network¶
nm-dispatcher¶
TODO: Rethink how the scripts should be handled
openvpn¶
The following profile assumes that:
- openvpn is started as root with dropping privileges
- iptables is used
- config files can be stored in:
/etc/openvpn/*.{conf,ovpn}/etc/openvpn/{client,server}/*.{conf,ovpn}
- certs/keys can be are stored in:
/etc/openvpn/certs/*.{key,crt}$HOME/.cert/**/*.pem
- auth credentials are stored in:
/etc/openvpn/auth/*.auth - logs are redirected to:
/var/log/openvpn/*.log - DNS/resolver script is stored in:
/etc/openvpn/update-resolv-conf{,.sh}
If a user wants to type user/pass interactively, systemd-ask-password is invoked for that.