From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id ayjBHbvEtV+sCAAA0tVLHw (envelope-from ) for ; Thu, 19 Nov 2020 01:04:59 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id ABLkGLvEtV/uVgAAbx9fmQ (envelope-from ) for ; Thu, 19 Nov 2020 01:04:59 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id C7913940482 for ; Thu, 19 Nov 2020 01:04:58 +0000 (UTC) Received: from localhost ([::1]:53220 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kfYNc-00023x-DW for larch@yhetil.org; Wed, 18 Nov 2020 20:04:56 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:35324) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kfYNR-00023k-4Z for help-guix@gnu.org; Wed, 18 Nov 2020 20:04:45 -0500 Received: from mx1.dismail.de ([78.46.223.134]:22090) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kfYNN-0005r1-LD for help-guix@gnu.org; Wed, 18 Nov 2020 20:04:44 -0500 Received: from mx1.dismail.de (localhost [127.0.0.1]) by mx1.dismail.de (OpenSMTPD) with ESMTP id b56a5468; Thu, 19 Nov 2020 02:04:34 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=dismail.de; h= mime-version:date:content-type:content-transfer-encoding:from :message-id:subject:to:in-reply-to:references; s=20190914; bh=9q ep277J0NEcg7mIpbgcRVh0LeoDGlrEiMD7/rBK7OU=; b=a7VxQlRLPWV7hLXZbN XNtrUp/zUuVeZaDqdVhCwX+q/9uCgrEDUgm6umPblPKZybLMCFPahivFHwF1IeGJ 111I1xmqOj3xUHdN7EZDck/nU97/YUXrACwHx5O4ewIKJxv5YWZV4jNRTQVYEgJN jWgc0ItlSjQUsCGuVVMEpCNMW5XQ3oC0T4aAwMH1RUXoxcA8PT7l2g1jamOdTOjC 8B0/vBzXKfqNdrTmGOwjvvIy1iit5EuLuu/KX1SzBqRv3rlgsB2soJhkrlgER5t+ 4+mgJlhI7C4IusTQmDj4IIhF5p0zpHrO6ar34ugXDmkwebxL9n7ioqygQtqmeDgc XNIw== Received: from smtp1.dismail.de ( [10.240.26.11]) by mx1.dismail.de (OpenSMTPD) with ESMTP id 905f3728; Thu, 19 Nov 2020 02:04:34 +0100 (CET) Received: from smtp1.dismail.de (localhost [127.0.0.1]) by smtp1.dismail.de (OpenSMTPD) with ESMTP id ff6f64b1; Thu, 19 Nov 2020 02:04:34 +0100 (CET) Received: by dismail.de (OpenSMTPD) with ESMTPSA id 9c285e3d (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Thu, 19 Nov 2020 02:04:33 +0100 (CET) MIME-Version: 1.0 Date: Thu, 19 Nov 2020 01:04:33 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Mailer: RainLoop/1.14.0a From: jbranso@dismail.de Message-ID: Subject: Re: OpenVPN Service To: "Raghav Gururajan" , "Julien Lepiller" , help-guix@gnu.org In-Reply-To: <2281e220-e3d6-0538-44ed-0160811a6a3c@raghavgururajan.name> References: <2281e220-e3d6-0538-44ed-0160811a6a3c@raghavgururajan.name> <62f628f6-4a6e-065b-70ca-374a998b52d2@raghavgururajan.name> <0EBA4657-3F11-4152-BD44-29A0FE12BDEE@lepiller.eu> Received-SPF: pass client-ip=78.46.223.134; envelope-from=jbranso@dismail.de; helo=mx1.dismail.de X-detected-operating-system: by eggs.gnu.org: First seen = 2020/11/18 20:04:35 X-ACL-Warn: Detected OS = ??? X-Spam_score_int: -43 X-Spam_score: -4.4 X-Spam_bar: ---- X-Spam_report: (-4.4 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: "Help-Guix" X-Scanner: ns3122888.ip-94-23-21.eu Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=dismail.de header.s=20190914 header.b=a7VxQlRL; dmarc=pass (policy=reject) header.from=dismail.de; spf=pass (aspmx1.migadu.com: domain of help-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=help-guix-bounces@gnu.org X-Spam-Score: -1.71 X-TUID: ljFx77p6DnY4 I had an issue with openvpn service leaking my DNS queries. I've set up = network manager to manage my vpn connections. Though, I think I had to u= se DNS over HTTPS to fix the leaking DNS issue.=0A=0ANovember 18, 2020 2:= 55 PM, "Raghav Gururajan" wrote:=0A=0A> Hello J= ulien!=0A> =0A>> I'm surprised by this one: you already set ca to somethi= ng different. Can you share the generated=0A>> openvpn.conf?=0A> =0A> OOP= S! There was a mistake in config.scm. This error is gone now.=0A> =0A> No= w the openvpn.conf is https://paste.debian.net/1173026=0A> =0A> and error= is https://paste.debian.net/1173027=0A> =0A>> Ok, looking at the service= definition, this is not so surprising: it expects a file in the cert and= =0A>> key fields, and uses the defaults here. I'm surprised it doesn't co= mplain about client.crt. I=0A>> pushed a small update to the service. Aft= er you run guix pull, you should be able to specify (cert=0A>> 'disabled)= and (key 'disabled).=0A> =0A> Thanks a lot! I will try it.=0A> =0A>> Thi= s is only a warning, but you don't want your password to be world readabl= e: chown it to=0A>> openvpn's user, and chmod it to 600.=0A> =0A> Cool!= =0A> =0A> Regards,=0A> RG.