diff --git a/doc/template.ovpn b/doc/template.ovpn
new file mode 100644
index 0000000..3addd4d
--- /dev/null
+++ b/doc/template.ovpn
@@ -0,0 +1,47 @@
+# Copy this file to /etc/certidude/template.ovpn and customize gateway IP addresses
+
+# Run as client
+client # tls-client; pull
+nobind
+
+# OpenVPN gateway(s), uncomment remote-random to load balance
+comp-lzo
+proto udp
+remote 1.2.3.4
+;remote 1.2.3.5
+;remote-random
+
+# Virtual network interface settings
+dev tun
+persist-tun
+
+# Customize crypto settings
+;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA384
+;cipher AES-256-CBC
+;auth SHA384
+
+# Check that server presented certificate has TLS Server flag present
+remote-cert-tls server
+
+# X.509 business
+persist-key
+<ca>
+{{ca}}
+</ca>
+<key>
+{{key}}
+</key>
+<cert>
+{{cert}}
+</cert>
+
+# Revocation list
+<crl-verify>
+{{crl}}
+</crl-verify>
+
+# Pre-shared key for extra layer of security
+;<ta>
+;...
+;</ta>
+