OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: andreab on December 11, 2018, 04:52:43 am

Title: Opnsense local config files backup
Post by: andreab on December 11, 2018, 04:52:43 am

Background story
I'm half way through setting up an OpenVPN multi site setup.
Site1 is running the OpenVPN server (on OPNsense), while site2 and site3 are running some linux/openVPN clients.

The key to make this setup to work, is to add the openVPN "iroute" config for each client (site2 & site3), so that the openVPN server knows the subnets those clients/sites are providing.

OpenVPN settings
This setting is added in a client specific config file (defined by client-config-dir) which, in a normal linux environment, is normally somewhere like "/etc/openvpn/ccd/".
It took me a little while to find where OPNsense stores this (maybe just because I'm not used to freeBSD), and I found it to be in "/var/etc/openvpn-csc/3/" for some reason.
The number "3" is because this is the third openVPN I setup.

The config files for site2 would be "/var/etc/openvpn-csc/3/site2":

and for site3 would be /var/etc/openvpn-csc/3/site3:

I noticed that these configs/files do not get backed up by the standard OPNsense backup utility.

I've also noticed that when I cloned the VPN (as I changed listening port for some reason), these client specific config files were left behind.

Can someone please suggest the best practice here for either:
- including these client specific settings in the OPNsense web UI, so that they get backed up automatically with everything else;
- suggest a way to make sure these files/directories are backed up with the rest of the configs in some other ways.

Any advice would be much appreciated.


PS: of course I understand I could rsync the configs/directory at the same time I take the OPNsense backup, but I'm looking for the best practice/OPNsense way