VPN support
This commit is contained in:
parent
d9acf4ff93
commit
647fd78ae2
GPG key ID:
C72403E7F82E6AD8
4 changed files with 68 additions and 3 deletions
10
config/automatrop/roles/system/files/openvpn-client.service
Normal file
10
config/automatrop/roles/system/files/openvpn-client.service
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
[Service]
|
||||
ExecStart=
|
||||
ExecStart=/usr/bin/openvpn --suppress-timestamps --nobind --config %i.conf --script-security 2 --up /etc/openvpn/update-resolv-conf --down /etc/openvpn/update-resolv-conf
|
||||
# The part before --script-security 2 might need upgrading from
|
||||
# /usr/lib/systemd/system/openvpn-client@.service if it was upgraded
|
||||
Restart=on-failure
|
||||
User=
|
||||
AmbiantCapabilities=
|
||||
# It's not pretty, but other script only work with systemd or call resolvconf with -p,
|
||||
# which doesn't work without a local DNS resolver
|
||||
|
|
@ -65,6 +65,27 @@
|
|||
become: yes
|
||||
when: extlinux.stat.exists
|
||||
|
||||
- name: Remove bootsplash packages (Arch based)
|
||||
pacman:
|
||||
name:
|
||||
- bootsplash-systemd
|
||||
- bootsplash-theme-manjaro
|
||||
state: absent
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
|
||||
# Display Manager
|
||||
|
||||
- name: Remove display manager packages (Arch based)
|
||||
pacman:
|
||||
name:
|
||||
- sddm
|
||||
- sddm-breath2-theme
|
||||
state: absent
|
||||
become: yes
|
||||
when: arch_based
|
||||
|
||||
# Xorg configuration
|
||||
|
||||
- name: Check if there is nvidia-xrun is installed
|
||||
|
|
@ -262,6 +283,15 @@
|
|||
notify:
|
||||
- wifi setup changed
|
||||
|
||||
- name: Mask systemd-networkd
|
||||
systemd:
|
||||
name: systemd-networkd
|
||||
state: stopped
|
||||
enabled: no
|
||||
masked: yes
|
||||
become: yes
|
||||
notify: etc changed
|
||||
|
||||
# Time synchronisation
|
||||
|
||||
- name: Mask systemd-timesyncd
|
||||
|
|
@ -272,7 +302,6 @@
|
|||
masked: yes
|
||||
become: yes
|
||||
notify: etc changed
|
||||
when: arch_based
|
||||
|
||||
- name: Configure chrony
|
||||
copy:
|
||||
|
|
@ -309,6 +338,24 @@
|
|||
notify:
|
||||
- etc changed
|
||||
|
||||
# VPN configuration
|
||||
|
||||
- name: Prepare directory for openvpn-client service override
|
||||
file:
|
||||
path: /etc/systemd/system/openvpn-client@.service.d
|
||||
state: directory
|
||||
mode: "u=rwx,g=rx,o=rx"
|
||||
become: yes
|
||||
|
||||
- name: Make openvpn use hooks for resolvconf
|
||||
copy:
|
||||
src: openvpn-client.service
|
||||
dest: /etc/systemd/system/openvpn-client@.service.d/override.conf
|
||||
become: yes
|
||||
notify:
|
||||
- etc changed
|
||||
- systemd changed
|
||||
|
||||
# TODO Hibernation, if that's relevant
|
||||
# $ sudo blkid | grep 'TYPE="swap"'
|
||||
# $ sudoedit /etc/default/grub
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue