Skip to content

network

nm-dispatcher

TODO: Rethink how the scripts should be handled

openvpn

The following profile assumes that:

  • openvpn is started as root with dropping privileges
  • iptables is used
  • config files can be stored in:
    • /etc/openvpn/*.{conf,ovpn}
    • /etc/openvpn/{client,server}/*.{conf,ovpn}
  • certs/keys can be are stored in:
    • /etc/openvpn/certs/*.{key,crt}
    • $HOME/.cert/**/*.pem
  • auth credentials are stored in: /etc/openvpn/auth/*.auth
  • logs are redirected to: /var/log/openvpn/*.log
  • DNS/resolver script is stored in: /etc/openvpn/update-resolv-conf{,.sh}

If a user wants to type user/pass interactively, systemd-ask-password is invoked for that.