 


OpenVpnParams

archive_file as string

Path to configuration zip

obfuscated_secret as string

Encrypted passphrase for protected certificates

InstallAndRun(params as OpenVpnParams) as Boolean

Install configuration and run

openvpn Uninstall() as Boolean

Stop and uninstall configuration


Example:

 ovpn = CreateObject("roOpenVpn")
params = {}
params.archive_file = "openvpn.zip"
ovpn.InstallAndRun(params)
ovpn.Uninstall()


OpenVpn (JavaScript API)

The OpenVpn JavaScript API ensures that the files can be placed correctly, and with the right ownership, without making them accessible to everyone. 


OpenVpn()

void OpenVpn()


installAndRun()

Promise<void> installAndRun(params: OpenVpnParams)

Install the configuration and run OpenVPN.


uninstall()

Promise<void> uninstall()

Stop and uninstall the configuration

OpenVpnParams

  • [String] archiveFile: Path to the configuration zip
  • [String] obfuscatedSecret: Encrypted passphrase for protected certificates

Example:

var openvpn = require('@brightsign/openvpn');
var ovpn = new openvpn();
var params = {
   archiveFile: '/storage/sd/openvpn.zip'
};
ovpn.installAndRun(params)
.then(function() {
   console.log('success');
})
.catch(function(err){
   console.log('err: ' + JSON.stringify(err));
});
ovpn.uninstall()
.then(function() {
   console.log('success');
})
.catch(function(err){
   console.log('err: ' + JSON.stringify(err));
});


Appendix

In addition to other configuration information, client.conf should contain the absolute path format of the configured artifacts. For example:

ca /var/lib/brightsign/openvpn/ca.crt
cert /var/lib/brightsign/openvpn/client1.crt
key /var/lib/brightsign/openvpn/client1.key

log /storage/sd/openvpn.log






  • No labels