63 lines
1.1 KiB
Plaintext
63 lines
1.1 KiB
Plaintext
|
<ca>
|
||
|
{{ ca }}
|
||
|
</ca>
|
||
|
<cert>
|
||
|
{{ cert }}
|
||
|
</cert>
|
||
|
<key>
|
||
|
{{ key }}
|
||
|
</key>
|
||
|
<dh>
|
||
|
{{ dh }}
|
||
|
</dh>
|
||
|
|
||
|
proto udp6
|
||
|
port 1194
|
||
|
dev tun
|
||
|
|
||
|
client-config-dir /etc/openvpn/ccd
|
||
|
client-to-client
|
||
|
topology subnet
|
||
|
|
||
|
user root
|
||
|
group root
|
||
|
|
||
|
duplicate-cn
|
||
|
username-as-common-name
|
||
|
|
||
|
keepalive 5 30
|
||
|
|
||
|
compress lzo
|
||
|
fast-io
|
||
|
|
||
|
persist-key
|
||
|
persist-tun
|
||
|
|
||
|
server {{ tunnel.ip }} {{ tunnel.netmask }}
|
||
|
|
||
|
{%- for route in routes %}
|
||
|
{%- if not route.push %}
|
||
|
route {{ route.ip }} {{ route.netmask }} {{ route.hop }}
|
||
|
{%- endif %}
|
||
|
{% endfor -%}
|
||
|
|
||
|
{% for route in routes -%}
|
||
|
push "route {{ route.ip }} {{ route.netmask }} {{ route.hop }}"
|
||
|
{% endfor -%}
|
||
|
push "dhcp-option DNS {{ dns|join(" ") }}"
|
||
|
|
||
|
# IPv6
|
||
|
#server-ipv6 2a01:e0a:97:8311::/64
|
||
|
#tun-ipv6
|
||
|
#push tun-ipv6
|
||
|
#ifconfig-ipv6 2a01:e0a:97:8311::1 2a01:e0a:97:8311::2
|
||
|
#ifconfig-ipv6-pool 2a01:e0a:97:8311::101/64
|
||
|
#push "route-ipv6 2a01:e0a:97:8311::/64"
|
||
|
#push "route-ipv6 ::/0"
|
||
|
#push "redirect-gateway-ipv6 def1"
|
||
|
|
||
|
{% if config.auth == "pam" %}
|
||
|
plugin /usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-plugin-auth-pam.so /etc/pam.d/login
|
||
|
{% endif %}
|
||
|
status {{ config.status|default("/var/log/openvpn/vpn.status") }}
|