Adrien Reslinger
af5e137db3
Some checks reported errors
continuous-integration/drone/push Build encountered an error
64 lines
1.4 KiB
Django/Jinja
64 lines
1.4 KiB
Django/Jinja
port {{ item.port }}
|
|
{% if item.proto == "udp" %}
|
|
proto {{ item.proto }}
|
|
fast-io
|
|
sndbuf 512000
|
|
rcvbuf 512000
|
|
push "sndbuf 512000"
|
|
push "rcvbuf 512000"
|
|
{% elif item.proto == "tcp" %}
|
|
proto tcp-server
|
|
{% endif %}
|
|
dev tap
|
|
ca ca.crt
|
|
cert server.crt
|
|
key server.key
|
|
dh dh2048.pem
|
|
mode server
|
|
tls-server
|
|
#user nobody
|
|
#group nobody
|
|
push "route-gateway {{ item.ip_server }}"
|
|
push "redirect-gateway def1"
|
|
#push "redirect-gateway def1 bypass-dhcp"
|
|
{% if item.dns is defined %}
|
|
push "dhcp-option DNS {{ item.dns }}"
|
|
{% endif %}
|
|
{% if item.domains is defined %}
|
|
{% for vpndomain in item.domains %}
|
|
push "dhcp-option DOMAIN {{ vpndomain }}"
|
|
{% endfor %}
|
|
{% endif %}
|
|
{% if item.routes is defined %}
|
|
{% for vpnroute in item.routes %}
|
|
push "route {{ vpnroute }}"
|
|
{% endfor %}
|
|
#push "route 0.0.0.0 128.0.0.0"
|
|
#push "route 128.0.0.0 128.0.0.0"
|
|
{% endif %}
|
|
client-to-client
|
|
keepalive 10 60
|
|
tls-auth ta.key 0
|
|
cipher AES-256-CBC
|
|
compress lz4-v2
|
|
push "compress lz4-v2"
|
|
#comp-lzo
|
|
persist-key
|
|
persist-tun
|
|
{% if item.dhcp_range is defined %}
|
|
server-bridge {{ item.ip_server }} {{ item.netmask }} {{ item.dhcp_range}}
|
|
{% endif %}
|
|
status openvpn-status.log
|
|
#log-append openvpn.log
|
|
script-security 2
|
|
up /etc/openvpn/server/vpn-up.sh
|
|
down /etc/openvpn/server/vpn-down.sh
|
|
|
|
#cd /etc/openvpn/
|
|
#secret key
|
|
#ping-timer-rem
|
|
#replay-persist antireplay-{{ openvpn_vpn_name }}
|
|
verb 3
|
|
#route 172.16.0.0 255.255.255.0 172.16.255.2
|
|
#route 172.16.2.0 255.255.255.0 172.16.255.3
|
|
#ifconfig 172.16.100.10 255.255.255.0
|