From 6909960948127bc1f344e62039bd6795543b5b9e Mon Sep 17 00:00:00 2001 From: Holger Hans Peter Freyther Date: Fri, 21 Nov 2014 23:54:02 +0100 Subject: [PATCH] openvpn: Use the debian generator and service files for OpenVPN We want to use systemd for managing the lifetime of OpenVPN. Take the debian generator (which should work with busybox ash) and the openvpn.service (to inhibit the sysvinit script) and the target file and install it. On systems that have ran "update-rc.d openvpn defaults" one need to manually execute a systemctl enable openvpn.service. This is not done through a post-inst script and I am not sure if we should do it. This means there is a danger of ending with a unit that doesn't start OpenVPN automatically after upgrade! The scripts/packages have not been tested on a device yet. --- .../openvpn/openvpn/openvpn-generator | 40 +++++++++++++++++++ recipes-extra/openvpn/openvpn/openvpn.service | 18 +++++++++ .../openvpn/openvpn/openvpn@.service | 15 +++++++ recipes-extra/openvpn/openvpn_2.3.4.bb | 16 +++++++- 4 files changed, 88 insertions(+), 1 deletion(-) create mode 100755 recipes-extra/openvpn/openvpn/openvpn-generator create mode 100644 recipes-extra/openvpn/openvpn/openvpn.service create mode 100644 recipes-extra/openvpn/openvpn/openvpn@.service diff --git a/recipes-extra/openvpn/openvpn/openvpn-generator b/recipes-extra/openvpn/openvpn/openvpn-generator new file mode 100755 index 0000000..d6ac1aa --- /dev/null +++ b/recipes-extra/openvpn/openvpn/openvpn-generator @@ -0,0 +1,40 @@ +#!/bin/sh + +# This systemd generator creates dependency symlinks that make all OpenVPN +# tunnels listed in /etc/default/openvpn's AUTOSTART be started/stopped/reloaded +# when openvpn.service is started/stopped/reloaded. + +set -eu + +GENDIR="$1" +WANTDIR="$1/openvpn.service.wants" +SERVICEFILE="/lib/systemd/system/openvpn@.service" +AUTOSTART="all" +CONFIG_DIR=/etc/openvpn + +mkdir -p "$WANTDIR" + +if test -e /etc/default/openvpn ; then + . /etc/default/openvpn +fi + +# No VPNs automatically started +if test "x$AUTOSTART" = "xnone" ; then + exit 0 +fi + +if test "x$AUTOSTART" = "xall" -o -z "$AUTOSTART" ; then + for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do + NAME=${CONFIG%%.conf} + ln -s "$SERVICEFILE" "$WANTDIR/openvpn@$NAME.service" + done +else + for NAME in $AUTOSTART ; do + if test -e $CONFIG_DIR/$NAME.conf ; then + ln -s "$SERVICEFILE" "$WANTDIR/openvpn@$NAME.service" + fi + done +fi + +exit 0 + diff --git a/recipes-extra/openvpn/openvpn/openvpn.service b/recipes-extra/openvpn/openvpn/openvpn.service new file mode 100644 index 0000000..0075cc4 --- /dev/null +++ b/recipes-extra/openvpn/openvpn/openvpn.service @@ -0,0 +1,18 @@ +# This service is actually a systemd target, +# but we are using a service since targets cannot be reloaded. + +[Unit] +Description=OpenVPN service +After=network.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/bin/true +ExecReload=/bin/true +WorkingDirectory=/etc/openvpn + +[Install] +WantedBy=multi-user.target + + diff --git a/recipes-extra/openvpn/openvpn/openvpn@.service b/recipes-extra/openvpn/openvpn/openvpn@.service new file mode 100644 index 0000000..be47429 --- /dev/null +++ b/recipes-extra/openvpn/openvpn/openvpn@.service @@ -0,0 +1,15 @@ +[Unit] +Description=OpenVPN connection to %i +PartOf=openvpn.service +ReloadPropagatedFrom=openvpn.service + +[Service] +Type=forking +ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf +ExecReload=/bin/kill -HUP $MAINPID +WorkingDirectory=/etc/openvpn + +[Install] +WantedBy=multi-user.target + + diff --git a/recipes-extra/openvpn/openvpn_2.3.4.bb b/recipes-extra/openvpn/openvpn_2.3.4.bb index 3e52c81..e83c244 100644 --- a/recipes-extra/openvpn/openvpn_2.3.4.bb +++ b/recipes-extra/openvpn/openvpn_2.3.4.bb @@ -8,7 +8,10 @@ DEPENDS = "lzo openssl iproute2 ${@base_contains('DISTRO_FEATURES', 'pam', 'libp inherit autotools SRC_URI = "http://swupdate.openvpn.org/community/releases/openvpn-${PV}.tar.gz \ - file://openvpn" + file://openvpn \ + file://openvpn-generator \ + file://openvpn@.service \ + file://openvpn.service" SRC_URI[md5sum] = "04d47237907faabe9d046970ffe44b2e" SRC_URI[sha256sum] = "af506d5f48568fa8d2f2435cb3fad35f9a9a8f263999ea6df3ba296960cec85a" @@ -26,12 +29,23 @@ do_install_append() { install -d ${D}/${sysconfdir}/init.d install -d ${D}/${sysconfdir}/openvpn install -m 755 ${WORKDIR}/openvpn ${D}/${sysconfdir}/init.d + + # systemd files + install -d ${D}${systemd_unitdir}/system + install -d ${D}${systemd_unitdir}/system-generators + install -m 0644 ${WORKDIR}/openvpn.service ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/openvpn@.service ${D}${systemd_unitdir}/system + install -m 0755 ${WORKDIR}/openvpn-generator ${D}${systemd_unitdir}/system-generators } RRECOMMENDS_${PN} = "kernel-module-tun" FILES_${PN}-dbg += "${libdir}/openvpn/plugins/.debug" +# Don't go through the systemd.bbclass as we do not want magic to happen +# during install and upgrade. Simply ship the files. +FILES_${PN} += "${systemd_unitdir}" + # We need to test opkg upgrade of OpenVPN through the OpenVPN first DEFAULT_PREFERENCE = "-1"