summaryrefslogtreecommitdiff
path: root/distro/systemd
diff options
context:
space:
mode:
authorAlberto Gonzalez Iniesta <agi@inittab.org>2015-06-30 08:22:29 +0200
committerAlberto Gonzalez Iniesta <agi@inittab.org>2015-06-30 08:22:29 +0200
commit6149d88c5a2c58a9cc943ca02c36e8ee4e5d1751 (patch)
tree0fdc36dba5e216faf7ade9d7b327090b4a20bd2b /distro/systemd
parent63862ed15e1abb4b29c5a43b469321c928613c62 (diff)
Imported Upstream version 2.3.7upstream/2.3.7
Diffstat (limited to 'distro/systemd')
-rw-r--r--distro/systemd/openvpn-client@.service20
-rw-r--r--distro/systemd/openvpn-server@.service19
2 files changed, 39 insertions, 0 deletions
diff --git a/distro/systemd/openvpn-client@.service b/distro/systemd/openvpn-client@.service
new file mode 100644
index 0000000..56d93a9
--- /dev/null
+++ b/distro/systemd/openvpn-client@.service
@@ -0,0 +1,20 @@
+[Unit]
+Description=OpenVPN tunnel for %I
+After=syslog.target network-online.target
+Wants=network-online.target
+Documentation=man:openvpn(8)
+Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
+Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
+
+[Service]
+PrivateTmp=true
+Type=forking
+PIDFile=/var/run/openvpn/client_%i.pid
+ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/client --config %i.conf --daemon --writepid /var/run/openvpn/client_%i.pid
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH
+LimitNPROC=10
+DeviceAllow=/dev/null rw
+DeviceAllow=/dev/net/tun rw
+
+[Install]
+WantedBy=multi-user.target
diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service
new file mode 100644
index 0000000..c4c9a12
--- /dev/null
+++ b/distro/systemd/openvpn-server@.service
@@ -0,0 +1,19 @@
+[Unit]
+Description=OpenVPN service for %I
+After=syslog.target network.target
+Documentation=man:openvpn(8)
+Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
+Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
+
+[Service]
+PrivateTmp=true
+Type=forking
+PIDFile=/var/run/openvpn/server_%i.pid
+ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/server --status /var/run/openvpn/server_%i-status.log --status-version 2 --config %i.conf --daemon --writepid /var/run/openvpn/server_%i.pid
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH
+LimitNPROC=10
+DeviceAllow=/dev/null rw
+DeviceAllow=/dev/net/tun rw
+
+[Install]
+WantedBy=multi-user.target