summaryrefslogtreecommitdiff
path: root/main/openvpn/distro
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2014-11-26 00:28:48 +0100
committerArne Schwabe <arne@rfc2549.org>2014-11-26 00:28:48 +0100
commit19e013e6ba85ee25817829bb6556ecd4776c704e (patch)
tree8fd2650b23e0503e36da7e084be0cc2f4593f0b4 /main/openvpn/distro
parent5dc503314511f3041b4674569ba03c10714f7625 (diff)
Update peer-id patch, remove now uneded code from OpenVPN for local block/unblock
--HG-- extra : rebase_source : 8a0eedbd74cb76ac50431f8c8b9bfdd42bc4a243
Diffstat (limited to 'main/openvpn/distro')
-rw-r--r--main/openvpn/distro/systemd/openvpn-client@.service (renamed from main/openvpn/distro/systemd/openvpn@.service)7
-rw-r--r--main/openvpn/distro/systemd/openvpn-server@.service19
2 files changed, 23 insertions, 3 deletions
diff --git a/main/openvpn/distro/systemd/openvpn@.service b/main/openvpn/distro/systemd/openvpn-client@.service
index 7cd36c36..56d93a93 100644
--- a/main/openvpn/distro/systemd/openvpn@.service
+++ b/main/openvpn/distro/systemd/openvpn-client@.service
@@ -1,6 +1,7 @@
[Unit]
Description=OpenVPN tunnel for %I
-After=syslog.target network.target
+After=syslog.target network-online.target
+Wants=network-online.target
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
@@ -8,8 +9,8 @@ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
[Service]
PrivateTmp=true
Type=forking
-PIDFile=/var/run/openvpn/%i.pid
-ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf
+PIDFile=/var/run/openvpn/client_%i.pid
+ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/client --config %i.conf --daemon --writepid /var/run/openvpn/client_%i.pid
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH
LimitNPROC=10
DeviceAllow=/dev/null rw
diff --git a/main/openvpn/distro/systemd/openvpn-server@.service b/main/openvpn/distro/systemd/openvpn-server@.service
new file mode 100644
index 00000000..c4c9a123
--- /dev/null
+++ b/main/openvpn/distro/systemd/openvpn-server@.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=OpenVPN service for %I
+After=syslog.target network.target
+Documentation=man:openvpn(8)
+Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
+Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
+
+[Service]
+PrivateTmp=true
+Type=forking
+PIDFile=/var/run/openvpn/server_%i.pid
+ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/server --status /var/run/openvpn/server_%i-status.log --status-version 2 --config %i.conf --daemon --writepid /var/run/openvpn/server_%i.pid
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH
+LimitNPROC=10
+DeviceAllow=/dev/null rw
+DeviceAllow=/dev/net/tun rw
+
+[Install]
+WantedBy=multi-user.target