From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id 4JzhD1ypH1/AZwAA0tVLHw (envelope-from ) for ; Tue, 28 Jul 2020 04:28:12 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id +9h7C1ypH19fegAAbx9fmQ (envelope-from ) for ; Tue, 28 Jul 2020 04:28:12 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id A3AC19403A3 for ; Tue, 28 Jul 2020 04:28:10 +0000 (UTC) Received: from localhost ([::1]:34632 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1k0HDl-0005DI-7c for larch@yhetil.org; Tue, 28 Jul 2020 00:28:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59520) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1k0HDe-0005D9-5U for bug-guix@gnu.org; Tue, 28 Jul 2020 00:28:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:45371) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1k0HDd-0004GW-S9 for bug-guix@gnu.org; Tue, 28 Jul 2020 00:28:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1k0HDd-0005im-No for bug-guix@gnu.org; Tue, 28 Jul 2020 00:28:01 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#42544: openvpn service requires cert and key configuration Resent-From: david larsson Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 28 Jul 2020 04:28:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 42544 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 42544@debbugs.gnu.org Received: via spool by 42544-submit@debbugs.gnu.org id=B42544.159591046821973 (code B ref 42544); Tue, 28 Jul 2020 04:28:01 +0000 Received: (at 42544) by debbugs.gnu.org; 28 Jul 2020 04:27:48 +0000 Received: from localhost ([127.0.0.1]:56917 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k0HDQ-0005iJ-8L for submit@debbugs.gnu.org; Tue, 28 Jul 2020 00:27:48 -0400 Received: from server0.selfhosted.xyz ([217.64.149.7]:49874) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1k0HDL-0005hz-8f for 42544@debbugs.gnu.org; Tue, 28 Jul 2020 00:27:46 -0400 Received: from [127.0.0.1] (localhost [127.0.0.1]) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=selfhosted.xyz; s=dkim; t=1595910456; bh=jKGM8sTgrLfkjj1Tqg9aO3fvV54WfEItttywkL5TEWk=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=FSAgksRag3elhnQrsoZ/c4gPNo8eXwOoZ/unVjDISjKXkcRMKk+iPca00q9YCiW61 EzjBsn6wES2nX0fIEqdi3y9yQ+4tnzL6iMc4OmoruMvMB0JGccbMWA9z4D9SDsE3JQ Y1aOeC4KfWLntSa+hGeXZn73XpTOuNZ984DMmgtd6ZXtDKogw8uXd4ZEcbg39pEgMS sh2AYbXNxmXMc25qfN2nPEAl7FFIUIhnPJWbJah5AaNRWYA4lFPYwJDW+RukOyd1wd zkCva2J5JAnNuDAUynQaNzkzQ8Eg6w1tsHz8TWGXzYwVk9XjSvUEhgAS9sy3N54Wq2 /Gmc4Zq8ELM+A== X-Fuglu-Suspect: 2072355772e1406da05fcbe294fcc3f3 X-Fuglu-Spamstatus: NO Received: from [127.0.0.1] (localhost [127.0.0.1]) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Tue, 28 Jul 2020 04:27:30 +0000 From: david larsson In-Reply-To: <029ee37c6910a0136916fd1673a517bd@selfhosted.xyz> References: <029ee37c6910a0136916fd1673a517bd@selfhosted.xyz> Message-ID: X-Sender: david.larsson@selfhosted.xyz X-Spam-Score: -1.8 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-Spam-Score: -1.8 (-) X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: bug-Guix Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" X-Scanner: scn0 Authentication-Results: aspmx1.migadu.com; dkim=fail (rsa verify failed) header.d=selfhosted.xyz header.s=dkim header.b=FSAgksRa; dmarc=fail reason="SPF not aligned (relaxed)" header.from=selfhosted.xyz (policy=none); spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Spam-Score: 0.09 X-TUID: AIcU1cDEMny/ On 2020-07-26 04:53, david larsson wrote: > Hi, > I have a vpn configuration that doesn't use cert and key configuration > lines so I receive errors like the following in /var/log/messages when > trying to start the vpn-client service: > > localhost openvpn[1660]: Options error: --cert fails with 'disabled': > No such file or directory (errno=2) > localhost openvpn[1660]: Options error: --key fails with 'disabled': > No such file or directory (errno=2) > > (the lines would say the default /etc/openvpn/client.crt if I wouldn't > have specified (cert "disabled") etc. in the guix service config) > > > I need a way to disable that these lines are being generated to the > config-file. > Can be solved by changing those options to maybe-strings in gnu/services/vpn.scm and setting the default to disabled: (cert ;;(string "/etc/openvpn/client.crt") (maybe-string 'disabled) "The certificate of the machine the daemon is running on. It should be signed by the authority given in @code{ca}.") (key ;;(string "/etc/openvpn/client.key") (maybe-string 'disabled) "The key of the machine the daemon is running on. It must be the key whose certificate is @code{cert}.") I may eventually send some patches, including the addition of some more config-options. Best regards, David