-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
openvpn: should it include a runit service? #48834
Comments
Might make sense to include example services for client and server, resembling We've had bad experiences with shipping ready to use system services for things that should most likely not run as the system services, as example the pipewire and pulseaudio system services, where unexpected users started to enable those services without knowing that the preferred method of starting them is through some other means. pipewire ships the example service as void-packages/srcpkgs/pipewire/template Line 61 in f574870
|
Enabling OpenVPN through You would have to either
With no user intervention, OpenVPN won't run. If you have another path pointing to a client/server configuration, you can point to it by: As for the pipewire and pulseaudio analogy - I think these are completely different cases as the preferred method for them is, like you say, to be run by a user. In an OpenVPN config file, you can specify both the user and the group that the process should be run by. As a matter of fact, you can run the process as an unprivileged user (on Debian, for instance, you just insert these lines in your openvpn config): /etc/openvpn/openvpn.conf
|
runit would restart the service every second. |
Oh, this I didn't know about :( |
Depends, many users probably just use NetworkManager to handle their VPN. |
I second the idea of supplying a runnit service somewhere in /usr/share/examples/sv/openvpn so that you could easily copy it to /etc/sv. For a regular user that would save a lot of trouble. If you guys were to decide for it, do you think it would be necessary to have two directories, i.e. openvpn-client, openvpn-server or perhaps one openvpn should suffice? |
Issues become stale 90 days after last activity and are closed 14 days after that. If this issue is still relevant bump it or assign it. |
OpenVPN - a debate whether to include a runit service
As many of you might know, OpenVPN can be run either as a server or a client.
When run as a server, it needs some kind of a trigger that will start it at boot time. The current OpenVPN package does not, however, include a runit service.
When run as a client, it can be either started on boot which would typically require a runit service or it can be executed with the simple command
openvpn /etc/openvpn/yourconfig.conf
.In the first two cases, I believe it is justifiable and reasonable to include a runit service. A few years ago, such a proposal wasn't upheld (#17906 (comment)). I believe now's a good time to re-address this issue.
In my opinion, if Void aims to be as good of an option for a desktop as for a server, we require this change to happen. Of course, you can create the appropriate run file manually in /etc/sv/openvpn and you're good to go. However, such an approach seems to be particularly confusing for new users and it is also inconsistent with the fact that many other daemon servers DO have runit services that come along with them.
Therefore, I'd like to raise the question from the heading: should the openvpn package come with a runit service?
The text was updated successfully, but these errors were encountered: