ocserv: use numeric ID instead of arbitrary USERNAME for nft chain name

Putting a @ in a name is a bad.
ocserv: support UDP
2025-05-16 14:26:39 +02:00 · 2025-05-16 14:26:26 +02:00
2 changed files with 3 additions and 2 deletions
--- a/roles/ocserv/files/ocserv-script
+++ b/roles/ocserv/files/ocserv-script
@ -3,10 +3,10 @@
 set -x

 [ -n "$DEVICE" ] || exit 1
-[ -n "$USERNAME" ] || exit 2
+[ -n "$ID" ] || exit 2
 [ -n "$IP_REMOTE" ] || exit 3

-chain="inet ocserv client-${USERNAME}"
+chain="inet ocserv client-${ID}"
 remote_ip="${IP_REMOTE%/*}"

 case "${REASON}" in
--- a/roles/ocserv/templates/ocserv.conf.j2
+++ b/roles/ocserv/templates/ocserv.conf.j2
@ -1,5 +1,6 @@
 listen-host = {{ dns_name }}
 tcp-port = 443
+udp-port = 443
 server-cert = /etc/letsencrypt/live/{{ dns_name }}/fullchain.pem
 server-key = /etc/letsencrypt/live/{{ dns_name }}/privkey.pem
Author	SHA1	Message	Date
Timotej Lazar	d442940975	ocserv: use numeric ID instead of arbitrary USERNAME for nft chain name Putting a @ in a name is a bad.	2025-05-16 14:26:39 +02:00
Timotej Lazar	245b4a0dcd	ocserv: support UDP	2025-05-16 14:26:26 +02:00