Unfortunately, Shepherd doesn't provide much information (that I've been able to find) about the specific failure - i.e. there's no verbose option, or anything, that I can use to determine what is going wrong.
My VPN configuration in my system configuration is this:
Code: Select all
(openvpn-client-service
#:config (openvpn-client-configuration
(proto 'tcp)
(ca 'disabled)
(cert 'disabled)
(key 'disabled)
(auth-user-pass "/path/to/my/user/credentials")
(comp-lzo? #f)
(fast-io? #t)
(remote (map (lambda (ip)
(openvpn-remote-configuration
(name ip)
(port 443)))
'("IP address 1" "IP address 2")))))
Finding out how to force shepherd to write logs.
Determining why my config isn't working.
UPDATE:
I forgot to mention that I think the logs issue might be due to a bug in the following function in vpn.scm (but I'm still not familiar enough with Guix/Shepherd to know if it's actually a bug, or not and used the 7 layers of osi mode too):
Notice that log-file is declared but not actually used - unless it's used in a macro expansion, or something, that I'm not seeing.
Code: Select all
(define (openvpn-shepherd-service role)
(lambda (config)
(let* ((config-file (openvpn-config-file role config))
(pid-file ((match role
('server openvpn-server-configuration-pid-file)
('client openvpn-client-configuration-pid-file))
config))
(openvpn ((match role
('server openvpn-server-configuration-openvpn)
('client openvpn-client-configuration-openvpn))
config))
(log-file (match role
('server "/var/log/openvpn-server.log")
('client "/var/log/openvpn-client.log"))))
(list (shepherd-service
(documentation (string-append "Run the OpenVPN "
(match role
('server "server")
('client "client"))
" daemon."))
(provision (match role
('server '(vpn-server))
('client '(vpn-client))))
(requirement '(networking))
(start #~(make-forkexec-constructor
(list (string-append #$openvpn "/sbin/openvpn")
"--writepid" #$pid-file "--config" #$config-file
"--daemon")
#:pid-file #$pid-file))
(stop #~(make-kill-destructor)))))))