mirror of
https://github.com/angristan/openvpn-install.git
synced 2026-01-14 20:57:04 +01:00
Fix management socket path to persist after reboot (#1452)
- Use `/var/run/openvpn-server/` instead of `/var/run/openvpn/` for the management socket - The former is created at boot by OpenVPN's tmpfiles.d, the latter was lost on reboot Fixes #1451
This commit is contained in:
Stanislas
@@ -3050,13 +3050,10 @@ tls-version-min $TLS_VERSION_MIN"
|
||||
tls-ciphersuites $TLS13_CIPHERSUITES
|
||||
client-config-dir ccd
|
||||
status /var/log/openvpn/status.log
|
||||
management /var/run/openvpn/server.sock unix
|
||||
management /var/run/openvpn-server/server.sock unix
|
||||
verb 3"
|
||||
} >>/etc/openvpn/server/server.conf
|
||||
|
||||
# Create management socket directory
|
||||
run_cmd_fatal "Creating management socket directory" mkdir -p /var/run/openvpn
|
||||
|
||||
# Create client-config-dir dir
|
||||
run_cmd_fatal "Creating client config directory" mkdir -p /etc/openvpn/server/ccd
|
||||
# Create log dir
|
||||
@@ -3130,6 +3127,12 @@ verb 3"
|
||||
run_cmd "Patching service file (paths)" sed -i 's|/etc/openvpn/|/etc/openvpn/server/|g' /etc/systemd/system/openvpn-server@.service
|
||||
fi
|
||||
|
||||
# Ensure RuntimeDirectory is set for the management socket
|
||||
# Some distros (e.g., openSUSE) don't include this in their service file
|
||||
if ! grep -q "RuntimeDirectory=" /etc/systemd/system/openvpn-server@.service; then
|
||||
run_cmd "Patching service file (RuntimeDirectory)" sed -i '/\[Service\]/a RuntimeDirectory=openvpn-server' /etc/systemd/system/openvpn-server@.service
|
||||
fi
|
||||
|
||||
run_cmd "Reloading systemd" systemctl daemon-reload
|
||||
run_cmd "Enabling OpenVPN service" systemctl enable openvpn-server@server
|
||||
# In fingerprint mode, delay service start until first client is created
|
||||
@@ -4096,7 +4099,7 @@ function revokeClient() {
|
||||
# Disconnect a client via the management interface
|
||||
function disconnectClient() {
|
||||
local client_name="$1"
|
||||
local mgmt_socket="/var/run/openvpn/server.sock"
|
||||
local mgmt_socket="/var/run/openvpn-server/server.sock"
|
||||
|
||||
if [[ ! -S "$mgmt_socket" ]]; then
|
||||
log_warn "Management socket not found. Client may still be connected until they reconnect."
|
||||
|
||||
@@ -162,7 +162,7 @@ echo ""
|
||||
echo "=== Verifying Management Interface Configuration ==="
|
||||
|
||||
# Verify management socket is configured in server.conf
|
||||
if grep -q "management /var/run/openvpn/server.sock unix" /etc/openvpn/server/server.conf; then
|
||||
if grep -q "management /var/run/openvpn-server/server.sock unix" /etc/openvpn/server/server.conf; then
|
||||
echo "PASS: Management interface configured in server.conf"
|
||||
else
|
||||
echo "FAIL: Management interface not found in server.conf"
|
||||
@@ -171,10 +171,10 @@ else
|
||||
fi
|
||||
|
||||
# Verify management socket directory exists
|
||||
if [ -d /var/run/openvpn ]; then
|
||||
if [ -d /var/run/openvpn-server ]; then
|
||||
echo "PASS: Management socket directory exists"
|
||||
else
|
||||
echo "FAIL: Management socket directory /var/run/openvpn not found"
|
||||
echo "FAIL: Management socket directory /var/run/openvpn-server not found"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
@@ -1149,14 +1149,14 @@ echo "=== PASSPHRASE Support Tests PASSED ==="
|
||||
echo ""
|
||||
echo "=== Testing Management Interface ==="
|
||||
|
||||
MGMT_SOCKET="/var/run/openvpn/server.sock"
|
||||
MGMT_SOCKET="/var/run/openvpn-server/server.sock"
|
||||
|
||||
# Verify management socket exists and is accessible
|
||||
if [ -S "$MGMT_SOCKET" ]; then
|
||||
echo "PASS: Management socket exists at $MGMT_SOCKET"
|
||||
else
|
||||
echo "FAIL: Management socket not found at $MGMT_SOCKET"
|
||||
ls -la /var/run/openvpn/ || true
|
||||
ls -la /var/run/openvpn-server/ || true
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
||||
Reference in New Issue
Block a user