diff options
author | Christian Pointner <equinox@spreadspace.org> | 2021-11-16 22:34:30 +0100 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2021-11-16 22:34:30 +0100 |
commit | 65fb49fc5f3e4628353ee2e54c5ced76c5bc40fa (patch) | |
tree | 94ae7cb1810ccdfd732c2c71036578d226d08166 /roles/network/openvpn/client/templates | |
parent | openvpn roles - bas scaffolding and certs (diff) |
openvpn: initial support for server/client
Diffstat (limited to 'roles/network/openvpn/client/templates')
-rw-r--r-- | roles/network/openvpn/client/templates/conf.j2 | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/roles/network/openvpn/client/templates/conf.j2 b/roles/network/openvpn/client/templates/conf.j2 new file mode 100644 index 00000000..f9d8775b --- /dev/null +++ b/roles/network/openvpn/client/templates/conf.j2 @@ -0,0 +1,18 @@ +client +proto udp +remote {{ openvpn_zone.server_addr }} {{ openvpn_zone.server_port }} +ping 60 +ping-timer-rem + +tls-client +ca /etc/ssl/openvpn/{{ openvpn_zone.name }}/ca-crt.pem +cert /etc/ssl/openvpn/{{ openvpn_zone.name }}/client/crt.pem +key /etc/ssl/openvpn/{{ openvpn_zone.name }}/client/key.pem +remote-cert-tls server +cipher AES-256-GCM +persist-key + +dev tun +persist-tun + +pull |