From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <help-guix-bounces+larch=yhetil.org@gnu.org>
Received: from mp0 ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms11 with LMTPS
	id WGTYFSx8tV9EQwAA0tVLHw
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 18 Nov 2020 19:55:24 +0000
Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp0 with LMTPS
	id 0LK2ESx8tV8NCwAA1q6Kng
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Wed, 18 Nov 2020 19:55:24 +0000
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id 876169401BF
	for <larch@yhetil.org>; Wed, 18 Nov 2020 19:55:23 +0000 (UTC)
Received: from localhost ([::1]:33312 helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <help-guix-bounces+larch=yhetil.org@gnu.org>)
	id 1kfTY2-0001cm-Dj
	for larch@yhetil.org; Wed, 18 Nov 2020 14:55:22 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10]:49724)
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <rg@raghavgururajan.name>)
 id 1kfTXR-0001Vj-G7
 for help-guix@gnu.org; Wed, 18 Nov 2020 14:54:46 -0500
Received: from relay6-d.mail.gandi.net ([217.70.183.198]:49173)
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <rg@raghavgururajan.name>)
 id 1kfTXO-00065Z-H3
 for help-guix@gnu.org; Wed, 18 Nov 2020 14:54:45 -0500
X-Originating-IP: 174.89.21.249
Received: from [192.168.2.62]
 (bras-vprn-ckvlon0125w-lp130-03-174-89-21-249.dsl.bell.ca [174.89.21.249])
 (Authenticated sender: rg@raghavgururajan.name)
 by relay6-d.mail.gandi.net (Postfix) with ESMTPSA id 83AAAC0008;
 Wed, 18 Nov 2020 19:54:37 +0000 (UTC)
To: Julien Lepiller <julien@lepiller.eu>, help-guix@gnu.org
References: <62f628f6-4a6e-065b-70ca-374a998b52d2@raghavgururajan.name>
 <0EBA4657-3F11-4152-BD44-29A0FE12BDEE@lepiller.eu>
From: Raghav Gururajan <rg@raghavgururajan.name>
Autocrypt: addr=rg@raghavgururajan.name; keydata=
 xjMEX2ZCJBYJKwYBBAHaRw8BAQdAdiUK33kml2dYjrWidlr4/v0pmjpUv7hOsBN/oSl5wx7N
 L1JhZ2hhdiBHdXJ1cmFqYW4gKFJHKSA8cmdAcmFnaGF2Z3VydXJhamFuLm5hbWU+wpMEExYI
 ADsCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQTNLV6qqYzLN9qR1rBfWBZkf4vlUQUC
 X28v0AIZAQAKCRBfWBZkf4vlUQf2AQD63gsdJzk0w6Gy0AzpJtMa63mbVRAh4xfnxsRNu6Sb
 GQD/UDytGjwnQ4nKYsGdoCcA7LM64EkknDvI3ZmlqG7Xuw/OOARfZkIkEgorBgEEAZdVAQUB
 AQdAZgiqc2NhH/myrCCan9x7gKI6QBPZ/1b+Bz/f3n95ozkDAQgHwngEGBYIACAWIQTNLV6q
 qYzLN9qR1rBfWBZkf4vlUQUCX2ZCJAIbDAAKCRBfWBZkf4vlUV/OAQD+tMNgmddPSchLpaDP
 psdDhpvra2uTonNUmnfbTvPgpQD/dG72NCT8hBUVqtzxwQmBrXY/nPEUxctYuvu3unUmzQU=
Subject: Re: OpenVPN Service
Message-ID: <2281e220-e3d6-0538-44ed-0160811a6a3c@raghavgururajan.name>
Date: Wed, 18 Nov 2020 14:54:35 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Icedove/78.4.0
MIME-Version: 1.0
In-Reply-To: <0EBA4657-3F11-4152-BD44-29A0FE12BDEE@lepiller.eu>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="7nISpfEa0YUnmEZW5QXeqCvDTx2dekFV2"
Received-SPF: permerror client-ip=217.70.183.198;
 envelope-from=rg@raghavgururajan.name; helo=relay6-d.mail.gandi.net
X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/18 14:54:38
X-ACL-Warn: Detected OS   = Linux 3.11 and newer [fuzzy]
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, NICE_REPLY_A=-0.001,
 RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001,
 T_SPF_PERMERROR=0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: help-guix@gnu.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <help-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-guix>,
 <mailto:help-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/help-guix>
List-Post: <mailto:help-guix@gnu.org>
List-Help: <mailto:help-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-guix>,
 <mailto:help-guix-request@gnu.org?subject=subscribe>
Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org
Sender: "Help-Guix" <help-guix-bounces+larch=yhetil.org@gnu.org>
X-Scanner: ns3122888.ip-94-23-21.eu
Authentication-Results: aspmx1.migadu.com;
	dkim=none;
	dmarc=none;
	spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org
X-Spam-Score: -3.11
X-TUID: uAl4H8posx5u

