OpenVPN setup seems broken in DietPi 6

So I just performed a clean install of DietPi 6 since it wouldn’t let me upgrade from 159.
Currently trying to set up OpenVPN using dietpi-software, but the install script looks broken.

It gets as far as generating the key, then:
https://imgur.com/7DIeekJ

It’s complaining about a bunch of missing files.
First it’s trying to read /etc/openvpn/easy-rsa/openssl.cnf which doesn’t exist. There are a bunch of openssl- with a version number after, like openssl-1.0.0.cnf, but no “openssl.cnf”.

Then it’s not finding the .crt and .key files, probably because openssl.cnf doesn’t exist.

The end result is that the DietPi_OpenVPN_Client.ovpn file doesn’t contain any key or cert information.

I think I was able to fix it by having a second terminal open, and being ready to enter “ln -s openssl-1.0.0.cnf openssl.cnf” just as the folders were being created by DietPi, but this is hardly ideal…

Hey there, I am having this same issue. Hopefully someone with more knowledge chimes in. Thanks to your tips I was able to get past the error message, by typing the ls -s command in a seperate ssh window, while openvpn was creating its DH keys. That worked.

There are still some other issues with the install though because I remember the openvpn installer in previous versions of diet pi asking more questions during the install, and as it works presently with this workaround, I can’t route into my home networks 192.168/ network.

I can get my phone to vpn and authenticate correctly, but fails when I try to route into my home network, phone can ping the 10.8.0.1 interface, phone can even ping the 192.168.1.92 (my raspberry pi’s LAN IP), but cannot get to other 192.168/ resources.

I remember being floored at how easy it was to get openvpn working on the previous version of dietpi, now im struggling, any ideas anyone?


edit: I got it working, openvpn documentation states the following is needed:

  1. add this to server.conf: push “route 192.168.0.0 255.255.255.0”
  2. Next, you must set up a route on the server-side LAN gateway to route the VPN client subnet (10.8.0.0/24) to the OpenVPN server (this is only necessary if the OpenVPN server and the LAN gateway are different machines)."

#1 was probably done automatically in the previous dietpi openvpn installer, not sure, but #2 I for sure did NOT have to do previously. I did not think my dinky little ISP router was capable of adding a separate network, but I poked around and actually did find the option for adding a separate network to route to. So I added the 10.8.0.0 255.255.255.0 network, pointed it to the dietpi LAN IP, and it worked.

How this worked in previous versions, I have no clue, but this helped me get it working in dietpi v6.

ditto…oh good…glad it wasn’t just me that was having trouble with this…I was going to wipe and do a full restart

running the script from pivpn fails too
http://www.pivpn.io/

Looks like this is fixed in the 6.2 update, but not sure when that will be released, tried an update today and looks like only 6.1 is released to public.

https://github.com/Fourdee/DietPi/blob/testing/CHANGELOG.txt

If you really want to test it out or need OpenVPN :

FIRST make a backup with dietpi-backup to a ext4 formatted USB thumb drive

:~# nano /DietPi/dietpi.txt

and chance last line to:

#------------------------------------------------------------------------------------------------------

D I E T - P I

Dev settings

#------------------------------------------------------------------------------------------------------
DEV_GITBRANCH=testing
DEV_GITOWNER=Fourdee

  • save the changed file and
:~# dietpi-update

After reboot, change it back to

#------------------------------------------------------------------------------------------------------

D I E T - P I

Dev settings

#------------------------------------------------------------------------------------------------------
DEV_GITBRANCH=master
DEV_GITOWNER=Fourdee

ah-ha! Thank you k-plan, I donated $20 USD to the cause a few days ago for your help. Also, in case anyone else comes across this, PiVPN is the much easier install, still openvpn based. That is why I was so confused about all the openvpn install options being there that I did not remember, is because I used PiVPN last time.

Either way this helped me figure it out, thanks!