-
-
-
- Austria (27)
- General (16)
- HowTo (122)
- IT Security (129)
- Linux (127)
- Networking (65)
- Other (3)
-
- CDemu - a free, gpl cd/dvd-rom device emulator for linux
- heatpumpMonitor - Monitoring a Stiebel Eltron LWZ
- ignis backup tool - the heat-strengthened backup tool
-
- December 2021 (2)
- September 2019 (1)
- May 2019 (1)
- April 2019 (1)
- January 2019 (1)
- October 2018 (1)
- August 2018 (1)
- February 2018 (1)
- September 2017 (1)
- August 2017 (2)
- May 2017 (1)
- April 2017 (1)
- February 2017 (1)
- January 2017 (2)
- December 2016 (1)
- November 2016 (2)
- October 2016 (1)
- September 2016 (1)
- August 2016 (1)
- July 2016 (2)
- April 2016 (1)
- March 2016 (3)
- February 2016 (4)
- January 2016 (2)
- December 2015 (2)
- November 2015 (2)
- September 2015 (2)
- July 2015 (5)
- June 2015 (4)
- May 2015 (2)
- February 2015 (1)
- January 2015 (4)
- December 2014 (1)
- November 2014 (5)
- October 2014 (4)
- September 2014 (1)
- August 2014 (4)
- July 2014 (3)
- June 2014 (5)
- May 2014 (5)
- April 2014 (1)
- March 2014 (2)
- February 2014 (3)
- January 2014 (5)
- December 2013 (2)
- November 2013 (3)
- September 2013 (3)
- August 2013 (2)
- May 2013 (4)
- April 2013 (1)
- March 2013 (1)
- February 2013 (3)
- December 2012 (3)
- November 2012 (3)
- October 2012 (1)
- September 2012 (2)
- June 2012 (1)
- May 2012 (1)
- April 2012 (1)
- March 2012 (1)
- February 2012 (1)
- January 2012 (1)
- December 2011 (4)
- November 2011 (1)
- August 2011 (1)
- March 2011 (1)
- October 2010 (1)
- May 2010 (3)
- January 2010 (1)
- September 2009 (1)
- August 2009 (5)
- July 2009 (5)
- June 2009 (4)
- May 2009 (1)
- April 2009 (1)
- January 2009 (1)
- December 2008 (6)
- November 2008 (6)
- October 2008 (2)
- September 2008 (11)
- August 2008 (4)
- July 2008 (7)
- June 2008 (2)
- May 2008 (7)
- April 2008 (5)
- March 2008 (9)
- February 2008 (15)
- January 2008 (11)
- December 2007 (3)
Tips / Solutions for settings up OpenVPN on Debian 9 within Proxmox / LCX containers
September 21, 2017
When I tried to migrate my OpenVPN setup to a container on my new Proxmox server I run into multiple problems, where searching through the Internet provided solutions that did not work or were out of date. So I thought I put everything one needs to setup OpenVPN on Debian 9 within a Proxmox / LXC container together in one blog post.
Getting a TUN device into the unprivileged container
As you really should run container in unprivileged mode the typical solutions with adding/allowing
lxc.cgroup.devices.allow: c 10:200 rwm
won’t work. And running a container in privileged mode is a bad bad idea, but gladly there is a native LXC solution.
Stop the container with
pct stop <containerid>
Add following line to /etc/pve/lxc/<containerid>.conf
lxc.mount.entry = /dev/net/tun dev/net/tun none bind,create=file
start the container with
pct start <containerid>
OpenVPN will now be able to create a tun device. Just do a test run with
openvpn --config /etc/openvpn/blabla.conf
Add OpenVPN config files to the “autostart”
You need to put the OpenVPN files into /etc/openvpn/ with the extension .conf. And if you add a new file you need to run
systemctl daemon-reload
before doing a service openvpn restart.
Changes in existing config files don’t need the systemd reload.
Getting systemd to start openvpn within a unprivileged container
So OpenVPN works now manually but not with the “init” script. You see following error message in the log file
daemon() failed or unsupported: Resource temporarily unavailable (errno=11)
To solve this edit
/lib/systemd/system/[email protected]
and but a # in front of
LimitNPROC=10
now reload systemd with
systemctl daemon-reload
and it should work.
Hope that info/tips helped you to solve the problems faster than I did. 🙂 If you know some other tips / solutions for running OpenVPN in a Debian 9 container withing LXC / Proxmox write a comment! Thx!
1 Comment »
RSS feed for comments on this post. TrackBack URI
Leave a comment
Powered by WordPress
Entries and comments feeds.
Valid XHTML and CSS.
36 queries. 0.044 seconds.
Thanks for this. I needed to use
create=dirfor proxmox 5.2. I’m not sure what the difference is but pct couldn’t even start the container withcreate=file.Comment by Bill McGonigle — September 13, 2018 #