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--7nISpfEa0YUnmEZW5QXeqCvDTx2dekFV2
Content-Type: multipart/mixed; boundary="gK9y30KEE4FRYdVBHOG0XibEn1EUfH2CS";
 protected-headers="v1"
From: Raghav Gururajan <rg@raghavgururajan.name>
To: Julien Lepiller <julien@lepiller.eu>, help-guix@gnu.org
Message-ID: <2281e220-e3d6-0538-44ed-0160811a6a3c@raghavgururajan.name>
Subject: Re: OpenVPN Service
References: <62f628f6-4a6e-065b-70ca-374a998b52d2@raghavgururajan.name>
 <0EBA4657-3F11-4152-BD44-29A0FE12BDEE@lepiller.eu>
In-Reply-To: <0EBA4657-3F11-4152-BD44-29A0FE12BDEE@lepiller.eu>

--gK9y30KEE4FRYdVBHOG0XibEn1EUfH2CS
Content-Type: multipart/mixed;
 boundary="------------BE767489BE79889AC17326F5"
Content-Language: en-CA

This is a multi-part message in MIME format.
--------------BE767489BE79889AC17326F5
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable

Hello Julien!

> I'm surprised by this one: you already set ca to something different. C=
an you share the generated openvpn.conf?

OOPS! There was a mistake in config.scm. This error is gone now.

Now the openvpn.conf is https://paste.debian.net/1173026/

and error is https://paste.debian.net/1173027/

> Ok, looking at the service definition, this is not so surprising: it ex=
pects a file in the cert and key fields, and uses the defaults here. I'm =
surprised it doesn't complain about client.crt. I pushed a small update t=
o the service. After you run guix pull, you should be able to specify (ce=
rt 'disabled) and (key 'disabled).

Thanks a lot! I will try it.

> This is only a warning, but you don't want your password to be world re=
adable: chown it to openvpn's user, and chmod it to 600.

Cool!

Regards,
RG.

--------------BE767489BE79889AC17326F5
Content-Type: application/pgp-keys;
 name="OpenPGP_0x5F5816647F8BE551.asc"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
 filename="OpenPGP_0x5F5816647F8BE551.asc"

-----BEGIN PGP PUBLIC KEY BLOCK-----

xjMEX2ZCJBYJKwYBBAHaRw8BAQdAdiUK33kml2dYjrWidlr4/v0pmjpUv7hOsBN/oSl5wx7NL=
1Jh
Z2hhdiBHdXJ1cmFqYW4gKFJHKSA8cmdAcmFnaGF2Z3VydXJhamFuLm5hbWU+wpMEExYIADsCG=
wMF
CwkIBwIGFQoJCAsCBBYCAwECHgECF4AWIQTNLV6qqYzLN9qR1rBfWBZkf4vlUQUCX28v0AIZA=
QAK
CRBfWBZkf4vlUQf2AQD63gsdJzk0w6Gy0AzpJtMa63mbVRAh4xfnxsRNu6SbGQD/UDytGjwnQ=
4nK
YsGdoCcA7LM64EkknDvI3ZmlqG7Xuw/OOARfZkIkEgorBgEEAZdVAQUBAQdAZgiqc2NhH/myr=
CCa
n9x7gKI6QBPZ/1b+Bz/f3n95ozkDAQgHwngEGBYIACAWIQTNLV6qqYzLN9qR1rBfWBZkf4vlU=
QUC
X2ZCJAIbDAAKCRBfWBZkf4vlUV/OAQD+tMNgmddPSchLpaDPpsdDhpvra2uTonNUmnfbTvPgp=
QD/
dG72NCT8hBUVqtzxwQmBrXY/nPEUxctYuvu3unUmzQU=3D
=3DbNYV
-----END PGP PUBLIC KEY BLOCK-----

--------------BE767489BE79889AC17326F5--

--gK9y30KEE4FRYdVBHOG0XibEn1EUfH2CS--

--7nISpfEa0YUnmEZW5QXeqCvDTx2dekFV2
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"

-----BEGIN PGP SIGNATURE-----

wnsEABYIACMWIQTNLV6qqYzLN9qR1rBfWBZkf4vlUQUCX7V7+wUDAAAAAAAKCRBfWBZkf4vlURMR
AQCoqmRySQskioJ5+VgQTkrFTc/+erKsLuZCiGumlc4ePgD/UPwZa6d2SNfuILx4rcVfAN1gNW4Y
/m4Mt/Q8fQ5/rgA=
=m6z5
-----END PGP SIGNATURE-----

--7nISpfEa0YUnmEZW5QXeqCvDTx2dekFV2--