šŸš€ Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more ā†’
Socket
DemoInstallSign in
Socket
DemoInstallSign in

gcp-ovpn-portal

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

gcp-ovpn-portal

A secure OpenVPN authentication portal with Google OAuth2

0.4.7
PyPI
Maintainers
1

šŸ” OpenVPN Client Portal

Python 3.8+ Flask License: MIT codecov

A secure, user-friendly authentication portal for OpenVPN configuration distribution. This application provides Google OAuth2 authentication and domain-restricted access to OpenVPN configuration files.

OpenVPN Auth Portal

šŸŒŸ Features

  • šŸ”’ Secure Google OAuth2 authentication
  • šŸ‘„ Domain-restricted access control
  • šŸ“¦ Automated OpenVPN config generation
  • šŸŽØ Clean, responsive web interface
  • šŸš€ Easy deployment and configuration

šŸ“¦ Installation

Via pip

pip install gcp-ovpn-portal

Development Setup

  • Clone the repository:
git clone https://github.com/ranson21/gcp-ovpn-portal
cd gcp-ovpn-portal
  • Install with Poetry:
poetry install

šŸ”§ Configuration

Google OAuth2 Setup

  • Go to the Google Cloud Console
  • Create a new project or select an existing one
  • Enable the Google OAuth2 API:
    • Go to "APIs & Services" > "Library"
    • Search for "Google OAuth2"
    • Click "Enable"
  • Configure the OAuth consent screen:
    • Go to "APIs & Services" > "OAuth consent screen"
    • Choose "Internal" if using Google Workspace, or "External" if not
    • Fill in the application name and other required fields
    • Add the necessary scopes (email, profile)
  • Create OAuth 2.0 credentials:
    • Go to "APIs & Services" > "Credentials"
    • Click "Create Credentials" > "OAuth client ID"
    • Choose "Web application"
    • Add authorized redirect URIs:
      • For local development: http://localhost:8081
      • For production: https://your-domain.com
    • Save your Client ID and Client Secret

Environment Variables

The following environment variables are required:

  • CLIENT_ID: Google OAuth2 client ID (obtained from steps above)
  • ALLOWED_DOMAIN: Authorized email domain (e.g., "company.com")
  • EXTERNAL_IP: VPN server's external IP address
  • OPENVPN_DIR: Directory containing OpenVPN configuration files (default: /etc/openvpn)

Create a .env file:

cp .env.example .env
# Edit .env with your configuration

Example .env file:

CLIENT_ID=your-google-client-id.apps.googleusercontent.com
ALLOWED_DOMAIN=yourcompany.com
EXTERNAL_IP=203.0.113.1
OPENVPN_DIR=/etc/openvpn

šŸš€ Usage

Running as an installed package

# Run the VPN portal
ovpn-portal

Running in development mode

# Using Poetry
poetry run ovpn-portal

# Or using make
make run

šŸ“ Project Structure

openvpn-auth-portal/
ā”œā”€ā”€ ovpn_portal/
ā”‚   ā”œā”€ā”€ app/
ā”‚   ā”‚   ā”œā”€ā”€ main/
|   ā”‚   ā”‚   ā”œā”€ā”€ __init__.py
|   ā”‚   ā”‚   ā””ā”€ā”€ routes.py
ā”‚   ā”‚   ā”œā”€ā”€ __init__.py
ā”‚   ā”‚   ā”œā”€ā”€ config.py
ā”‚   ā”‚   ā”œā”€ā”€ middleware.py
ā”‚   ā”‚   ā””ā”€ā”€ vpn.py
ā”‚   ā””ā”€ā”€ run.py
ā”œā”€ā”€ static/
ā”‚   ā”œā”€ā”€ css/
ā”‚   ā”œā”€ā”€ images/
ā”‚   ā”œā”€ā”€ js/
ā”‚   ā””ā”€ā”€ favicon.ico
ā”œā”€ā”€ templates/
ā”‚   ā””ā”€ā”€ index.html
ā”œā”€ā”€ tests/
ā”œā”€ā”€ pyproject.toml
ā”œā”€ā”€ .env.example
ā”œā”€ā”€ .gitignore
ā””ā”€ā”€ README.md

šŸ› ļø Development

The project includes a Makefile to help with common development tasks:

First Time Setup

make dev-setup    # Install Poetry, initialize git, and install dependencies

Common Commands

make install      # Install project dependencies
make run         # Run development server
make test        # Run test suite
make coverage    # Run tests with coverage report
make format      # Format code with black and isort
make lint        # Run linting checks
make clean       # Clean temporary files and builds

Test Coverage

To run tests with coverage reporting:

make coverage

This will:

  • Run all tests with coverage tracking
  • Generate a terminal report showing missing lines
  • Create an HTML coverage report in coverage_html/

View the HTML coverage report:

make coverage-open  # On macOS
# Or open coverage_html/index.html in your browser

Package Management

make build       # Build package distribution
make develop     # Install package locally in editable mode

Publishing

make publish-test  # Publish to Test PyPI
make publish      # Publish to PyPI

You can also use Poetry directly for development tasks:

poetry install    # Install dependencies
poetry run pytest # Run tests
poetry run black . # Format code
poetry run flake8 # Lint code

šŸ”’ Security Considerations

  • All authentication is performed through Google OAuth2
  • Configuration files are generated temporarily and immediately deleted after download
  • Domain restriction ensures only authorized users can access the portal
  • HTTPS is required in production

šŸ“„ License

This project is licensed under the MIT License - see the LICENSE file for details.

šŸ¤ Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

šŸ‘¤ Author

Abigail Ranson

Keywords

vpn
openvpn
oauth
google-auth
flask

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Socket Now Supports pylock.toml Files

Product

Socket Now Supports pylock.toml Files

Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.

By Trevor Norris  -  Jun 05, 2025