blob: b00d7ec7b570e64a734771bb5074a4a4e8c48a20 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
mode server
proto udp
lport {{ openvpn_zone.server_port }}
ping 60
ping-timer-rem
tls-server
ca /etc/ssl/openvpn/{{ openvpn_zone.name }}/ca-crt.pem
dh /etc/ssl/openvpn/{{ openvpn_zone.name }}/dhparams.pem
cert /etc/ssl/openvpn/{{ openvpn_zone.name }}/server/crt.pem
key /etc/ssl/openvpn/{{ openvpn_zone.name }}/server/key.pem
verify-client-cert require
remote-cert-tls client
cipher AES-256-GCM
persist-key
dev tun
persist-tun
topology subnet
ifconfig {{ openvpn_zone.subnet | ipaddr(openvpn_zone.offsets[inventory_hostname]) | ipaddr('address') }} {{ openvpn_zone.subnet | ipaddr('netmask') }}
push "topology subnet"
client-config-dir {{ openvpn_zone.name }}-ccd/
ccd-exclusive
|
