openvpn: initial support for server/client

author: Christian Pointner <equinox@spreadspace.org> 2021-11-16 22:34:30 +0100
committer: Christian Pointner <equinox@spreadspace.org> 2021-11-16 22:34:30 +0100
commit: 65fb49fc5f3e4628353ee2e54c5ced76c5bc40fa (patch)
tree: 94ae7cb1810ccdfd732c2c71036578d226d08166 /roles/network/openvpn/client/templates/conf.j2
parent: openvpn roles - bas scaffolding and certs (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/roles/network/openvpn/client/templates/conf.j2 b/roles/network/openvpn/client/templates/conf.j2
new file mode 100644
index 00000000..f9d8775b
--- /dev/null
+++ b/roles/network/openvpn/client/templates/conf.j2
@@ -0,0 +1,18 @@
+client
+proto udp
+remote {{ openvpn_zone.server_addr }} {{ openvpn_zone.server_port }}
+ping 60
+ping-timer-rem
+
+tls-client
+ca /etc/ssl/openvpn/{{ openvpn_zone.name }}/ca-crt.pem
+cert /etc/ssl/openvpn/{{ openvpn_zone.name }}/client/crt.pem
+key /etc/ssl/openvpn/{{ openvpn_zone.name }}/client/key.pem
+remote-cert-tls server
+cipher AES-256-GCM
+persist-key
+
+dev tun
+persist-tun
+
+pull
author	Christian Pointner <equinox@spreadspace.org>	2021-11-16 22:34:30 +0100
committer	Christian Pointner <equinox@spreadspace.org>	2021-11-16 22:34:30 +0100
commit	65fb49fc5f3e4628353ee2e54c5ced76c5bc40fa (patch)
tree	94ae7cb1810ccdfd732c2c71036578d226d08166 /roles/network/openvpn/client/templates/conf.j2
parent	openvpn roles - bas scaffolding and certs (diff)