On Thu, Oct 22, 2015 at 11:14:03PM -0400, Patrick Uiterwijk wrote:
> There is still some annoying thing in OpenVPN that's refusing to run the script.
> I have reverted the change that makes openvpn run the script automatically and will look
> that up further in the morning, I have left the script itself in place as it's useful.
>
> retrospective +1s requested.
+1 for me
> The change:
>
> commit b2b07e8bcda3f2ff3352ad5c1dd8bc5fcb895e32
> Author: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> Date: Fri Oct 23 03:11:02 2015 +0000
>
> Running the script doesnt work yet. But we still want the script.
>
> Signed-off-by: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
>
> diff --git a/roles/openvpn/client/files/client.conf b/roles/openvpn/client/files/client.conf
> index 704becb..307a357 100644
> --- a/roles/openvpn/client/files/client.conf
> +++ b/roles/openvpn/client/files/client.conf
> @@ -14,8 +14,8 @@ nobind
>
> persist-key
>
> -up /etc/openvpn/fix-routes.sh
> -up-restart
> +#up /etc/openvpn/fix-routes.sh
> +#up-restart
>
> ca ca.crt
> cert client.crt
>
>
>
> > Count this as a +2 and get a retroactive 1 later. Dropping vpn because
> > of this would be worse than waiting for it.
> >
> > On 22 October 2015 at 20:45, Patrick Uiterwijk <puiterwijk@xxxxxxxxxx> wrote:
> > > And I just realized I need to remove the exit 2, because this will make
> > > openvpn exit.
> > >
> > > Can I get +1s to this change to the script?
> > >
> > >
> > >
> > > commit 50511a65e7dbdf0a60ad1cc43a6fa2fddec66ed3
> > > Author: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> > > Date: Fri Oct 23 02:41:01 2015 +0000
> > >
> > > Make fix-routes not terminate with status 2 if it fixed it
> > >
> > > This will make openvpn think something went wrong and terminate the
> > > connection.
> > > I did this to make it easily visible when running with ansible, but in
> > > this case
> > > it messes things up.
> > >
> > > Signed-off-by: Patrick Uiterwijk <puiterwijk@xxxxxxxxxx>
> > >
> > > diff --git a/roles/openvpn/client/files/fix-routes.sh
> > > b/roles/openvpn/client/files/fix-routes.sh
> > > index a08e519..44a9450 100644
> > > --- a/roles/openvpn/client/files/fix-routes.sh
> > > +++ b/roles/openvpn/client/files/fix-routes.sh
> > > @@ -8,5 +8,5 @@ then
> > > # 2. Add a new route to 192.168.0.0/16 via that IP addres (from
> > > xargs on)
> > > # 3. Print "Fixed VPN" and exit with code 2 to indicate that it
> > > changed
> > > # Note: I've been told that the grep and awk can be in one command,
> > > and I believe that, but I find this clearer.
> > > - (ip route show | grep '192.168.0.0/16') || ((ip route show | grep
> > > '192.168.0.' | awk '{print $1}' | xargs ip route add 192.168.0.0/16 via)
> > > && echo "Fixed VPN" && exit 2);
> > > + (ip route show | grep '192.168.0.0/16') || ((ip route show | grep
> > > '192.168.0.' | awk '{print $1}' | xargs ip route add 192.168.0.0/16 via)
> > > && echo "Fixed VPN");
> > > fi
> > > _______________________________________________
> > > infrastructure mailing list
> > > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> > > http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> >
> >
> >
> > --
> > Stephen J Smoogen.
> > _______________________________________________
> > infrastructure mailing list
> > infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> > http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> >
> _______________________________________________
> infrastructure mailing list
> infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
>
Attachment:
pgpdavivn5Wye.pgp
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
