nixos/tests/initrd-network-openvpn: fix

- The default cipher is BF-CBC, which openvpn refuses to use by default.
  Switched to AES-256-CBC.
- openvpn does not require an external "ip" executable anymore, and does
  not support the "ipconfig" option by default, so remove that option.

1 files changed, 1 insertions, 4 deletions

diff --git a/nixos/modules/system/boot/initrd-openvpn.nix b/nixos/modules/system/boot/initrd-openvpn.nix
index b41e7524320e2..cbc61d55d6bb3 100644
--- a/nixos/modules/system/boot/initrd-openvpn.nix
+++ b/nixos/modules/system/boot/initrd-openvpn.nix
@@ -68,11 +68,8 @@ in
       $out/bin/openvpn --show-gateway
     '';
 
-    # Add `iproute /bin/ip` to the config, to ensure that openvpn
-    # is able to set the routes
     boot.initrd.network.postCommands = ''
-      (cat /etc/initrd.ovpn; echo -e '\niproute /bin/ip') | \
-        openvpn /dev/stdin &
+      openvpn /etc/initrd.ovpn &
     '';
   };