wisdom of the shadows

2026-04-22 16:57:21 +01:00
parent ee4f5568a1
commit 809f96ff0e
3 changed files with 12 additions and 11 deletions
--- a/VM_CONFIG.sh
+++ b/VM_CONFIG.sh
@@ -22,3 +22,15 @@ cp ca/serial "${CA_DIR}/serial"

 mkdir -p /etc/openvpn/server
 mkdir -p /etc/openvpn/client
+
+# NOTE(vasco): tive problemas com a sincronização de tempo
+# se nao tiver sincronizado, o TOTP nao funciona
+systemctl stop chronyd
+ntpdate pool.ntp.org
+systemctl start chronyd
+
+# NOTE(vasco): o openvpn não consegui aceder ao home e ler os secrets
+# do google authenticator, por isso fiz isto:
+mkdir -p /etc/systemd/system/openvpn-server@.service.d
+echo -e "[Service]\nProtectHome=false" > /etc/systemd/system/openvpn-server@.service.d/override.conf
+systemctl daemon-reload
--- a/VM_VPN_GATEWAY.sh
+++ b/VM_VPN_GATEWAY.sh
@@ -8,17 +8,6 @@
 source VM_CONFIG.sh
 yum install -y google-authenticator qrencode ntpsec

-# NOTE(vasco): tive problemas com a sincronização de tempo
-# se nao tiver sincronizado, o TOTP nao funciona
-systemctl stop chronyd
-ntpdate pool.ntp.org
-systemctl start chronyd
-
-# NOTE(vasco): o openvpn não consegui aceder ao home e ler os secrets
-# do google authenticator, por isso fiz isto:
-mkdir -p /etc/systemd/system/openvpn-server@.service.d
-echo -e "[Service]\nProtectHome=false" > /etc/systemd/system/openvpn-server@.service.d/override.conf
-systemctl daemon-reload

 # --- forwarding --- #
 if_fora="enp0s8"
--- a/user2.p12
+++ b/user2.p12