diff options
Diffstat (limited to 'distro/systemd/openvpn-server@.service')
-rw-r--r-- | distro/systemd/openvpn-server@.service | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/distro/systemd/openvpn-server@.service b/distro/systemd/openvpn-server@.service index c4c9a12..a2b7b52 100644 --- a/distro/systemd/openvpn-server@.service +++ b/distro/systemd/openvpn-server@.service @@ -1,16 +1,19 @@ [Unit] Description=OpenVPN service for %I -After=syslog.target network.target +After=syslog.target network-online.target +Wants=network-online.target Documentation=man:openvpn(8) -Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage +Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO [Service] PrivateTmp=true -Type=forking -PIDFile=/var/run/openvpn/server_%i.pid -ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/server --status /var/run/openvpn/server_%i-status.log --status-version 2 --config %i.conf --daemon --writepid /var/run/openvpn/server_%i.pid -CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH +RuntimeDirectory=openvpn-server +RuntimeDirectoryMode=0710 +WorkingDirectory=/etc/openvpn/server +ExecStartPre=/bin/sh -c 'grep -q -E ^daemon %i.conf || exit 0 && /usr/bin/echo "OpenVPN configuration cannot contain --daemon when being managed by systemd" ; exit 1' +ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf +CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE LimitNPROC=10 DeviceAllow=/dev/null rw DeviceAllow=/dev/net/tun rw |