smeserver-openvpn-bridge/root/usr/lib/systemd/system/openvpn-bridge.service

[Unit]
Description=OpenVPN Server to Server
After=network.service
After=bridge.service
Requires=bridge.service

[Service]
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn/bridge

ExecStart=/usr/sbin/openvpn --status /var/log/openvpn-bridge/status.log --status-version 2 --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config /etc/openvpn/bridge/openvpn.conf --cd /etc/openvpn/bridge 

PrivateTmp=true
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw
ProtectSystem=true
ProtectHome=true
KillMode=process
RestartSec=5s
Restart=on-failure

[Install]
WantedBy=sme-server.target
initial commit of file from CVS for smeserver-openvpn-bridge on Sat Sep 7 19:57:25 AEST 2024 2024-09-07 11:57:25 +02:00			`[Unit]`
			`Description=OpenVPN Server to Server`
			`After=network.service`
			`After=bridge.service`
			`Requires=bridge.service`

			`[Service]`
			`Type=notify`
			`PrivateTmp=true`
			`WorkingDirectory=/etc/openvpn/bridge`

			`ExecStart=/usr/sbin/openvpn --status /var/log/openvpn-bridge/status.log --status-version 2 --ncp-ciphers AES-256-GCM:AES-128-GCM:AES-256-CBC:AES-128-CBC:BF-CBC --config /etc/openvpn/bridge/openvpn.conf --cd /etc/openvpn/bridge`

			`PrivateTmp=true`
			`CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE`
			`LimitNPROC=10`
			`DeviceAllow=/dev/null rw`
			`DeviceAllow=/dev/net/tun rw`
			`ProtectSystem=true`
			`ProtectHome=true`
			`KillMode=process`
			`RestartSec=5s`
			`Restart=on-failure`

			`[Install]`
			`WantedBy=sme-server.target`