superfk7 0 Posted ... Hi all I want to create a systemd service for eddie to run on startup without having to login user. I read the following links but I'm stuck where it says I have to copy/move the default.xml from ~/.airvpn/ to /etc/airvpn. The problem is that there is not ~/.airvpn/ in my home directory. link1 link2 link3 Something else I want to ask. I set the port in p2p client but the test failed, so I created a firewall rule in ufw and the port opened. Should I open the port in ufw or it is against the purpose of vpn? (Of course I haven't created a rule for on my router, I know that) Quote Share this post Link to post
Staff 10111 Posted ... 1 hour ago, superfk7 said: The problem is that there is not ~/.airvpn/ in my home directory. Hello! eddie-ui --cli has been replaced by eddie-cli that doesn't need Mono anymore. Please run eddie-cli directly. You can download it by selecting the CLI only package in the Linux download page. The correct default directory is ~/.config/eddie and the default configuration file name is default.profile (the path and filename specified by the author were correct in very old Eddie versions). If the file is encrypted, the procedure can not work (at the time the author wrote the document, probably the encryption of the default configuration file via Master Password was not yet implemented), therefore make sure to generate a non-encrypted default.profile Quote I created a firewall rule in ufw and the port opened. Should I open the port in ufw A different solution to consider (which is potentially better) is disabling ufw and enabling Eddie's Network Lock , either by adding --netlock option: ExecStart=eddie-cli path=/etc/airvpn/ --batch --netlock or by using a profile where Network Lock has been enabled at Eddie's startup. In Eddie's Preferences > General window check Activate Network Lock at startup. Kind regards Quote Share this post Link to post
superfk7 0 Posted ... 1 hour ago, Staff said: eddie-ui --cli has been replaced by eddie-cli that doesn't need Mono anymore. Please run eddie-cli directly. You can download it by selecting the CLI only package in the Linux download page. Thank you for the reply I have downloaded the ui version and this is what I need to run as a service. Can you tell if these steps are correct to create the service without the need to login with user first? sudo mkdir /etc/airvpn/ sudo mv ~/.config/eddie/default.profile /etc/airvpn sudo /etc/systemd/system/eddie-ui.service [Unit] Description=Eddie UI Requires=network-online.target After=network-online.target [Service] Type=simple ExecStart=/usr/lib/eddie-ui/eddie-ui Restart=always RestartSec=1s TimeoutStopSec=5s [Install] WantedBy=multi-user.target sudo systemctl daemon-reload sudo systemctl enable --now eddie-ui.service sudo systemctl start eddie-ui.service 1 hour ago, Staff said: A different solution to consider (which is potentially better) is disabling ufw and enabling Eddie's Network Lock I have enabled network lock. The proble in my case was that even if I had set the port I granted in the p2p client, trackers showed as not connectable as did the port test and when I added the rule with the specific port in ufw port opened both for trackers and the test. I would like to keep ufw enabled because I manage rules for other services. My question is if it wrong to open airvpn port in software firewall. (I read that it is wrong to open port for airvpn on router). Quote Share this post Link to post
Staff 10111 Posted ... Hello! 13 hours ago, superfk7 said: ExecStart=/usr/lib/eddie-ui/eddie-ui The binary file name is eddie-cli, not eddie-ui. You must invoke eddie-cli with the proper options as specified in the earlier messages. Alternatively you can consider the AirVPN Suite which offers a real daemon (Bluetit) fully manageable via systemctl, signals and the client Goldcrest. Documentation available here. 13 hours ago, superfk7 said: I would like to keep ufw enabled because I manage rules for other services. My question is if it wrong to open airvpn port in software firewall. (I read that it is wrong to open port for airvpn on router). It's correct to allow packets to the proper port of the tun interface (the virtual private network interface) and not of the physical network interface. Network Lock will replace firewall rules (to restore them at the end of the session) so if you need ufw custom rules for the purposes you mention you have to keep Network Lock disabled. Therefore, you may additionally consider ufw rules to prevent traffic leaks outside the VPN tunnel and bind your torrent program to the virtual private network interface, if a bind option is available in your torrent program settings. Kind regards Quote Share this post Link to post