It's 3:00am so it may take a while for others to read, so if it'll speed things up for you I obviously trust Smooge's judgment - a retro +1
[I'm not an official infra member yet so it may not count but it's worth a try]On Thu, Oct 22, 2015 at 11:14 PM, Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> wrote:
There is still some annoying thing in OpenVPN that's refusing to run the script.
I have reverted the change that makes openvpn run the script automatically and will look
that up further in the morning, I have left the script itself in place as it's useful.
retrospective +1s requested.
The change:
commit b2b07e8bcda3f2ff3352ad5c1dd8bc5fcb895e32
Author: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
Date: Fri Oct 23 03:11:02 2015 +0000
Running the script doesnt work yet. But we still want the script.
Signed-off-by: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
diff --git a/roles/openvpn/client/files/client.conf b/roles/openvpn/client/files/client.conf
index 704becb..307a357 100644
--- a/roles/openvpn/client/files/client.conf
+++ b/roles/openvpn/client/files/client.conf
@@ -14,8 +14,8 @@ nobind
persist-key
-up /etc/openvpn/fix-routes.sh
-up-restart
+#up /etc/openvpn/fix-routes.sh
+#up-restart
ca ca.crt
cert client.crt
> Count this as a +2 and get a retroactive 1 later. Dropping vpn because
> of this would be worse than waiting for it.
>
> On 22 October 2015 at 20:45, Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> wrote:
> > And I just realized I need to remove the exit 2, because this will make
> > openvpn exit.
> >
> > Can I get +1s to this change to the script?
> >
> >
> >
> > commit 50511a65e7dbdf0a60ad1cc43a6fa2fddec66ed3
> > Author: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> > Date: Fri Oct 23 02:41:01 2015 +0000
> >
> > Make fix-routes not terminate with status 2 if it fixed it
> >
> > This will make openvpn think something went wrong and terminate the
> > connection.
> > I did this to make it easily visible when running with ansible, but in
> > this case
> > it messes things up.
> >
> > Signed-off-by: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> >
> > diff --git a/roles/openvpn/client/files/fix-routes.sh
> > b/roles/openvpn/client/files/fix-routes.sh
> > index a08e519..44a9450 100644
> > --- a/roles/openvpn/client/files/fix-routes.sh
> > +++ b/roles/openvpn/client/files/fix-routes.sh
> > @@ -8,5 +8,5 @@ then
> > # 2. Add a new route to 192.168.0.0/16 via that IP addres (from
> > xargs on)
> > # 3. Print "Fixed VPN" and exit with code 2 to indicate that it
> > changed
> > # Note: I've been told that the grep and awk can be in one command,
> > and I believe that, but I find this clearer.
> > - (ip route show | grep '192.168.0.0/16') || ((ip route show | grep
> > '192.168.0.' | awk '{print $1}' | xargs ip route add 192.168.0.0/16 via)
> > && echo "Fixed VPN" && exit 2);
> > + (ip route show | grep '192.168.0.0/16') || ((ip route show | grep
> > '192.168.0.' | awk '{print $1}' | xargs ip route add 192.168.0.0/16 via)
> > && echo "Fixed VPN");
> > fi
> > _______________________________________________
> > infrastructure mailing list
> > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> > http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
>
>
>
> --
> Stephen J Smoogen.
> _______________________________________________
> infrastructure mailing list
> infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
>
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx