X-Git-Url: https://iankelling.org/git/?p=distro-setup;a=blobdiff_plain;f=machine_specific%2Fx2%2Ffilesystem%2Fetc%2Fsystemd%2Fsystem%2Fopenvpn-client-tr%40.service;fp=machine_specific%2Fx2%2Ffilesystem%2Fetc%2Fsystemd%2Fsystem%2Fopenvpn-client-tr%40.service;h=0000000000000000000000000000000000000000;hp=d16312d4afe020778a17c3e0fd4905fe66b3af02;hb=c91604aff2ce49bd4ce9b429b9e738286a319923;hpb=8e6b1a997f8dcf71feccd390a06a3229277952b8

diff --git a/machine_specific/x2/filesystem/etc/systemd/system/openvpn-client-tr@.service b/machine_specific/x2/filesystem/etc/systemd/system/openvpn-client-tr@.service
deleted file mode 100644
index d16312d..0000000
--- a/machine_specific/x2/filesystem/etc/systemd/system/openvpn-client-tr@.service
+++ /dev/null
@@ -1,36 +0,0 @@
-[Unit]
-Description=OpenVPN tunnel for %I
-After=syslog.target network-online.target
-Wants=network-online.target
-Documentation=man:openvpn(8)
-Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
-Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
-Requires=iptables.service
-
-[Service]
-Type=notify
-RuntimeDirectory=openvpn-client
-RuntimeDirectoryMode=0710
-WorkingDirectory=/etc/openvpn/client
-ExecStart=/usr/sbin/openvpn --suppress-timestamps --nobind --config /etc/openvpn/client/%i.conf
-# todo, try reenabling this from the default openvpn,
-# it was disabled so we could do bind mounts as a command,
-# but now systemd handles it
-#CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
-LimitNPROC=10
-# DeviceAllow=/dev/null rw
-# DeviceAllow=/dev/net/tun rw
-
-# we use .1 to make this be on a different network than kd, so that we can
-# talk to transmission on kd from remote host, and still use this
-# vpn.
-ExecStartPre=/usr/bin/flock -w 20 /tmp/newns.flock /a/bin/newns/newns -n 10.174.13 start %i
-ExecStartPre=/sbin/iptables-restore /a/bin/distro-setup/transmission-firewall/netns.rules
-# allow wireguard network to connect
-ExecStartPre=/usr/sbin/ip r add 10.8.0.0/24 via 10.174.13.1 dev veth1-client
-ExecStopPost=/usr/bin/flock -w 20 /tmp/newns.flock /a/bin/newns/newns stop %i
-PrivateNetwork=true
-BindReadOnlyPaths=/etc/tr-resolv:/run/systemd/resolve:norbind /etc/basic-nsswitch:/etc/resolved-nsswitch:norbind
-
-[Install]
-WantedBy=multi-user.target