ansible-roles/openvpn/templates/openvpn.conf.j2

mode {{ openvpn_mode }}
dev {{ openvpn_dev }}

server {{ openvpn_server_net }}
ifconfig-pool-persist ipp/ipp.txt
{% for route in openvpn_push_routes %}
push "route {{ route }}"
{% endfor %}

port {{ openvpn_port }}
proto {{ openvpn_protocol }}

{% if openvpn_tls_server %}
tls-server
{% endif %}

dh {{ openvpn_dh }}
ca {{ openvpn_ca }}
cert {{ openvpn_cert }}
key {{ openvpn_key }}
tls-auth {{ openvpn_tls_auth }}

{% if openvpn_compression_enabled %}
comp-lzo
{% endif %}

keepalive {{ openvpn_keepalive }}

{% if not openvpn_cert_auth_enabled %}
# Disable cert-auth
client-cert-not-required
{% endif %}

{% if openvpn_username_pam_auth %}
username-as-common-name
# PAM login
plugin /etc/openvpn/openvpn-plugin-auth-pam.so login
{% endif %}

max-clients {{ openvpn_max_clients }}

persist-tun
persist-key

status status/openvpn-status.log

{% if openvpn_run_unprivileged %}
user {{ openvpn_unprivileged_user }}
group {{ openvpn_unprivileged_group }}
{% endif %}

verb {{ openvpn_verbosity_log }}
mute {{ openvpn_mute_after }}
library/roles/openvpn: Installs and configure a openvpn service. 2016-06-11 16:57:29 +02:00			`mode {{ openvpn_mode }}`
			`dev {{ openvpn_dev }}`

			`server {{ openvpn_server_net }}`
			`ifconfig-pool-persist ipp/ipp.txt`
			`{% for route in openvpn_push_routes %}`
			`push "route {{ route }}"`
			`{% endfor %}`

			`port {{ openvpn_port }}`
			`proto {{ openvpn_protocol }}`

			`{% if openvpn_tls_server %}`
			`tls-server`
			`{% endif %}`

			`dh {{ openvpn_dh }}`
			`ca {{ openvpn_ca }}`
			`cert {{ openvpn_cert }}`
			`key {{ openvpn_key }}`
			`tls-auth {{ openvpn_tls_auth }}`

			`{% if openvpn_compression_enabled %}`
			`comp-lzo`
			`{% endif %}`

			`keepalive {{ openvpn_keepalive }}`

			`{% if not openvpn_cert_auth_enabled %}`
			`# Disable cert-auth`
			`client-cert-not-required`
			`{% endif %}`

			`{% if openvpn_username_pam_auth %}`
			`username-as-common-name`
			`# PAM login`
			`plugin /etc/openvpn/openvpn-plugin-auth-pam.so login`
			`{% endif %}`

			`max-clients {{ openvpn_max_clients }}`

			`persist-tun`
			`persist-key`

			`status status/openvpn-status.log`

			`{% if openvpn_run_unprivileged %}`
			`user {{ openvpn_unprivileged_user }}`
			`group {{ openvpn_unprivileged_group }}`
			`{% endif %}`

			`verb {{ openvpn_verbosity_log }}`
			`mute {{ openvpn_mute_after }}`