FYI, I upgraded everything everywhere to use it, before 2.1 went final. Couldn't help myself, the package works nice. Status page gets brain dead after it runs for a while, but that seems to be due to log file truncation than any error in the php. You can restart and it looks all pretty, but really, it's usually fine despite what the sometimes blank status page may lead you to believe.
When looking at the tincd man page, looks like if you send a HUP, it will rehash the configuration (and connect/disconnect depending on changes in hosts) and it restart the log file. I tried it locally with no luck, maybe because tincd is not actually called with --logfile=/var/log/tinc.log? More investigation is needed there.
ALRM Forces tincd to try to connect to all uplinks immediately. Usually tincd attempts to do this itself, but increases
the time it waits between the attempts each time it failed, and if tincd didn't succeed to connect to an uplink the
first time after it started, it defaults to the maximum time of 15 minutes.
HUP Partially rereads configuration files. Connections to hosts whose host config file are removed are closed. New
outgoing connections specified in tinc.conf will be made. If the --logfile option is used, this will also close
and reopen the log file, useful when log rotation is used.
The hardest part about the install for most will be generating the tinc key. I think if we could finagle a way to have a 'generate keypair' button on the configuration page (suppose we could lift template from OpenVPN or other page), it would make life easier for new installs. (After that you just copy the keys form one web gui to another, so simple!)
There are a few tweaks the package needs, as the reinstall/upgrade issues are definitely annoying. It would be nice to fix it so the status showed the status every time, and a generate keypair option would go a long way to making this package quite feature complete.
If you like the idea of a simple, mesh VPN for linking multiple networks together, this is about as easy as it gets. So far I've been very happy with it, and other than to view real status, I haven't had to hardly touch it once setup. (One deployment was 4 subnets, another is 5 with more planned)
If we are able to touch up a few things in the package, I don't see why this couldn't make its way into the standard release. Perhaps tinc just needs to become more popular first. Maybe a small tinc install walk through somewhere on the wiki would help that too.
Anyone else care to comment on how they like tinc so far?