27 lines
500 B
Plaintext
27 lines
500 B
Plaintext
|
user nobody
|
||
|
group nogroup
|
||
|
|
||
|
local {{ ansible_default_ipv4.address }}
|
||
|
port 1194
|
||
|
proto udp
|
||
|
dev tun
|
||
|
mode server
|
||
|
keepalive 10 120
|
||
|
|
||
|
cipher AES-128-CBC # AES
|
||
|
#comp-lzo
|
||
|
# compress (à partir d'OpenVPN 2.4)
|
||
|
|
||
|
persist-key
|
||
|
persist-tun
|
||
|
|
||
|
status /var/log/openvpn-status.log
|
||
|
log-append /var/log/openvpn.log
|
||
|
|
||
|
ca /etc/shellpki/cacert.pem
|
||
|
cert /etc/shellpki/certs/{{ ansible_fqdn }}.crt
|
||
|
key /etc/shellpki/private/{{ ansible_fqdn }}.key
|
||
|
dh /etc/shellpki/dh2048.pem
|
||
|
|
||
|
server {{ openvpn_lan }} {{ openvpn_netmask }}
|