New user here, let me know how to categorize/fix this if I messed up a bit.
I've been having some (a lot of) trouble connecting to Mullvad with NetBSD. I'm aware there's no way to use Wireguard yet so instead I've been struggling to figure out OpenVPN. Spoiler alert: I'm posting this over my connection to Mullvad, but I'm requesting comment because I think I did it wrong.
I did the following:
openresolv via pkgin
- put the
rc.d script for OpenVPN in the correct location (
/etc/rc.d/) with the right file permissions (
- copied the Mullvad-supplied configuration files,
After this, OpenVPN complained about missing files in
/etc/openvpn/. I made the probably unwise decision to
ln -s /etc/openvpn /usr/pkg/etc/openvpn which at least lead me further to getting the following errors with `# openvpn /etc/openvpn/mullvad_nz_akl.conf:
Options error: --ca fails with 'mullvad_ca.crt': No such file or directory (errno=2)
2021-07-19 17:04:12 WARNING: cannot stat file 'mullvad_userpass.txt': No such file or directory (errno=2)
Options error: --auth-user-pass fails with 'mullvad_userpass.txt': No such file or directory (errno=2)
Then I did some more reading of the Mullvad OpenVPN guide and other Linux articles and found that I should probably use the
--config arg to specify my configuration file.
openvpn --config /etc/openvpn/mullvad_nz_akl.conf gives me the same error. Okay. I'm getting errors with missing files, and args that apparently supply the locations. Let's try
openvpn --config /etc/openvpn/mullvad_nz_akl.conf --ca /etc/openvpn/mullvad_ca.crt --auth-user-pass /etc/openvpn/mullvad_userpass.txt. Aha! A long string of warnings, here's the last three lines:
2021-07-19 17:08:40 /etc/openvpn/update-resolv-conf tun0 1500 1552 10.9.0.18 255.255.0.0 init
2021-07-19 17:08:40 WARNING: Failed running command (--up/--down): could not execute external program
2021-07-19 17:08:40 Exiting due to fatal error
Okay. What's that script?
update-resolv-conf? It's a short one - 100 lines or so of bash. So I found the upstream and
# mv update-resolv-conf update-resolv-conf.bak && mv update-resolv-conf.sh update-resolv-conf && chmod +x update-resolv-conf. Now let's rerun that long, explicit
openvpn command from earlier and:
2021-07-19 17:15:07 Initialization Sequence Completed
curl https://am.i.mullvad.net/connected says I'm connected.
So: How much damage did I do? Is there a better (more automagic) way to do VPN connections? I'm a total NetBSD n00b and have thick skin so feel free to go ahead and fillet me... linking /etc/openvpn -> /usr/pkg/etc/openvpn made even me cringe.