1 {{ ansible_managed|comment }}
3 # Subnet: {{ vpn_subnet }}
16 management 127.0.0.1 31339
20 server {{ vpn_subnet }} 255.255.255.0
26 log /var/log/openvpn/openvpn.log
28 status /var/log/openvpn/status.log
29 client-connect "/etc/openvpn/scripts/event-log.sh"
30 client-disconnect "/etc/openvpn/scripts/event-log.sh"
33 {% if phase|default() == 'prod' %}
34 auth-user-pass-verify /etc/openvpn/scripts/auth.py via-env
40 dh /etc/openvpn/keys/dh.pem
41 ca /etc/openvpn/keys/ca.{{ ca_name|lower }}.crt
42 crl-verify /etc/openvpn/keys/crl.{{ ca_name|lower }}.pem
43 cert /etc/openvpn/keys/{{ vpc_region }}.{{ ca_name|lower }}.crt
44 key /etc/openvpn/keys/{{ vpc_region }}.{{ ca_name|lower }}.key