forked from evolix/ansible-roles
30 lines
629 B
Django/Jinja
30 lines
629 B
Django/Jinja
user nobody
|
|
group nogroup
|
|
|
|
local {{ ansible_default_ipv4.address }}
|
|
port 1194
|
|
proto udp
|
|
dev tun
|
|
mode server
|
|
keepalive 10 120
|
|
|
|
cipher AES-128-CBC # AES
|
|
#comp-lzo
|
|
# compress (à partir d'OpenVPN 2.4)
|
|
|
|
persist-key
|
|
persist-tun
|
|
|
|
status /var/log/openvpn/openvpn-status.log
|
|
log-append /var/log/openvpn/openvpn.log
|
|
|
|
ca /etc/shellpki/cacert.pem
|
|
cert /etc/shellpki/certs/{{ ansible_fqdn }}.crt
|
|
key /etc/shellpki/private/{{ ansible_fqdn }}.key
|
|
dh /etc/shellpki/dh2048.pem
|
|
|
|
server {{ openvpn_lan }} {{ openvpn_netmask }}
|
|
|
|
# Management interface (used by check_openvpn for Nagios)
|
|
management 127.0.0.1 1195 /etc/openvpn/management-pwd
|