32 lines
753 B
Plaintext
32 lines
753 B
Plaintext
client
|
|
nobind
|
|
remote {{ authority.namespace }} 1194 udp
|
|
remote {{ authority.namespace }} 443 tcp
|
|
proto udp
|
|
port 1194
|
|
tls-version-min {{ authority.openvpn.tls_version_min }}
|
|
tls-cipher {{ authority.openvpn.tls_cipher }}
|
|
cipher {{ authority.openvpn.cipher }}
|
|
auth {{authority.openvpn.auth }}
|
|
mute-replay-warnings
|
|
reneg-sec 0
|
|
remote-cert-tls server
|
|
dev tun
|
|
persist-tun
|
|
persist-key
|
|
{% if ca %}
|
|
<ca>
|
|
{{ ca }}
|
|
</ca>
|
|
{% else %}ca /etc/certidude/authority/{{ authority.namespace }}/ca_cert.pem{% endif %}
|
|
{% if key %}
|
|
<key>
|
|
{{ key }}
|
|
</key>
|
|
{% else %}key /etc/certidude/authority/{{ authority.namespace }}/host_key.pem{% endif %}
|
|
{% if cert %}
|
|
<cert>
|
|
{{ cert }}
|
|
</cert>
|
|
{% else %}cert /etc/certidude/authority/{{ authority.namespace }}/host_cert.pem{% endif %}
|