From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id oPrVEZEqtV81IAAA0tVLHw (envelope-from ) for ; Wed, 18 Nov 2020 14:07:13 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id +FjODZEqtV9dJwAA1q6Kng (envelope-from ) for ; Wed, 18 Nov 2020 14:07:13 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 1EC249404CA for ; Wed, 18 Nov 2020 14:07:11 +0000 (UTC) Received: from localhost ([::1]:38372 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kfO74-0004dY-MB for larch@yhetil.org; Wed, 18 Nov 2020 09:07:10 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:44684) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kfO6v-0004bb-Ff for help-guix@gnu.org; Wed, 18 Nov 2020 09:07:01 -0500 Received: from lepiller.eu ([2a00:5884:8208::1]:41498) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kfO6m-0007nR-V1 for help-guix@gnu.org; Wed, 18 Nov 2020 09:07:01 -0500 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 1b6ab2ec; Wed, 18 Nov 2020 14:06:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:from:message-id; s=dkim; bh=MG7dSQSmVc6qrnxOWYbiL3ZwsV5uI7H1+0QP9422x8E=; b=TS1/dE2Q6jKs QaFpPWkkbcdLt4kBeras5vUl8PkbHHFVimcDb/2G0Wr/vw0RLA5ANEFRq6AdiyG6 M7i1TyXayNFvEhf7zr/DBEA4loVT2ZkthDifypQsRzFis5mWDJ9qmSCkHWKEcUQf xhU+d2qeuiC5pjQdRJj6V6el6xFpLbxSz0fgrUKkxtvX2OcdTy6BtFCO2+3FZmum AVBmMzgFO2ejyRrVtN7gPUe/3SawYHlQEZn1BxC3wSVww/ZaNX7byt3TR8Cl9gJc vQU2xGTIPd4Fc8VGfhPTvZcQWnBVDc/QDS4+2iTE9jCxX+v8EhF+BKYmthURK4Xm tInncUyjmg== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id 07a638c5 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Wed, 18 Nov 2020 14:06:48 +0000 (UTC) Date: Wed, 18 Nov 2020 09:06:26 -0500 User-Agent: K-9 Mail for Android In-Reply-To: <62f628f6-4a6e-065b-70ca-374a998b52d2@raghavgururajan.name> References: <62f628f6-4a6e-065b-70ca-374a998b52d2@raghavgururajan.name> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: OpenVPN Service To: help-guix@gnu.org,Raghav Gururajan From: Julien Lepiller Message-ID: <0EBA4657-3F11-4152-BD44-29A0FE12BDEE@lepiller.eu> Received-SPF: pass client-ip=2a00:5884:8208::1; envelope-from=julien@lepiller.eu; helo=lepiller.eu X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: ns3122888.ip-94-23-21.eu Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=lepiller.eu header.s=dkim header.b=TS1/dE2Q; dmarc=pass (policy=none) header.from=lepiller.eu; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: -1.71 X-TUID: UkdnAWNHZFlX Le 17 novembre 2020 21:36:07 GMT-05:00, Raghav Gururajan a =C3=A9crit : >Hello Guix! > >I am struggling to setup OpenVPN Service Type=2E Here is my current=20 >configuration=2E > >*** START *** > >(service openvpn-client-service-type > (openvpn-client-configuration > (remote > (list > (openvpn-remote-configuration > (name "vpn=2Eriseup=2Enet") > (port 1194)))) > (auth-user-pass "/etc/openvpn/Riseup=2Etxt") > (ca "/etc/openvpn/RiseupCA=2Epem"))) > >*** END *** > >When I do, `sudo herd status vpn-client`, I get: > >*** START *** > >Status of vpn-client: > It is stopped=2E > It is enabled=2E > Provides (vpn-client)=2E > Requires (networking)=2E > Conflicts with ()=2E > Will be respawned=2E > >*** END *** > >When I do, `openvpn /gnu/store/[=2E=2E=2E]-openvpn=2Econf`, I get: > >*** START *** > >Options error: --ca fails with '/etc/openvpn/ca=2Ecrt': No such file or= =20 >directory (errno=3D2) I'm surprised by this one: you already set ca to something different=2E Ca= n you share the generated openvpn=2Econf? >Tue Nov 17 21:32:44 2020 WARNING: cannot stat file=20 >'/etc/openvpn/client=2Ekey': No such file or directory (errno=3D2) >Options error: --key fails with '/etc/openvpn/client=2Ekey': No such file Ok, looking at the service definition, this is not so surprising: it expec= ts a file in the cert and key fields, and uses the defaults here=2E I'm sur= prised it doesn't complain about client=2Ecrt=2E I pushed a small update to= the service=2E After you run guix pull, you should be able to specify (cer= t 'disabled) and (key 'disabled)=2E > >or directory (errno=3D2) >Tue Nov 17 21:32:44 2020 WARNING: file '/etc/openvpn/Riseup=2Etxt' is=20 >group or others accessible >Options error: Please correct these errors=2E This is only a warning, but you don't want your password to be world reada= ble: chown it to openvpn's user, and chmod it to 600=2E > >*** END *** > >Could anyone please help me with this? > >Regards, >RG=2E