ovpn_run: Assume /etc/openvpn is read-only

* Systemd service currently marks the mount as read-only, and this is regarded as good practice for server/daemon only operation. * Don't create /etc/openvpn/ccd as the mount may be read-only. * Append the client-config-dir command line argument if it is found to avoid mkdir operation. * Mount can easily be modified using a different docker run line with ":ro" on the volume mount.
2015-07-27 20:20:46 -07:00
parent 5a1e642177
commit 34d9601e6e
2 changed files with 7 additions and 6 deletions
--- a/bin/ovpn_genconfig
+++ b/bin/ovpn_genconfig
@ -171,8 +171,6 @@ port 1194
 dev tun0
 status /tmp/openvpn-status.log

-client-config-dir $OPENVPN/ccd
-
 user nobody
 group nogroup
 EOF