24 lines
995 B
Plaintext
24 lines
995 B
Plaintext
[connection]
|
|
certidude managed = true
|
|
id = {{ session.service.title }}
|
|
uuid = {{ uuid }}
|
|
type = {{ vpn }}
|
|
|
|
[vpn]
|
|
service-type = org.freedesktop.NetworkManager.strongswan
|
|
encap = no
|
|
virtual = yes
|
|
method = key
|
|
ipcomp = no
|
|
address = {{ session.service.routers[0] }}
|
|
userkey = {% if key_path %}{{ key_path }}{% else %}/etc/certidude/authority/{{ session.authority.hostname }}/host_key.pem{% endif %}
|
|
usercert = {% if certificate_path %}{{ certificate_path }}{% else %}/etc/certidude/authority/{{ session.authority.hostname }}/host_cert.pem{% endif %}
|
|
certificate = {% if authority_path %}{{ authority_path }}{% else %}/etc/certidude/authority/{{ session.authority.hostname }}/ca_cert.pem{% endif %}
|
|
ike = aes256-sha384-prfsha384-{% if session.authority.certificate.algorithm == "ec" %}ecp384{% else %}modp2048{% endif %}
|
|
esp = aes128gcm16-aes128gmac-{% if session.authority.certificate.algorithm == "ec" %}ecp384{% else %}modp2048{% endif %}
|
|
proposal = yes
|
|
|
|
[ipv4]
|
|
method = auto
|
|
;route1 = 0.0.0.0/0
|