diff options
| author | Arne Schwabe <arne@rfc2549.org> | 2014-11-26 00:28:48 +0100 |
|---|---|---|
| committer | Arne Schwabe <arne@rfc2549.org> | 2014-11-26 00:28:48 +0100 |
| commit | 19e013e6ba85ee25817829bb6556ecd4776c704e (patch) | |
| tree | 8fd2650b23e0503e36da7e084be0cc2f4593f0b4 /main/openvpn/distro/systemd | |
| parent | 5dc503314511f3041b4674569ba03c10714f7625 (diff) | |
Update peer-id patch, remove now uneded code from OpenVPN for local block/unblock
--HG--
extra : rebase_source : 8a0eedbd74cb76ac50431f8c8b9bfdd42bc4a243
Diffstat (limited to 'main/openvpn/distro/systemd')
| -rw-r--r-- | main/openvpn/distro/systemd/openvpn-client@.service (renamed from main/openvpn/distro/systemd/openvpn@.service) | 7 | ||||
| -rw-r--r-- | main/openvpn/distro/systemd/openvpn-server@.service | 19 |
2 files changed, 23 insertions, 3 deletions
diff --git a/main/openvpn/distro/systemd/openvpn@.service b/main/openvpn/distro/systemd/openvpn-client@.service index 7cd36c36..56d93a93 100644 --- a/main/openvpn/distro/systemd/openvpn@.service +++ b/main/openvpn/distro/systemd/openvpn-client@.service @@ -1,6 +1,7 @@ [Unit] Description=OpenVPN tunnel for %I -After=syslog.target network.target +After=syslog.target network-online.target +Wants=network-online.target Documentation=man:openvpn(8) Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO @@ -8,8 +9,8 @@ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO [Service] PrivateTmp=true Type=forking -PIDFile=/var/run/openvpn/%i.pid -ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf +PIDFile=/var/run/openvpn/client_%i.pid +ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/client --config %i.conf --daemon --writepid /var/run/openvpn/client_%i.pid CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH LimitNPROC=10 DeviceAllow=/dev/null rw diff --git a/main/openvpn/distro/systemd/openvpn-server@.service b/main/openvpn/distro/systemd/openvpn-server@.service new file mode 100644 index 00000000..c4c9a123 --- /dev/null +++ b/main/openvpn/distro/systemd/openvpn-server@.service @@ -0,0 +1,19 @@ +[Unit] +Description=OpenVPN service for %I +After=syslog.target network.target +Documentation=man:openvpn(8) +Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage +Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO + +[Service] +PrivateTmp=true +Type=forking +PIDFile=/var/run/openvpn/server_%i.pid +ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/server --status /var/run/openvpn/server_%i-status.log --status-version 2 --config %i.conf --daemon --writepid /var/run/openvpn/server_%i.pid +CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH +LimitNPROC=10 +DeviceAllow=/dev/null rw +DeviceAllow=/dev/net/tun rw + +[Install] +WantedBy=multi-user.target |