[Service]
ExecStart=
ExecStart=/usr/bin/openvpn --suppress-timestamps --nobind --config %i.conf --script-security 2 --up /etc/openvpn/update-resolv-conf --down /etc/openvpn/update-resolv-conf
# The part before --script-security 2 might need upgrading from
# /usr/lib/systemd/system/openvpn-client@.service if it was upgraded
Restart=on-failure
User=
AmbiantCapabilities=
# It's not pretty, but other script only work with systemd or call resolvconf with -p,
# which doesn't work without a local DNS resolver
# TODO Local DNS resolver sounds nice anyway