Try to add dietpi-boot.service to After=, which contains our own network check and especially the network time sync (that needs to be separated somehow, other topic…), so when not disabling network time sync and/or boot wait for network option, this is a better target to verify that network is up.
Yes network-online.target by default only waits for networking.service which configures only auto entries in /etc/network/interfaces. Since “auto” entries often fail in combination with external network adapters (which require longer to be initialised), we (and most distros) consequently use allow-hotplug entries which are configured as fast as the network adapter is recognised by udev/kernel. But the related ifup@.service is of a type that is “reached” as fast as it just started, hence cannot be used as a target as it just started but did not finish to configure the interface. Debian/ifupdown maintainers have still not come up with a solution that makes the network-online.target become any meaning by default. I attended the DebCon2020 where it was even (shortly) discussed to move to systemd-networkd by default, which would basically be a “give-up” on low-level networking tools. I plan to make ifup@.service Type=oneshot which means that they must have finished (every interface configured) before network-online.target is reached. But this needs to be tested together with the other network-related changed in pipeline. Until then => dietpi-boot.service
it looks better. I removed the existing service and vpnc-config-file and created both new with the example from Joulinar.
After the first start of this service I asked for the status:
root@DietPi:/etc/vpnc# systemctl status vpnc@fb
● vpnc@fb.service - VPNC connection to fb
Loaded: loaded (/lib/systemd/system/vpnc@.service; disabled; vendor preset: enabled)
Active: active (running) since Fri 2020-11-20 09:46:20 CET; 8s ago
Process: 1448 ExecStart=/usr/sbin/vpnc --pid-file=/run/vpnc@fb.pid /etc/vpnc/fb.conf (code=exited, status=0/SUCCESS)
Main PID: 1540 (vpnc)
Tasks: 1 (limit: 1483)
CGroup: /system.slice/system-vpnc.slice/vpnc@fb.service
└─1540 /usr/sbin/vpnc --pid-file=/run/vpnc@fb.pid /etc/vpnc/fb.conf
Nov 20 09:46:05 DietPi systemd[1]: Starting VPNC connection to fb...
Nov 20 09:46:20 DietPi systemd[1]: Started VPNC connection to fb.
Nov 20 09:46:20 DietPi vpnc[1540]: HMAC mismatch in ESP mode
Nov 20 09:46:20 DietPi vpnc[1540]: HMAC mismatch in ESP mode
root@DietPi:/etc/vpnc# ping heise.de
PING heise.de(redirector.heise.de (2a02:2e0:3fe:1001:302::)) 56 data bytes
64 bytes from redirector.heise.de (2a02:2e0:3fe:1001:302::): icmp_seq=1 ttl=53 time=17.5 ms
root@DietPi:/# journalctl -u fritzbox.service
-- Logs begin at Thu 2019-02-14 11:11:58 CET, end at Fri 2020-11-20 09:51:45 CET. --
Nov 20 09:20:29 DietPi systemd[1]: Starting fritzbox.service...
Nov 20 09:20:45 DietPi vpnc[978]: terminated by signal: 15
Nov 20 09:20:45 DietPi systemd[1]: fritzbox.service: Succeeded.
Nov 20 09:20:45 DietPi systemd[1]: Started fritzbox.service.
Terminated because I stopped the service for testing.
The last two lines are red, but I could also ping a computer in the remote network and I have access to a file share. After stop and start the service again both red lines are gone. Looks good.
Next I will add the proposal from MichaIng with the dietpi-boot.service and reboot the RPi3.
Edit: Directly after the reboot the service wasn’t running, but I could start manually:
root@DietPi:~# systemctl status vpnc@fb.service
● vpnc@fb.service - VPNC connection to fb
Loaded: loaded (/lib/systemd/system/vpnc@.service; disabled; vendor preset: enabled)
Active: inactive (dead)
root@DietPi:~# systemctl start vpnc@fb
root@DietPi:~# systemctl status vpnc@fb.service
● vpnc@fb.service - VPNC connection to fb
Loaded: loaded (/lib/systemd/system/vpnc@.service; disabled; vendor preset: enabled)
Active: active (running) since Fri 2020-11-20 10:00:12 CET; 2s ago
Process: 1044 ExecStart=/usr/sbin/vpnc --pid-file=/run/vpnc@fb.pid /etc/vpnc/fb.conf (code=exited, status=0/SUCCESS)
Main PID: 1137 (vpnc)
Tasks: 1 (limit: 1483)
CGroup: /system.slice/system-vpnc.slice/vpnc@fb.service
└─1137 /usr/sbin/vpnc --pid-file=/run/vpnc@fb.pid /etc/vpnc/fb.conf
Nov 20 09:59:57 DietPi systemd[1]: Starting VPNC connection to fb...
Nov 20 10:00:12 DietPi systemd[1]: Started VPNC connection to fb.