1. Install
2. The Updater - updates jail and it's packages
3. Add new/edit OpenVPN profile(s) and send them to e-mail box
4. Regenerate server's keys, certs and recreate profile(s)
5. The Cleaner - keeps .cfg file and removes jail and related files
6. The Keeper - backup & sends config to email
7. The Watcher - shows server configs & last 50 lines of the log
8. Edit settings
9. Exit
: 1
[..] checking config dirs... [success]
[..] appserver jail creation in progress... appserver successfully created!
Testing Host DNS response to pkg.freebsd.org
Testing appserver's SRV response to pkg.freebsd.org
Testing appserver's DNSSEC response to pkg.freebsd.org
Installing pkg...
You may need to manually remove /usr/local/etc/pkg.conf if it is no longer needed.
Installing supplied packages:
- nano...
- openvpn...
===> Creating groups.
Creating group 'openvpn' with gid '301'.
===> Creating users
Creating user 'openvpn' with uid '301'.
=====
Message from easy-rsa-3.1.0_2:
--
NOTE: easy-rsa will require you to initialize a pki ONLY UPON FIRST USE.
The packaging itself no longer does this because that would confuse easy-rsa,
and easy-rsa expects the vars not to be per-installation, but per-PKI.
ONLY for the very first run for a new PKI, do something such as:
easyrsa --pki-dir=~/my_new_pki init-pki # DANGEROUS - DESTROYS ~/my_new_pki
which will copy vars.example both into ~/my_new_pki
and create another copy named ~/my/new_pki/vars for you to edit for this PKI.
Then, edit ~/my/new_pki/vars to set the defaults.
After upgrades, use other commands, explained by running: easyrsa help.
to explain options such as --pki-dir (see above), run: easyrsa help options
=====
Message from openvpn-2.5.7_1:
--
Edit /etc/rc.conf[.local] to start OpenVPN automatically at system
startup. See /usr/local/etc/rc.d/openvpn for details.
Connect to VPN server as a client with this command to include
the client.up/down scripts in the initialization:
openvpn-client <spec>.ovpn
For compatibility notes when interoperating with older OpenVPN
versions, please see <
http://openvpn.net/relnotes.html>
Note that OpenVPN does not officially support LibreSSL.
Note that OpenVPN configures a separate user and group "openvpn",
which should be used instead of the NFS user "nobody"
when an unprivileged user account is desired.
You may want to add user openvpn and group openvpn when creating your
configuration files, the example configuration shows this only as comments.
- mpack...
* Starting appserver
+ Started OK
+ Using devfs_ruleset: 1002 (iocage generated default)
+ Configuring VNET OK
+ Using IP options: vnet
+ Starting services OK
+ Executing poststart OK
[..] make a bkp of 'server.conf' file to conf dir... [success]
[..] make a bkp of 'client.conf' file to conf dir... [success]
[..] make a bkp of 'easy-rsa/vars' file to conf dir... [fail]
[..] copy 'ipfw.rules' file to conf dir... [success]
[..] copy 'newsyslog.conf' file to conf dir... [success]
[..] copy 'syslog.conf' file to conf dir... [success]
[..] copy 'rc.conf' file to conf dir... [success]
[..] adjust values in 'rc.conf' file... [success]
[..] copy 'rc.conf|ipfw.rules|syslog.conf|newsyslog.conf' files to jail... [success]
[..] copy 'easy-rsa' dir to conf dir... [success]
[..] copy 'openvpn.conf' file to conf dir... [success]
[..] copy 'vars' file to conf dir... [success]
[..] adjust values in 'openvpn.conf' file... [success]
[..] adjust values in 'vars' file... [success]
[..] copy Easy RSA vars file to conf dir... [success]
[..] generating PKI...
Something went wrong, exiting.
[info] Display error(s) in a sec.
Log file: /tmp/OpenVPN-on-FreeNAS-in-iocage/openvpn-configs/ovpn-install.log
No default gateway found for ipv6.
cp: /mnt/pool/iocage/jails/appserver/root/usr/local/share/easy-rsa/vars: No such file or directory
/tmp/OpenVPN-on-FreeNAS-in-iocage/scripts/keys.sh: line 20: ./easyrsa.real: No such file or directory