52 lines
635 B
Plaintext
52 lines
635 B
Plaintext
{%- set conf = pillar['openvpn'][name] %}
|
|
client
|
|
dev {{ name }}
|
|
dev-type tun
|
|
tun-ipv6
|
|
proto udp
|
|
|
|
remote {{ conf['server'] }}
|
|
resolv-retry infinite
|
|
nobind
|
|
|
|
user nobody
|
|
group nogroup
|
|
persist-key
|
|
persist-tun
|
|
|
|
log /var/log/openvpn-{{ name }}.log
|
|
|
|
#ifconfig-noexec
|
|
route 0.0.0.0 0.0.0.0
|
|
#route-nopull
|
|
#up /etc/openvpn/ipredator-up.sh
|
|
script-security 2
|
|
|
|
auth-user-pass /etc/openvpn/{{ name }}.auth
|
|
auth-retry nointeract
|
|
|
|
ca [inline]
|
|
|
|
tls-client
|
|
tls-auth [inline]
|
|
ns-cert-type server
|
|
|
|
keepalive 10 30
|
|
cipher AES-256-CBC
|
|
persist-key
|
|
persist-tun
|
|
comp-lzo
|
|
|
|
|
|
passtos
|
|
verb 0
|
|
|
|
|
|
<ca>
|
|
{{ conf['ca'] }}
|
|
</ca>
|
|
|
|
<tls-auth>
|
|
{{ conf['key'] }}
|
|
</tls-auth>
|