[SOLVED] calling startup vpn script from systemd - environment issues?
by catfoo from LinuxQuestions.org on (#6GTNQ)
HW - Raspberry Pi Model 3B+
SW - Debian 11.8, OS bullseye, headless, Wireguard v1.0.20210223-1
Goal is to get a connection to PIA VPN.
After spending a week trying unsuccessfully to get openvpn/wireguard to connect using many how-to's, I ran across this github project. On a command line, their TLDR solution just worked. I was thrilled. Thought it would be trivial to make it start at boot. I was wrong. Tried modifying rc.local - several hours, no joy. Also, realized it'd probably be better to use a systemd service for reconnecting if lost.
Here is the (working) command line that runs the script:
Code:sudo VPN_PROTOCOL=wireguard DISABLE_IPV6=yes DIP_TOKEN=no AUTOCONNECT=true PIA_PF=false PIA_DNS=true PIA_USER=pxxxxxxx PIA_PASS=xxxxxx ./run_setup.shGreat. Then, tried systemd solution near the end of this post (you'll see I posted the same issue there - but the thread was from a year ago - not sure folks there are still paying attention). Here is the systemd service I copied/created, piavpn.system.
Code: [Unit]
Description=Runs PIA over wiregaurd
After=network-online.target
[Service]
Environment='VPN_PROTOCOL=wireguard'
Environment='DISABLE_IPV6=yes'
Environment='DIP_TOKEN=no'
Environment='AUTOCONNECT=true'
Environment='PIA_PF=false'
Environment='PIA_DNS=true'
Environment='PIA_USER=pxxxxxxx'
Environment='PIA_PASS=xxxxxxxxxx'
WorkingDirectory=/usr/local/bin/manual-connections
ExecStart=/bin/bash /usr/local/bin/manual-connections/run_setup.sh
Restart=no
Type=simple
User=root
[Install]
WantedBy=multi-user.target Executed:
sudo systemctl daemon-reload
sudo systemctl enable piavpn.service
Here is the output from systemctl status piavpn.service.
Code: systemctl status piavpn.service
piavpn.service - Runs PIA over wiregaurd
Loaded: loaded (/etc/systemd/system/piavpn.service; enabled; vendor preset: enabled)
Active: activating (start) since Thu 2023-11-30 18:48:35 PST; 36s ago
Main PID: 829 (bash)
Tasks: 1 (limit: 1595)
CPU: 35.122s
CGroup: /system.slice/piavpn.service
829 /bin/bash /usr/local/bin/manual-connections/run_setup.sh
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.Tried rebooting, reformatting the pass string, debugging systemd, all rabbit holes. Note this issue shouldn't be specifically related to the specific goal I'm trying to achieve. I assume this would occur with any script requiring environment variables and some sort of conditional interface.
I've run out of patience/ideas. Any help would be appreciated!
SW - Debian 11.8, OS bullseye, headless, Wireguard v1.0.20210223-1
Goal is to get a connection to PIA VPN.
After spending a week trying unsuccessfully to get openvpn/wireguard to connect using many how-to's, I ran across this github project. On a command line, their TLDR solution just worked. I was thrilled. Thought it would be trivial to make it start at boot. I was wrong. Tried modifying rc.local - several hours, no joy. Also, realized it'd probably be better to use a systemd service for reconnecting if lost.
Here is the (working) command line that runs the script:
Code:sudo VPN_PROTOCOL=wireguard DISABLE_IPV6=yes DIP_TOKEN=no AUTOCONNECT=true PIA_PF=false PIA_DNS=true PIA_USER=pxxxxxxx PIA_PASS=xxxxxx ./run_setup.shGreat. Then, tried systemd solution near the end of this post (you'll see I posted the same issue there - but the thread was from a year ago - not sure folks there are still paying attention). Here is the systemd service I copied/created, piavpn.system.
Code: [Unit]
Description=Runs PIA over wiregaurd
After=network-online.target
[Service]
Environment='VPN_PROTOCOL=wireguard'
Environment='DISABLE_IPV6=yes'
Environment='DIP_TOKEN=no'
Environment='AUTOCONNECT=true'
Environment='PIA_PF=false'
Environment='PIA_DNS=true'
Environment='PIA_USER=pxxxxxxx'
Environment='PIA_PASS=xxxxxxxxxx'
WorkingDirectory=/usr/local/bin/manual-connections
ExecStart=/bin/bash /usr/local/bin/manual-connections/run_setup.sh
Restart=no
Type=simple
User=root
[Install]
WantedBy=multi-user.target Executed:
sudo systemctl daemon-reload
sudo systemctl enable piavpn.service
Here is the output from systemctl status piavpn.service.
Code: systemctl status piavpn.service
piavpn.service - Runs PIA over wiregaurd
Loaded: loaded (/etc/systemd/system/piavpn.service; enabled; vendor preset: enabled)
Active: activating (start) since Thu 2023-11-30 18:48:35 PST; 36s ago
Main PID: 829 (bash)
Tasks: 1 (limit: 1595)
CPU: 35.122s
CGroup: /system.slice/piavpn.service
829 /bin/bash /usr/local/bin/manual-connections/run_setup.sh
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.
Nov 30 18:49:07 pi3 bash[829]: PIA password:
Nov 30 18:49:07 pi3 bash[829]: You must provide input.Tried rebooting, reformatting the pass string, debugging systemd, all rabbit holes. Note this issue shouldn't be specifically related to the specific goal I'm trying to achieve. I assume this would occur with any script requiring environment variables and some sort of conditional interface.
I've run out of patience/ideas. Any help would be appreciated!