Remove unnecessary cipher configuration on Fedora

[randshell]

Based on the fact that OpenVPN 2.5 removes the BF-CBC cipher from the default configuration, I expected Fedora to update its ciphers line in the RC3 of the package too which they didn't.

Upon investigation on why Fedora hard-codes the ciphers in the service file, I found out that

If an already configured OpenVPN v2.4 based server configuration deploys --cipher and/or --ncp-ciphers, the options in the configuration file will override command line options set before --config. This should not break any existing configuration.

This means that the values of cipher and ncp-ciphers we already specify in our server config will overwrite the command line options from the service file, making the sed command unnecessary.

Source: https://fedoraproject.org/wiki/Changes/New_default_cipher_in_OpenVPN

[TinCanTech]

Using /etc/systemd/system is meant for customised unit files.
You can put what-ever you chose into these unit files.

[randshell]

I don't understand your context. We already customize the service file in that path but in particular using sed to change the ciphers in the service unit is unnecessary because they are overwritten by server.conf anyway.

[TinCanTech]

After looking closer I see:

openvpn-install/openvpn-install.sh

Line 913 in 8db952d

# Don't modify package-provided service

I had presumed you were writing your own unit file from scratch. My mistake.