Solutions
Here are some detailed aspect and solutions about this question (note that centos 6 is not using systemd, centos switched to systemd on v7)
Solution for centos 7
Setup OpenVPN At Boot:
We can use systemd (implement a service) to make openvpn start at boot, we need to create the service, enable it then start it. (after enabling the service it will be automatically start at boot time)
1 - Create the service: (with root)
cd /etc/systemd/system
touch openvpn-custom.service
chmod 644 openvpn-custom.service
2 - Open the service file: (with root)
open /etc/systemd/system/openvpn-custom.service
with the text editor that you use example nano openvpn-custom.service
3 - Edit and setup the service file: (with root)
Paste and adapt the following code into /etc/systemd/system/openvpn-custom.service
[Unit]
Description=OpenVPN Custom Setup Script
After=network.target network-online.target
Wants=network-online.target
[Service]
Type=forking
RemainAfterExit=yes
ExecStart=/full-path-to/your/vpn-script/vpn.sh
ExecStop=/full-path-to/a-scirpt/that-would-stop-openvpn/vpn-stop.sh
[Install]
WantedBy=multi-user.target
4 - Enable and start the service: (with root)
systemctl enable openvpn-custom.service
systemctl start openvpn-custom.service
you can check the status of the service with systemctl status openvpn-custom.service
Setup Transmission And Telegram At Boot (based on openvpn status):
Same as openvpn solution create a new service (then enable and start it) containing the following code
[Unit]
Description=Application Depending on OpenVPN
After=network.target network-online.target openvpn-custom.service
Wants=network-online.target openvpn-custom.service
[Service]
Type=forking
RemainAfterExit=yes
ExecStart=/full-path-to/your/ovpn-applications.sh
ExecStop=/full-path-to/a-scirpt/that-would-stop-apps/ovpn-applications-stop.sh
[Install]
WantedBy=multi-user.target
Your ovpn-applications.sh would look like something like this
#!/bin/sh
/bin/sed s/IP_ADDRESS/$4/ /var/lib/transmission/.config/transmission/settings_template.json > /var/lib/transmission/.config/transmission/settings.json
/etc/init.d/transmission-daemon start
/etc/init.d/transmission-telegram start
After=openvpn-custom.service
and Wants=openvpn-custom.service
would make that service depending on openvpn and thus if openvpn service is not started or fail the other service would not start
Solution for centos 6
Setup OpenVPN At Boot:
1 - Create the service: (with root)
cd /etc/rc.d/init.d
touch openvpn-custom
chmod 755 openvpn-custom
2 - Open the service file: (with root)
open /etc/rc.d/init.d/openvpn-custom
with the text editor that you use example nano openvpn-custom
3 - Edit and setup the service file: (with root)
#!/bin/bash
#
# chkconfig: 2345 55 45
# description: Custom openvpn script
# processname: openvpn
#
### BEGIN INIT INFO
# Provides: openvpn
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 2 3 4 5
# Short-Description: The openvpn daemon
# Description: The openvpn daemon custom script
### END INIT INFO
#/etc/rc.d/init.d/openvpn-custom
# Source function library.
. /etc/init.d/functions
start() {
echo -n "Starting custom openvpn... "
/full-path-to/your/vpn-script/vpn.sh
return 0
}
stop() {
echo -n "Shutting down custom openvpn... "
/full-path-to/a-scirpt/that-would-stop-openvpn/vpn-stop.sh
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
;;
restart)
stop
start
;;
reload)
;;
*)
echo "Usage: openvpn-custom {start|stop|status|reload|restart}"
exit 1
;;
esac
exit $?
4 - Enable and start the service: (with root)
chkconfig openvpn-custom on
service openvpn-custom start
you can check the status of the service with service openvpn-custom status
How to make sure openvpn only start when the network is ready
The chkconfig definition at the start of an initscript determines what S/K number it gets.
Each "runlevel" is actually just a directory (/etc/rc*.d/) full of symlinks to initscripts (/etc/init.d/) and those symlinks are named with numbered S and K entries.
S means start and K means kill. When init enters a runlevel, it starts with S01 and works its way through to S99, running each initscript to start the service which that script controls. When init leaves a runlevel, it starts with K01 and works its way through to K99, running each script to stop the service which that script controls.
man chkconfig gives an example of both the chkconfig-style service definition, and the Linux Standards Base (LSB) style service definition.
If an initscript has both types defined, the LSB definition should take precedence over the chkconfig definition.
If you have a service which depends on network connectivity, you can either make sure your service starts after /etc/rc*.d/S10network by giving it a start number after 10, or you can see that /etc/init.d/network has the LSB definition Provides: $network, so you can use the LSB definition Required-Start: $network in your initscript.
Setup Transmission And Telegram At Boot (based on openvpn status):
Same as openvpn solution create a new service (then enable and start it) containing the following code (/etc/rc.d/init.d/openvpn-apps)
#!/bin/bash
#
# chkconfig: 2345 55 45
# description: Custom openvpn-apps script
# processname: openvpn-apps
#
### BEGIN INIT INFO
# Provides: openvpn-apps
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 2 3 4 5
# Short-Description: The openvpn-apps daemon
# Description: The openvpn daemon custom script
### END INIT INFO
#/etc/rc.d/init.d/openvpn-apps
# Source function library.
. /etc/init.d/functions
start() {
echo -n "Starting custom openvpn... "
/full-path-to/your/apps.sh
return 0
}
stop() {
echo -n "Shutting down custom openvpn... "
/full-path-to/your/stop-apps.sh
return 0
}
case "$1" in
start)
start
;;
stop)
stop
;;
status)
;;
restart)
stop
start
;;
reload)
;;
*)
echo "Usage: openvpn-apps {start|stop|status|reload|restart}"
exit 1
;;
esac
exit $?
Your apps.sh would look like something like this
#!/bin/sh
/bin/sed s/IP_ADDRESS/$4/ /var/lib/transmission/.config/transmission/settings_template.json > /var/lib/transmission/.config/transmission/settings.json
/etc/init.d/transmission-daemon start
/etc/init.d/transmission-telegram start
To make your apps.sh dependent on openvpn status you can fist delay the start of apps.sh with sleep
or write a bash loop that check openvpn with ps or check the result of a ping to your openvn gateway (in apps.sh) or you could just check the result of service openvpn-custom status
(in apps.sh)
Solutions (6 & 7) notes:
Fail safe openvpn:
You can setup a "fail safe" to make the network go down if openvpn is not working and thus prevent connections leaks when the vpn is not working for this you can use this or that solution
Force an application to use specific interface:
If your openvpn setup is tunneling/routing the whole system; there is no need for this but if you are not routing all the traffic through the openvpn interface you can proxify/bind/force your applications (transmission/telegram) to use the vpn; Under Linux there are several solution to bind an application to a specific interface each one have its pro and con this unix stackexchange answer explain with detailed most of the available possibilities
Best Answer
On centos 7 use
gnome-session-properties
to edit this in the GUI:This will add a
.desktop
file in~/.config/autostart/
. You can also alternatively copy the.desktop
file yourself.