summaryrefslogtreecommitdiff
path: root/public/fs/etc
diff options
context:
space:
mode:
authorroot@culturestrings <root@culturestrings>2020-05-18 06:50:11 +0000
committerroot@culturestrings <root@culturestrings>2020-05-18 06:50:11 +0000
commit76b152deff53ab2cea86192202695c4130931ef3 (patch)
tree05ad843a7dee663bb9aecb099e82af269024d0ac /public/fs/etc
parent30ef8034920254053b470d048e86690d56c50521 (diff)
downloadculturestrings-76b152deff53ab2cea86192202695c4130931ef3.tar.bz2
culturestrings-76b152deff53ab2cea86192202695c4130931ef3.tar.xz
openvpn: added current configuration (ipv4/ipv6).
Diffstat (limited to 'public/fs/etc')
-rwxr-xr-xpublic/fs/etc/openvpn/culturestrings-conf.sh7
-rw-r--r--public/fs/etc/openvpn/culturestrings.conf.in40
2 files changed, 47 insertions, 0 deletions
diff --git a/public/fs/etc/openvpn/culturestrings-conf.sh b/public/fs/etc/openvpn/culturestrings-conf.sh
new file mode 100755
index 0000000..71b887b
--- /dev/null
+++ b/public/fs/etc/openvpn/culturestrings-conf.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -eu
+
+source /root/config/private/fs/etc/server.ports
+
+sed -e 's/@vpn_port@/'${vpn_port}'/g' "$1"
diff --git a/public/fs/etc/openvpn/culturestrings.conf.in b/public/fs/etc/openvpn/culturestrings.conf.in
new file mode 100644
index 0000000..9598f5d
--- /dev/null
+++ b/public/fs/etc/openvpn/culturestrings.conf.in
@@ -0,0 +1,40 @@
+port @vpn_port@
+proto udp
+
+dev tun0
+topology subnet
+
+cipher AES-256-CBC
+
+ca /etc/easy-rsa/pki/ca.crt
+cert /etc/easy-rsa/pki/issued/culturestrings.crt
+
+askpass /home/webroot/openvpn/culturestrings.pass
+key /etc/easy-rsa/pki/private/culturestrings.key
+dh /etc/easy-rsa/pki/dh.pem
+
+status /var/log/openvpn/openvpn-status.log
+log-append /var/log/openvpn/openvpn.log
+
+server 10.8.0.0 255.255.255.0
+server-ipv6 2a01:4f9:2b:20f0:8000::/65
+
+push "route-ipv6 2000::/3"
+push "route-ipv6 2a01:4f9:2b:20f0::/64"
+
+push "block-outside-dns"
+push "redirect-gateway def1"
+push "route 192.168.0.0 255.255.255.0"
+push "dhcp-option DNS 10.8.0.1"
+
+duplicate-cn
+client-to-client
+
+daemon
+auth-nocache
+
+persist-key
+persist-tun
+
+verb 3
+keepalive 20 60