Template: OpenVPN-Systemd

From HackerNet
Jump to: navigation, search
(Created page with "Denna OpenVPN template unit letar efter en '''.conf''' fil med det namnet du anger efter '''@''' i mappen <code>/etc/openvpn/client/</code>. Spara filen under <code>/usr/lib/...")
 
m
 
(One intermediate revision by the same user not shown)
(No difference)

Latest revision as of 21:47, 6 December 2017

Denna OpenVPN template unit letar efter en .conf fil med det namnet du anger efter @ i mappen /etc/openvpn/client/.

Spara filen under /usr/lib/systemd/system och döp den till openvpn-client@.service.

[Unit]
Description=OpenVPN tunnel for %I
After=syslog.target network-online.target
Wants=network-online.target
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO

[Service]
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn/client
ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config %i.conf
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw
ProtectSystem=true
ProtectHome=true
KillMode=process

[Install]
WantedBy=multi-user.target

Har du 3st VPN filer som heter vpn-office.conf, vpn-branch.conf, vpn-home.conf så kan du starta alla med följande kommando.

systemctl start openvpn-client@vpn-office
systemctl start openvpn-client@vpn-branch
systemctl start openvpn-client@vpn-home

För att dom ska autostarta vid boot kan du använda:

systemctl enable openvpn-client@vpn-office
systemctl enable openvpn-client@vpn-branch
systemctl enable openvpn-client@vpn-home