ha-remote-vpn/srv/openvpn/server.conf

# Listen on specific IP address (optional, default: all)
# local 192.168.1.8

# Protocol & port
proto udp
port 1188

# Interface
dev vpn-ha
dev-type tap

# MTU
tun-mtu 1500

# Secret shared key (generated on first client start)
# Note: to manually generate it, run:
#  openvpn --genkey secret /srv/openvpn/secret.key
#  cp /srv/openvpn/secret.key /etc/openvpn/secret.key
#  chmod 400 /srv/openvpn/secret.key /etc/openvpn/secret.key
secret secret.key

# Keepalive
ping 30

# Allow remote address changed
float

# IP address inside VPN
ifconfig 172.16.88.1 255.255.255.0
route-gateway 172.16.88.2

# Optional routes recheable througt the remote host
# route 192.168.9.0 255.255.255.0

# Run openvpn using this specified user & group
user nobody
group nogroup

persist-key
persist-tun

## Logging

# Log level (0-9)
verb 3

# Max repeat count for logged messages
mute 10

# Daemon log
log /var/log/openvpn/homeassistant.log

# Daemon status file
status /var/log/openvpn/homeassistant.status

# Managing interface
# management 127.0.0.1 7588