Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate to openvpn 2.4 paths and systemd services #653

Open
wants to merge 11 commits into
base: master
Choose a base branch
from
Open

Migrate to openvpn 2.4 paths and systemd services #653

wants to merge 11 commits into from

Conversation

randshell
Copy link
Contributor

@randshell randshell commented May 2, 2020
edited
Loading

Openvpn 2.4 uses by default two directories client and server to separate the openvpn configuration. We now move to this behavior and patch distros with openvpn 2.3 to use the new path. Only Ubuntu 16.04 and Debian 8 are affected.
Fixes #605

@angristan for how long do you want to support 2.3? Nyr dropped support for it.
I know from the issues that it's used on routers but I'm not sure about the security implications.

@randshell
Copy link
Contributor Author

Only Ubuntu 16.04 and Debian 8 are affected.

I read the code again and these two versions use the repository from openvpn.net that provides the latest version of openpvn. This means we can drop all 2.3 paths and the related systemd services.

@randshell randshell changed the title Migrate to /etc/openvpn/server path Migrate to openvpn 2.4 paths and systemd services May 2, 2020
@randshell
Create /etc/openvpn/client
fc7175a 
openvpn package from openvpn.net repository doesn't have `server` and `client` directories
@randshell
Update file paths in FAQ.md
de27da3
@randshell randshell mentioned this pull request May 2, 2020
Open
randshell and others added 2 commits May 2, 2020 20:46
@randshell
Remove status option from server.conf
40ddb4c 
It is included in the new systemd service `openvpn-server@.service`:
`ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf`

The new path is `/run/openvpn-server/status-server.log`
Remove old log directory
c4947d1 
See previous commit 40ddb4c
@randshell randshell marked this pull request as ready for review May 7, 2020 20:12
@angristan
Copy link
Owner

If all distributions are packaged properly now, I agree we should do these changes

@randshell randshell mentioned this pull request Jun 28, 2020
Closed
@kikislater kikislater mentioned this pull request Jun 27, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement to-test
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use /etc/openvpn/server instead of /etc/openvpn
2 participants
@randshell @angristan