Remove unnecessary cipher configuration on Fedora (#762)

This commit is contained in:
randomshell 2021-12-13 21:50:21 +00:00 committed by GitHub
parent 8f83781d00
commit 3a5bcf5d2d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -930,10 +930,6 @@ verb 3" >>/etc/openvpn/server.conf
sed -i 's|LimitNPROC|#LimitNPROC|' /etc/systemd/system/openvpn-server@.service sed -i 's|LimitNPROC|#LimitNPROC|' /etc/systemd/system/openvpn-server@.service
# Another workaround to keep using /etc/openvpn/ # Another workaround to keep using /etc/openvpn/
sed -i 's|/etc/openvpn/server|/etc/openvpn|' /etc/systemd/system/openvpn-server@.service sed -i 's|/etc/openvpn/server|/etc/openvpn|' /etc/systemd/system/openvpn-server@.service
# On fedora, the service hardcodes the ciphers. We want to manage the cipher ourselves, so we remove it from the service
if [[ $OS == "fedora" ]]; then
sed -i 's|--cipher AES-256-GCM --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC||' /etc/systemd/system/openvpn-server@.service
fi
systemctl daemon-reload systemctl daemon-reload
systemctl enable openvpn-server@server systemctl enable openvpn-server@server