42.3: I had to rework openvpn@.service

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

42.3: I had to rework openvpn@.service

Roger Price
I installed openvpn in a fresh 42.3 and copied the configuration files
from a working installation into /etc/openvpn/ .  I then tried with Yast
to enable and start the openvpn@.service provided by the package, This
failed with message

    Failed to get properties: Unit name openvpn@.service is not valid.

So I defined service unit /usr/lib/systemd/system/openvpn.service (no @)

  [Unit]
    Description=OpenVPN tunneling daemon instance using
                /etc/openvpn/server.conf
    After=network.target
    PartOf=openvpn.target

  [Service]
    Type=forking
    PrivateTmp=true
    PIDFile=/var/run/openvpn/server.pid
    ExecStart=/usr/sbin/openvpn --daemon --suppress-timestamps
           --writepid /var/run/openvpn/server.pid --cd /etc/openvpn/
           --config server.conf
    ExecReload=/sbin/killproc -p /var/run/openvpn/server.pid -HUP
           /usr/sbin/openvpn

  [Install]
    WantedBy=multi-user.target openvpn.target

This service unit is the same as openvpn@.service, but explicitly
specifies where the configuration files are and where the pid goes.

I enabled openvpn.service with Yast and successfully started it with
command systemctl start openvpn.service .

Why does the package provide the extra %i and %I engineering which doesn't
work?

Roger

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: 42.3: I had to rework openvpn@.service

Marcus Meissner
On Thu, Aug 31, 2017 at 02:31:47PM +0200, Roger Price wrote:

> I installed openvpn in a fresh 42.3 and copied the configuration files from
> a working installation into /etc/openvpn/ .  I then tried with Yast to
> enable and start the openvpn@.service provided by the package, This failed
> with message
>
>    Failed to get properties: Unit name openvpn@.service is not valid.
>
> So I defined service unit /usr/lib/systemd/system/openvpn.service (no @)
>
>  [Unit]
>    Description=OpenVPN tunneling daemon instance using
>                /etc/openvpn/server.conf
>    After=network.target
>    PartOf=openvpn.target
>
>  [Service]
>    Type=forking
>    PrivateTmp=true
>    PIDFile=/var/run/openvpn/server.pid
>    ExecStart=/usr/sbin/openvpn --daemon --suppress-timestamps
>           --writepid /var/run/openvpn/server.pid --cd /etc/openvpn/
>           --config server.conf
>    ExecReload=/sbin/killproc -p /var/run/openvpn/server.pid -HUP
>           /usr/sbin/openvpn
>
>  [Install]
>    WantedBy=multi-user.target openvpn.target
>
> This service unit is the same as openvpn@.service, but explicitly specifies
> where the configuration files are and where the pid goes.
>
> I enabled openvpn.service with Yast and successfully started it with command
> systemctl start openvpn.service .
>
> Why does the package provide the extra %i and %I engineering which doesn't
> work?

Actually the @ is meant for having variable configurations in those snippets.

E.g. having /etc/openvpn/foo.conf and then doing

systemctl start openvpn@foo

systemctl enable openvpn@foo

can be used too.


Ciao, Marcus

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: 42.3: I had to rework openvpn@.service

Roger Price
In reply to this post by Roger Price
On Thu, 31 Aug 2017, Rui Santos wrote:

> openvpn.service is a systemd template and you cannot use directly.
>
> ... useful examples
>
> Also check this page (there are more) for more
> info: https://www.digitalocean.com/community/tutorials/understanding-systemd-units-and-unit-files

Thanks, a good introduction.  Better than reading systemd man pages.
Roger