Do you need to redeploy after modifying the configuration? Currently, testing has shown that adding a new route requires redeployment, which renders the previous client files unusable. How can this be resolved?

Question

Do you need to redeploy after modifying the configuration? Currently, testing has shown that adding a new route requires redeployment, which renders the previous client files unusable. How can this be resolved?

fency12 opened this issue 2 years ago · 2 comments

Do you need to redeploy after modifying the configuration? Currently, testing has shown that adding a new route requires redeployment, which renders the previous client files unusable. How can this be resolved?
修改一下配置就需要重新部署是吗？目前测试是这样的，比如新加一条路由就需要重新部署一下，导致原来的客户端文件，无法使用，请问这个该怎么解决？

Answer 1 · 2023-03-24T17:08:20.000Z

Yes, you need to restart the container in the same way that you'd need to restart the OpenVPN service when not using a container.
The client files don't become unusable unless you're regenerating the certificates. Perhaps you haven't mounted /etc/openvpn as a volume (https://github.com/wheelybird/openvpn-server-ldap-otp#data-persistence)?

Answer 2 · 2023-03-27T06:49:32.000Z

Thanks, because I forgot to add the parameter "--detach = true", the certificate cannot be used after restart. Just add it, thanks.
To ensure that the certificate can continue to be used after deleting the vpn and then redeploying it, you need to add the --detach = true parameter in addition to the volume mount.

想要保证删除vpn后再重新部署证书能继续使用，除了卷挂载外还需要加上 --detach = true 这个参数。