From 5d15f8944d71f74b6ebdb94046c302fbf55a6c92 Mon Sep 17 00:00:00 2001
From: Timothy Guan-tin Chien <timdream@gmail.com>
Date: Sun, 22 Dec 2019 19:20:09 -0800
Subject: [PATCH] Put ipp.txt and status.log in /var/run and /var/log
 respectively

In my use case, I wish to place `/etc/openvpn` in a read-only filesystem
so I can prevent corruption from unexpected power cycle.

`/var/run` and `/var/log` should be pretty standard on Linux systems,
though I didn't verify it beyond Debian-based OSes.
---
 openvpn-install.sh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/openvpn-install.sh b/openvpn-install.sh
index 6adaf40..1dc2c12 100644
--- a/openvpn-install.sh
+++ b/openvpn-install.sh
@@ -337,7 +337,7 @@ auth SHA512
 tls-crypt tc.key
 topology subnet
 server 10.8.0.0 255.255.255.0
-ifconfig-pool-persist ipp.txt" > /etc/openvpn/server/server.conf
+ifconfig-pool-persist /var/run/openvpn/ipp.txt" > /etc/openvpn/server/server.conf
 	echo 'push "redirect-gateway def1 bypass-dhcp"' >> /etc/openvpn/server/server.conf
 	# DNS
 	case "$dns" in
@@ -377,7 +377,7 @@ user nobody
 group $group_name
 persist-key
 persist-tun
-status openvpn-status.log
+status /var/log/openvpn-status.log
 verb 3
 crl-verify crl.pem" >> /etc/openvpn/server/server.conf
 	if [[ "$protocol" = "udp" ]]; then