summaryrefslogtreecommitdiff
path: root/debian/openvpn@.service
diff options
context:
space:
mode:
Diffstat (limited to 'debian/openvpn@.service')
-rw-r--r--debian/openvpn@.service6
1 files changed, 6 insertions, 0 deletions
diff --git a/debian/openvpn@.service b/debian/openvpn@.service
index a136de9..07f9e5b 100644
--- a/debian/openvpn@.service
+++ b/debian/openvpn@.service
@@ -2,6 +2,9 @@
Description=OpenVPN connection to %i
PartOf=openvpn.service
ReloadPropagatedFrom=openvpn.service
+Documentation=man:openvpn(8)
+Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
+Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
[Service]
Type=forking
@@ -9,6 +12,9 @@ ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10
ExecReload=/bin/kill -HUP $MAINPID
WorkingDirectory=/etc/openvpn
ProtectSystem=yes
+CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH
+DeviceAllow=/dev/null rw
+DeviceAllow=/dev/net/tun rw
[Install]
WantedBy=multi-user.target
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-18 06:51:39 +0000