This reverts commit 34d053fbe8.
It was found that this patch (from 7 years ago) breaks upgrade path and
current behavior (user manual) of the sysmocom VPN.
It is expected that the systemd service openvpn.service is disabled by
default, and that the user simply has to enable/disable it to
enable/disable the sysmocom VPN.
This affects all images deployed until today, since until recently an
old sysmocom-openvpn-config package (from around 2013) was being used
during provisioning, instead of using the one we recently made available
into the regular 201705 feeds.
Related: SYS#5734
Only sysmobts-v2 will override it, but all other machines should have
the same configuration as the sysmocom-bsc. This will fix the build of
our yocto-dora for sysmocom-idu/sysmocom-odu, where task-sysmocom-feed
pulls in task-gprscore which in turn wants to build the ggsn
configuration even on those machines where we don't actually have a ggsn
so far.
The configuration scripts are named for the systemd units for which they
generate configuration files. The generator causes them to run before
those units are started.
This reboots the system instead of starting a shell on boot problems.
Because the slot will only be marked as sucessfully booted as the last
step in a normal boot, repeated emergency boots will cause a fallback at
the boot chooser level to the other slot.
Testing this is possible by passing 'emergency' via the kernel command
line.
I think the last device we sold was in 2011 and I am not aware
if anyone has used it for the last couple of years. Remove it
to lower the complexity of the builds.
This addresses the following warning of OpenVPN:
WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
This way I just need to install sysmocom-openvpn-config and copy
a matching key to the device for the VPN config. The configuration
file is marked as a CONFFILE, this means that modifications to it
will not be lost during upgrade.