Thursday, March 08, 2018

Re: openvpn rc script

On Wed, Mar 07 2018, Antoine Jacoutot <ajacoutot@bsdfrog.org> wrote:
> On Tue, Mar 06, 2018 at 09:17:31PM +0000, Stuart Henderson wrote:
>> On 2018/03/06 19:18, Jeremie Courreges-Anglas wrote:
>> > +
>> > +# No default daemon_flags, adapt to your needs.
>> > +daemon="${TRUEPREFIX}/sbin/openvpn --daemon"
>>
>> I agree with adding the script, but I think this comment encourages
>> users to edit the rc file directly. How about:
>>
>> # No default daemon_flags, use "rcctl set openvpn flags [...]"
>>
>> Or just skipping that and mentioning in README instead?
>
> I agree, it belongs in README.

Updated diff:


Index: Makefile
===================================================================
RCS file: /d/cvs/ports/net/openvpn/Makefile,v
retrieving revision 1.88
diff -u -p -r1.88 Makefile
--- Makefile 6 Mar 2018 12:44:29 -0000 1.88
+++ Makefile 6 Mar 2018 12:44:54 -0000
@@ -3,7 +3,7 @@
COMMENT= easy-to-use, robust, and highly configurable VPN

DISTNAME= openvpn-2.4.5
-REVISION= 0
+REVISION= 1
CATEGORIES= net security

HOMEPAGE= https://openvpn.net/index.php/open-source/
Index: pkg/PLIST
===================================================================
RCS file: /d/cvs/ports/net/openvpn/pkg/PLIST,v
retrieving revision 1.22
diff -u -p -r1.22 PLIST
--- pkg/PLIST 29 Sep 2017 16:36:23 -0000 1.22
+++ pkg/PLIST 6 Mar 2018 12:44:54 -0000
@@ -63,3 +63,4 @@ share/examples/openvpn/sample-scripts/br
share/examples/openvpn/sample-scripts/bridge-stop
share/examples/openvpn/sample-scripts/ucn.pl
share/examples/openvpn/sample-scripts/verify-cn
+@rcscript ${RCDIR}/openvpn
Index: pkg/README
===================================================================
RCS file: /d/cvs/ports/net/openvpn/pkg/README,v
retrieving revision 1.4
diff -u -p -r1.4 README
--- pkg/README 6 Mar 2018 12:44:29 -0000 1.4
+++ pkg/README 7 Mar 2018 12:46:02 -0000
@@ -13,6 +13,14 @@ layer-2 (bridged) connections should now
instead as on other OS. Consult the upgrade guide for 5.9 for more
information.

+Using the openvpn rc script
+---------------------------
+
+# rcctl enable openvpn
+# rcctl set openvpn flags '--config /etc/openvpn/server.conf'
+
+To handle multiple openvpn instances see EXAMPLES in rcctl(8).
+
Using an /etc/hostname.* file without persist-tun
-------------------------------------------------
OpenVPN normally re-creates the tun/tap interface at startup.
Index: pkg/openvpn.rc
===================================================================
RCS file: pkg/openvpn.rc
diff -N pkg/openvpn.rc
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ pkg/openvpn.rc 7 Mar 2018 12:31:38 -0000
@@ -0,0 +1,9 @@
+#!/bin/ksh
+#
+# $OpenBSD$
+
+daemon="${TRUEPREFIX}/sbin/openvpn --daemon"
+
+. /etc/rc.d/rc.subr
+
+rc_cmd $1


--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE

No comments:

Post a Comment