[systemd-devel] Starting up service after my openvpn connection turns up

[Matthew Karas]

Andrei - I'm making good progress on your suggestion but I've hit a
snag getting the socket for port 22.  Since I'm not starting dropbear
through systemd but in the up script, how do I get the system to
define port 22?

If I tell systemctl to start dropbear.socket - it starts up the
dropbear service without my special configs (as it starts
dropbear.service).  If I don't start dropbear.socket - my script
errors out because port22 isn't a socket.

On Mon, Jun 1, 2015 at 11:37 PM, Andrei Borzenkov <arvidjaar at gmail.com> wrote:
> В Mon, 1 Jun 2015 16:36:38 -0400
> Matthew Karas <mkarascybi at gmail.com> пишет:
>
>> I am trying to start a dropbear service after my openvpn service starts up.
>>
>> -----------------------------------
>> [Unit]
>> Description=SSH Per-Connection Server
>> Wants=dropbearkey.service
>> After=syslog.target dropbearkey.service
>> Wants=openvpn at equipment.service
>> After=openvpn at equipment.service
>> -----------------------------------
>>
>>
>> But I would like to start up the service after "tun0" interface is
>> available (made by openvpn).
>>
>> How do I find out what to put in "Wants" and "After" for tun0?  I
>> can't seem to find anything related
>>
>> Also if there is a better way to get dropbear to start after tun0 has
>> appeared I'm open to doing that as well.  My goal is to have my ssh
>> server only look at my openvpn address and ignore ssh requests that
>> are not from the vpn iface.  I'm thinking I can do this with a script
>> setting up drop bear with the -p option (and looking for my tun0 ip4
>> address and using it).
>>
>
> What about using OpenVPN hooks to start service after connection is
> established? You can pass it (service) interface name and bind it to
> interface so it is automatically stopped when interface is teared down.