From 313d1e756c8aea02f2e027ed08e55063fa24d89b Mon Sep 17 00:00:00 2001
From: Kyle Manna <kyle@kylemanna.com>
Date: Sat, 11 Jul 2015 08:31:58 -0700
Subject: [PATCH] init: Update init file to be a template

* Useful for systems with several OpenVPN docker containers running.
---
 init/docker-openvpn.service  | 30 -------------------------
 init/docker-openvpn@.service | 43 ++++++++++++++++++++++++++++++++++++
 2 files changed, 43 insertions(+), 30 deletions(-)
 delete mode 100644 init/docker-openvpn.service
 create mode 100644 init/docker-openvpn@.service

diff --git a/init/docker-openvpn.service b/init/docker-openvpn.service
deleted file mode 100644
index 31e9b40..0000000
--- a/init/docker-openvpn.service
+++ /dev/null
@@ -1,30 +0,0 @@
-[Unit]
-Description=OpenVPN Docker Container
-Documentation=https://github.com/kylemanna/docker-openvpn
-After=network.target docker.socket
-Requires=docker.socket
-
-[Service]
-# Modify IP6_PREFIX to match network config
-Environment="IP6_PREFIX=2001:db8::/64"
-Environment="OVPN_NAME=openvpn0"
-Environment="OVPN_DATA=ovpn-data"
-
-# Clean-up previous bad states
-ExecStartPre=-/usr/bin/docker rm -f openvpn0
-
-# Ensure forwarding is enabled on host's networking stack (hacky)
-ExecStartPre=/sbin/sysctl net.ipv6.conf.default.forwarding=1
-ExecStartPre=/sbin/sysctl net.ipv6.conf.all.forwarding=1
-
-# Main process
-ExecStart=/usr/bin/docker run --rm --privileged --volumes-from $OVPN_DATA --name $OVPN_NAME -p 1194:1194/udp kylemanna/openvpn:dev ovpn_run --config openvpn.conf --server-ipv6 $IP6_PREFIX
-
-# Add static route for IPv6 after it starts up
-ExecStartPost=/bin/sh -c "sleep 1; ip route replace $IP6_PREFIX via $(docker inspect -f '{{ .NetworkSettings.GlobalIPv6Address }}' $OVPN_NAME ) dev docker0"
-
-# Clean-up
-ExecStopPost=-/sbin/ip route del $IP6_PREFIX dev docker0
-
-[Install]
-WantedBy=multi-user.target
diff --git a/init/docker-openvpn@.service b/init/docker-openvpn@.service
new file mode 100644
index 0000000..abd6100
--- /dev/null
+++ b/init/docker-openvpn@.service
@@ -0,0 +1,43 @@
+[Unit]
+Description=OpenVPN Docker Container
+Documentation=https://github.com/kylemanna/docker-openvpn
+After=network.target docker.socket
+Requires=docker.socket
+
+[Service]
+RestartSec=10
+Restart=always
+
+# Modify IP6_PREFIX to match network config
+#Environment="IP6_PREFIX=2001:db8::/64"
+#Environment="ARGS=--config openvpn.conf --server-ipv6 2001:db8::/64"
+Environment="NAME=ovpn-%i"
+Environment="DATA_VOL=ovpn-data-%i"
+Environment="IMG=kylemanna/openvpn:dev"
+Environment="PORT=1194:1194/udp"
+
+# Override defaults in env file
+EnvironmentFile=-/etc/default/docker-openvpn-%i
+
+# Clean-up bad state if still hanging around
+ExecStartPre=-/usr/bin/docker rm -f $NAME
+
+# Attempt to pull new image for security updates
+ExecStartPre=-/usr/bin/docker pull $IMG
+
+# IPv6: Ensure forwarding is enabled on host's networking stack (hacky)
+# Would be nice to use systemd-network on the host, but this doens't work
+# http://lists.freedesktop.org/archives/systemd-devel/2015-June/032762.html
+ExecStartPre=/bin/sh -c 'test -z "$IP6_PREFIX" && exit 0; sysctl net.ipv6.conf.all.forwarding=1'
+
+# Main process
+ExecStart=/usr/bin/docker run --rm --privileged --volumes-from ${DATA_VOL}:ro --name ${NAME} -p ${PORT} ${IMG} ovpn_run $ARGS
+
+# IPv6: Add static route for IPv6 after it starts up
+ExecStartPost=/bin/sh -c 'test -z "${IP6_PREFIX}" && exit 0; sleep 1; ip route replace ${IP6_PREFIX} via $(docker inspect -f "{{ .NetworkSettings.GlobalIPv6Address }}" $NAME ) dev docker0'
+
+# IPv6: Clean-up
+ExecStopPost=/bin/sh -c 'test -z "$IP6_PREFIX" && exit 0; ip route del $IP6_PREFIX dev docker0'
+
+[Install]
+WantedBy=multi-user.target