Hi
Openvpn gives this error message while installation
Success! Service successfully added
+ [[ ! -c /dev/net/tun ]]
+ sudo service nginx reload
Reloading nginx configuration: nginx.
+ sudo service openvpn restart
Stopping virtual private network daemon:.
Starting virtual private network daemon: yunohost failed!
Error: Installation failedCan you describe the host hardware specification ? (RPi ? old laptop ? standard VPS ?)
I use old PC with Amd processor.
my /etc/openvpn/yunohost.cong is
port 1194
dev tun
proto udp
ca /etc/yunohost/certs/datamol.in/ca.pem
cert /etc/yunohost/certs/datamol.in/crt.pem
key /etc/yunohost/certs/datamol.in/key.pem
dh /etc/yunohost/certs/datamol.in/dh.pem
server 10.8.0.0 255.255.255.0
route 10.8.0.0 255.255.255.0
keepalive 10 60
inactive 600
user openvpn
group openvpn
persist-tun
persist-key
verb 3
plugin /usr/lib/openvpn/openvpn-auth-ldap.so /etc/openvpn/auth/ldap.conf
client-cert-not-required
status /var/log/openvpn.log
comp-lzo
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
my etc/openvpn/update-resolv-conf is
#!/bin/bash
#
# Parses DHCP options from openvpn to update resolv.conf
# To use set as 'up' and 'down' script in your openvpn *.conf:
# up /etc/openvpn/update-resolv-conf
# down /etc/openvpn/update-resolv-conf
#
# Used snippets of resolvconf script by Thomas Hood <jdthood@yahoo.co.uk>
# and Chris Hanson
# Licensed under the GNU GPL. See /usr/share/common-licenses/GPL.
#
# 05/2006 chlauber@bnc.ch
#
# Example envs set from openvpn:
# foreign_option_1='dhcp-option DNS 193.43.27.132'
# foreign_option_2='dhcp-option DNS 193.43.27.133'
# foreign_option_3='dhcp-option DOMAIN be.bnc.ch'
[ -x /sbin/resolvconf ] || exit 0
case $script_type in
up)
for optionname in ${!foreign_option_*} ; do
option="${!optionname}"
echo $option
part1=$(echo "$option" | cut -d " " -f 1)
if [ "$part1" == "dhcp-option" ] ; then
part2=$(echo "$option" | cut -d " " -f 2)
part3=$(echo "$option" | cut -d " " -f 3)
if [ "$part2" == "DNS" ] ; then
IF_DNS_NAMESERVERS="$IF_DNS_NAMESERVERS $part3"
fi
if [ "$part2" == "DOMAIN" ] ; then
IF_DNS_SEARCH="$IF_DNS_SEARCH $part3"
fi
fi
done
R=""
for SS in $IF_DNS_SEARCH ; do
R="${R}search $SS
"
done
for NS in $IF_DNS_NAMESERVERS ; do
R="${R}nameserver $NS
"
done
echo -n "$R" | /sbin/resolvconf -a "${dev}.inet"
;;
down)
/sbin/resolvconf -d "${dev}.inet"
;;
esac
my etc/openvpn/yunohost.cron is
#!/bin/bash
/sbin/iptables -L -t nat | grep 10.8.0.0/24 | grep MASQUERADE > /dev/null 2>&1
if [[ ! $? -eq 0 ]]; then
/sbin/iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
fiI am unable to install the openvpn.
Somebody can tell me the reason.
[root@yunohost] ~ # sudo yunohost app install https://github.com/Kloadut/openvpn_ynh
Downloading...
Extracting...
Done.
Choose a domain for OpenVPN: datamol.in
Choose a path for OpenVPN (default: /openvpn):
Executing script...
