From 9c80c7c2c3e5ce32760142b50b1f3fbe8a0b90cc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lauri=20V=C3=B5sandi?= <lauri.vosandi@gmail.com>
Date: Mon, 30 Jan 2017 16:36:22 +0000
Subject: [PATCH] Add OpenVPN client template

---
 doc/template.ovpn | 47 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)
 create mode 100644 doc/template.ovpn

diff --git a/doc/template.ovpn b/doc/template.ovpn
new file mode 100644
index 0000000..3addd4d
--- /dev/null
+++ b/doc/template.ovpn
@@ -0,0 +1,47 @@
+# Copy this file to /etc/certidude/template.ovpn and customize gateway IP addresses
+
+# Run as client
+client # tls-client; pull
+nobind
+
+# OpenVPN gateway(s), uncomment remote-random to load balance
+comp-lzo
+proto udp
+remote 1.2.3.4
+;remote 1.2.3.5
+;remote-random
+
+# Virtual network interface settings
+dev tun
+persist-tun
+
+# Customize crypto settings
+;tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA384
+;cipher AES-256-CBC
+;auth SHA384
+
+# Check that server presented certificate has TLS Server flag present
+remote-cert-tls server
+
+# X.509 business
+persist-key
+<ca>
+{{ca}}
+</ca>
+<key>
+{{key}}
+</key>
+<cert>
+{{cert}}
+</cert>
+
+# Revocation list
+<crl-verify>
+{{crl}}
+</crl-verify>
+
+# Pre-shared key for extra layer of security
+;<ta>
+;...
+;</ta>
+