59 lines
1.1 KiB
Text
59 lines
1.1 KiB
Text
|
# Listen on specific IP address (optional, default: all)
|
||
|
|
# local 192.168.1.8
|
||
|
|
|
||
|
|
# Protocol & port
|
||
|
|
proto udp
|
||
|
|
port 1188
|
||
|
|
|
||
|
|
# Interface
|
||
|
|
dev vpn-ha
|
||
|
|
dev-type tap
|
||
|
|
|
||
|
|
# MTU
|
||
|
|
tun-mtu 1500
|
||
|
|
|
||
|
|
# Secret shared key (generated on first client start)
|
||
|
|
# Note: to manually generate it, run:
|
||
|
|
# openvpn --genkey secret /etc/openvpn/homeassistant.key
|
||
|
|
# cp /config/openvpn/homeassistant.key /etc/openvpn/homeassistant.key
|
||
|
|
# chmod 400 /config/openvpn/homeassistant.key /etc/openvpn/homeassistant.key
|
||
|
|
secret /etc/openvpn/homeassistant.key
|
||
|
|
cipher AES-256-CBC
|
||
|
|
|
||
|
|
# Keepalive
|
||
|
|
ping 30
|
||
|
|
|
||
|
|
# Allow remote address changed
|
||
|
|
float
|
||
|
|
|
||
|
|
# IP address inside VPN
|
||
|
|
ifconfig 172.16.88.1 255.255.255.0
|
||
|
|
route-gateway 172.16.88.2
|
||
|
|
|
||
|
|
# Optional routes recheable througt the remote host
|
||
|
|
# route 192.168.9.0 255.255.255.0
|
||
|
|
|
||
|
|
# Run openvpn using this specified user & group
|
||
|
|
user nobody
|
||
|
|
group nogroup
|
||
|
|
|
||
|
|
persist-key
|
||
|
|
persist-tun
|
||
|
|
|
||
|
|
## Logging
|
||
|
|
|
||
|
|
# Log level (0-9)
|
||
|
|
verb 3
|
||
|
|
|
||
|
|
# Max repeat count for logged messages
|
||
|
|
mute 10
|
||
|
|
|
||
|
|
# Daemon log
|
||
|
|
log /var/log/openvpn/homeassistant.log
|
||
|
|
|
||
|
|
# Daemon status file
|
||
|
|
status /var/log/openvpn/homeassistant.status
|
||
|
|
|
||
|
|
# Managing interface
|
||
|
|
# management 127.0.0.1 7588
|