X-Git-Url: https://iankelling.org/git/?a=blobdiff_plain;f=machine_specific%2Fkd%2Ffilesystem%2Fetc%2Fsystemd%2Fsystem%2Fopenvpn-client-tr%40.service;fp=filesystem%2Fetc%2Fsystemd%2Fsystem%2Fopenvpn-client-tr%40.service;h=4e488e22286e850c1edcb8f30b49b831447e570c;hb=8d29de95be2b44cac6e2cc3d0643f542be05e4bd;hp=db6e7eb5c9bb03154ea0630fa30638da1b2c1456;hpb=b757c84a4fc56f58b4985681b76df655d8db007a;p=distro-setup

diff --git a/filesystem/etc/systemd/system/openvpn-client-tr@.service b/machine_specific/kd/filesystem/etc/systemd/system/openvpn-client-tr@.service
similarity index 81%
rename from filesystem/etc/systemd/system/openvpn-client-tr@.service
rename to machine_specific/kd/filesystem/etc/systemd/system/openvpn-client-tr@.service
index db6e7eb..4e488e2 100644
--- a/filesystem/etc/systemd/system/openvpn-client-tr@.service
+++ b/machine_specific/kd/filesystem/etc/systemd/system/openvpn-client-tr@.service
@@ -1,7 +1,6 @@
 [Unit]
 Description=OpenVPN tunnel for %I
-After=syslog.target network-online.target vpn-static-ip@%i.service
-Requires=vpn-static-ip@%i.service
+After=syslog.target network-online.target
 Wants=network-online.target
 Documentation=man:openvpn(8)
 Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
@@ -22,10 +21,13 @@ LimitNPROC=10
 # DeviceAllow=/dev/null rw
 # DeviceAllow=/dev/net/tun rw
 
-ExecStartPre=/usr/bin/flock -w 20 /tmp/newns.flock /a/bin/newns/newns -n 10.173.0 start %i
+# we use .1 to make this be on a different network than kd, so that we can
+# talk to transmission on kd from remote host, and still use this
+# vpn.
+ExecStartPre=/usr/bin/flock -w 20 /tmp/newns.flock /a/bin/newns/newns -n 10.174.2 start %i
 ExecStartPre=/sbin/iptables-restore /a/bin/distro-setup/transmission-firewall/netns.rules
 # allow wireguard network to connect
-ExecStartPre=/usr/sbin/ip r add 10.8.0.0/24 via 10.173.0.1 dev veth1-client
+ExecStartPre=/usr/sbin/ip r add 10.8.0.0/24 via 10.174.2.1 dev veth1-client
 ExecStopPost=/usr/bin/flock -w 20 /tmp/newns.flock /a/bin/newns/newns stop %i
 PrivateNetwork=true
 BindReadOnlyPaths=/etc/tr-resolv:/run/systemd/resolve:norbind /etc/basic-nsswitch:/etc/resolved-nsswitch:norbind