Skip to content

Instantly share code, notes, and snippets.

@gdamjan

gdamjan/bridged.conf

Last active August 5, 2022 17:24
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save gdamjan/6b988389afe36e4bb769 to your computer and use it in GitHub Desktop.
Save gdamjan/6b988389afe36e4bb769 to your computer and use it in GitHub Desktop.
Download ZIP
bridged openvpn with networkd
Raw
bridged.conf
# /etc/openvpn/bridged.conf
comp-lzo
persist-key
persist-tun
dh /etc/openvpn/dh1024.pem
ca /etc/openvpn/ca.crt
cert /etc/openvpn/bridged.crt
key /etc/openvpn/bridged.key
dev vpntap0
dev-type tap
mode server
tls-server
keepalive 10 120
port 1194
proto udp
status /run/openvpn/bridged-status.log
verb 2
Raw
openvpn@bridged.service
# /etc/systemd/system/openvpn@bridged.service
[Unit]
Description=Home openvpn server
After=network.target
[Service]
Type=forking
ExecStart=/usr/bin/openvpn --cd /etc/openvpn --config /etc/openvpn/%i.conf --daemon openvpn@%i --writepid /run/openvpn/%i.pid
PIDFile=/run/openvpn/%i.pid
Restart=always
RuntimeDirectory=openvpn
ExecReload=/bin/kill -HUP $MAINPID
User=nobody
ProtectHome=true
ProtectSystem=full
PrivateTmp=true
NoNewPrivileges=true
[Install]
WantedBy=multi-user.target
Raw
vpntap0.netdev
# /etc/systemd/network/vpntap0.netdev
[NetDev]
Name=vpntap0
Kind=tap
[Tap]
#PacketInfo=true
User=nobody
Raw
vpntap0.network
# /etc/systemd/network/vpntap0.network
[Match]
Name=vpntap0
[Network]
Bridge=bridge0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment