Merge pull request #1021 from zdc/T3350-sagitta

OpenVPN: T3350: Changed custom options for OpenVPN processing

1 files changed, 12 insertions, 0 deletions

diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 7f4aa367f..0e915a9c8 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -66,6 +66,7 @@ cfg_file = '/run/openvpn/{ifname}.conf'
 otp_path = '/config/auth/openvpn'
 otp_file = '/config/auth/openvpn/{ifname}-otp-secrets'
 secret_chars = list('ABCDEFGHIJKLMNOPQRSTUVWXYZ234567')
+service_file = '/run/systemd/system/openvpn@{ifname}.service.d/20-override.conf'
 
 def get_config(config=None):
     """
@@ -584,6 +585,11 @@ def generate(openvpn):
     if os.path.isdir(ccd_dir):
         rmtree(ccd_dir, ignore_errors=True)
 
+    # Remove systemd directories with overrides
+    service_dir = os.path.dirname(service_file.format(**openvpn))
+    if os.path.isdir(service_dir):
+        rmtree(service_dir, ignore_errors=True)
+
     if 'deleted' in openvpn or 'disable' in openvpn:
         return None
 
@@ -619,6 +625,12 @@ def generate(openvpn):
     render(cfg_file.format(**openvpn), 'openvpn/server.conf.tmpl', openvpn,
            formater=lambda _: _.replace(""", '"'), user=user, group=group)
 
+    # Render 20-override.conf for OpenVPN service
+    render(service_file.format(**openvpn), 'openvpn/service-override.conf.tmpl', openvpn,
+           formater=lambda _: _.replace(""", '"'), user=user, group=group)
+    # Reload systemd services config to apply an override
+    call(f'systemctl daemon-reload')
+
     return None
 
 def apply(openvpn):