Git-Mirrors/shaker
1
0
Fork 0
mirror of https://github.com/unman/shaker.git synced 2024-12-26 15:59:31 -05:00
Code Issues Packages Projects Releases Wiki Activity

Improve description in openvpn package.

Browse Source 
Focus installation.
This commit is contained in:
unman 2022-08-01 13:21:00 +00:00
parent 965a198b7a
commit 41666cb1e2
No known key found for this signature in database
GPG Key ID: FDD1B8244731B36C
1 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
openvpn.spec
View File

@ -7,10 +7,11 @@ License: GPLv3+
SOURCE0: openvpn SOURCE0: openvpn
%description %description
This package sets up VPN gateway. This package sets up a VPN gateway, named sys-vpn.
It follows the method detailed in the Qubes docs, It follows the method detailed in the Qubes docs,
https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md https://github.com/Qubes-Community/Contents/blob/master/docs/configuration/vpn.md
using iptables and CLI scripts. using iptables and CLI scripts.
The package creates a qube called sys-vpn based on the debian-11-minimal The package creates a qube called sys-vpn based on the debian-11-minimal
template. If the debian-11-minimal template is not present, it will template. If the debian-11-minimal template is not present, it will
be downloaded and installed - this may take some time depending on your be downloaded and installed - this may take some time depending on your
@ -19,10 +20,12 @@ net connection.
There are minor changes to the firewall rules on sys-vpn to ensure There are minor changes to the firewall rules on sys-vpn to ensure
blocking of outbound connections. blocking of outbound connections.
After installing, copy your openvpn configuration file to /rw/config/vpn After installing, copy your openvpn configuration file or zip file
in sys-vpn to sys-vpn.
Run the install.sh script provided to set up the VPN. Run setup_vpn to set up the VPN.
Restart sys-vpn. There should be a menu item for this script - if you cannot see it, you may
need to refresh application list in sys-vpn settings.
When finished, restart sys-vpn.
To use the VPN, set sys-vpn as the netvm for your qubes(s). To use the VPN, set sys-vpn as the netvm for your qubes(s).
All traffic will go through the VPN. All traffic will go through the VPN.
@ -34,6 +37,8 @@ If you remove the package, the salt files will be removed.
To do this ALL qubes will be checked to see if they use sys-vpn. To do this ALL qubes will be checked to see if they use sys-vpn.
If they do, their netvm will be set to `none`. If they do, their netvm will be set to `none`.
You can, of course, use template-openvpn to create other VPN gateways.
%install %install
rm -rf %{buildroot} rm -rf %{buildroot}
@ -49,7 +54,7 @@ if [ $1 -eq 1 ]; then
qubesctl state.apply openvpn.clone qubesctl state.apply openvpn.clone
qubesctl --skip-dom0 --targets=template-openvpn state.apply openvpn.install qubesctl --skip-dom0 --targets=template-openvpn state.apply openvpn.install
qubesctl state.apply openvpn.create qubesctl state.apply openvpn.create
qubesctl --skip-dom0 --targets=sys-vpn state.apply openvpn.configure qubesctl --skip-dom0 --targets=sys-vpn state.apply openvpn.client_install
fi fi
%postun %postun