OpenVPN service restart vs resync



  • At the moment, an OpenVPN service (re)start from the dashboard services widget or services status display just restarts the process, using the existing conf file. Other things (like apinger, ntpd), when (re)started, call routines that write their conf file and everything from scratch and kick off the process.
    If the problem with an OpenVPN instance is that its conf file still has an out-of-date device to bind to, then the restart is not effective in resolving the issue. This can happen if, for whatever reason, the OpenVPN instance has not failed over to a currently up member of its gateway group. At the moment, the user has to do something else to force the gateway group status to be re-evaluated and the conf file rewritten (e.g. edit/save the OpenVPN instance settings).
    IMHO it would be more helpful if openvpn_resync got called, rather than openvpn_restart. (/etc/inc/service-utils.inc and openvpn.inc have the bits of code).
    Note: This would also help when using Services Watchdog package - at least if the OpenVPN instance has died completely, then it would get started, including writing a new up-to-date conf file.
    Comments please…


  • Rebel Alliance Developer Netgate

    Ideally they would behave consistently and all only restart the process, and a separate option should be made (with a different-looking button) to resync them and restart.



  • Also, some processes don't use a conf file, but could. e.g. I think the dnsmasq startup code just generates a big long command line with loads of options on it (generated from the host overrides, domain overrides, other checkboxes, advanced box…). That makes it hard to find out what are all the options in use at run time. The code could be changed (quite easily I think) to write a conf file and have dnsmasq use the conf file.
    The it would also have the possibility to either restart or resync.

    Is there a suitable icon hanging about to use for resync as distinct from restart?


  • Rebel Alliance Developer Netgate

    No icon that I can think of. Would have to be something new.


Log in to reply