openvpn-server@.service

This unit is provided by:

• https://archlinux.org/packages/extra/x86_64/openvpn/

• https://packages.debian.org/unstable/openvpn

• https://packages.fedoraproject.org/pkgs/openvpn/

Options

• [Install]
  • WantedBy=multi-user.target
• [Service]
  • AmbientCapabilities=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
  • CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETPCAP CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
  • CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
  • DeviceAllow=/dev/null rw /dev/net/tun rw
  • ExecStart=/usr/bin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
  • ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --cipher AES-256-GCM --data-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC --config %i.conf
  • ExecStart=/usr/sbin/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
  • Group=network
  • KillMode=process
  • LimitNPROC=10
  • PrivateTmp=yes
  • ProtectHome
    Introduced in systemd 214
    =yes
  • ProtectSystem
    Introduced in systemd 214
    =yes
  • Restart=on-failure
  • RestartSec=5s
  • Type=notify
  • User=openvpn
  • WorkingDirectory=/etc/openvpn/server
• [Unit]
  • After=network-online.target
  • After=syslog.target network-online.target
  • Description=OpenVPN service for %I
  • Documentation=man:openvpn(8) https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage https://community.openvpn.net/openvpn/wiki/HOWTO
  • Wants=network-online.target

Additionnal notes

Nothing here.