+ domain=datamol.in
+ path=/openvpn
+ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-yunohost tcp -- anywhere anywhere multiport dports http,https
fail2ban-nginx tcp -- anywhere anywhere multiport dports http,https
fail2ban-dovecot tcp -- anywhere anywhere multiport dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
fail2ban-sasl tcp -- anywhere anywhere multiport dports smtp,ssmtp,imap2,imap3,imaps,pop3,pop3s
fail2ban-postfix tcp -- anywhere anywhere multiport dports smtp,ssmtp
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-dovecot (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-nginx (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-postfix (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-sasl (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-yunohost (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
+ [[ ! 0 -eq 0 ]]
+ sudo yunohost app checkurl datamol.in/openvpn -a openvpn
+ [[ ! 0 -eq 0 ]]
+ [[ ! -c /dev/net/tun ]]
++ sudo cat /etc/yunohost/interface
+ iface=eth0
+ sudo yunohost app checkport 1194
Success! Port 1194 is available
+ [[ ! 0 -eq 0 ]]
+ sudo yunohost firewall allow UDP 1194
+ sudo apt-get install openvpn openvpn-auth-ldap -y -qq
+ sudo useradd openvpn
useradd: user 'openvpn' already exists
+ sudo openssl dhparam -out /etc/yunohost/certs/datamol.in/dh.pem 2048
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
..............................+.............................................................................................................................................................................................................................+...............................................+...................+......................................................................................................+......................................+..................................+................+..................................................+.....................................................................................................................................+..............................................................................................................................................+...........................................................................................................................................................................................................................................................................................................................+.........+..........................................................................................................................................................................................................................................+............................................+...............................................+............................................................................+...................................................................................................+...............................................................................................................................................................+...........................................................................................................+...........................+..............................+...................................................................+...........................+............................................................................................................................................................................................................................................................................................+..................................++*++*
+ final_path=/var/www/openvpn
+ sudo mkdir -p /etc/openvpn/auth
+ sudo mkdir -p /var/www/openvpn
+ sudo touch /var/log/openvpn.log
+ sudo chown openvpn: /var/log/openvpn.log
+ sed -i s@PATHTOCHANGE@/openvpn@g ../conf/nginx.conf
+ sed -i s@ALIASTOCHANGE@/var/www/openvpn/@g ../conf/nginx.conf
+ sed -i s@DOMAINTOCHANGE@datamol.in@g ../conf/yunohost.conf
+ sed -i s@DOMAINTOCHANGE@datamol.in@g ../conf/config.ovpn
+ sed -i s@DOMAINTOCHANGE@datamol.in@g ../conf/config-cli.ovpn
+ sudo cat /etc/ssl/certs/ca-yunohost_crt.pem
+ echo -e '\n</ca>'
+ sudo cp ../conf/yunohost.conf /etc/openvpn/
+ sudo cp ../conf/ldap.conf /etc/openvpn/auth/
+ sudo cp ../conf/nginx.conf /etc/nginx/conf.d/datamol.in.d/openvpn.conf
+ sudo cp -a ../sources/assets ../sources/index.php /var/www/openvpn
+ sudo ln -s /etc/ssl/certs/ca-yunohost_crt.pem /var/www/openvpn/ca.crt
ln: failed to create symbolic link `/var/www/openvpn/ca.crt': File exists
+ sudo cp -a ../conf/config-cli.ovpn /var/www/openvpn/datamol.in.ovpn
+ sudo cp -a ../conf/config.ovpn /var/www/openvpn/datamol.in.conf
+ sudo chown www-data: /var/www/openvpn
+ sudo cp ../conf/sysctl /etc/sysctl.d/openvpn.conf
+ sudo sysctl -p /etc/sysctl.d/openvpn.conf
net.ipv4.ip_forward = 1
+ sed -i s@IFACETOCHANGE@eth0@g ../conf/cron
+ sudo cp ../conf/cron /etc/openvpn/yunohost.cron
+ sudo tee /etc/cron.d/yunohost-openvpn
+ echo '*/5 * * * * root bash /etc/openvpn/yunohost.cron'
*/5 * * * * root bash /etc/openvpn/yunohost.cron
+ sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
+ sudo yunohost service add openvpn --log /var/log/openvpn.log
Success! Service successfully added
+ [[ ! -c /dev/net/tun ]]
+ sudo service nginx reload
Reloading nginx configuration: nginx.
+ sudo service openvpn restart
Stopping virtual private network daemon:.
Starting virtual private network daemon: yunohost failed!
Error: Installation failedI had the same issue and found out that
$sudo service openvpn restart
was writing some logs at the botom of /var/log/syslog that helped me resolve my issue (in my case ca.pem was missing)
Maybe you can get insight about your issue within those logs too by running
$sudo service openvpn restart
immediately followed by
$sudo tail -n 200 /var/log/syslog |grep ovpn-yunohost
I followed what you wrote, and OpenVPN is now installed 
But it is written : You are not connected to the VPN server
Is it normal that OpenVPN shows me 192.16.0.254 as IP ?
Jeremy54 :
It means you are accessing your server via local network. If you accessed it from the outside world, it should show you your server’s public ip.
Everything is allright now. Thank you.