fix openvpn things

[awsible] / roles / msca-openvpn / templates / vpc-client.conf.j2

diff --git a/roles/msca-openvpn/templates/vpc-client.conf.j2 b/roles/msca-openvpn/templates/vpc-client.conf.j2
index e881e969e99f007c97aba5810f76423254dab349..45df32136e02d50dfb4cff696fec53a91e765d34 100644 (file)
--- a/roles/msca-openvpn/templates/vpc-client.conf.j2
+++ b/roles/msca-openvpn/templates/vpc-client.conf.j2
@@ -18,3 +18,9 @@ daemon
 ca /etc/openvpn/keys/ca.{{ ca_name|lower }}.crt
 cert /etc/openvpn/keys/{{ vpc_region }}-client.{{ ca_name|lower }}.crt
 key /etc/openvpn/keys/{{ vpc_region }}-client.{{ ca_name|lower }}.key
+tls-server
+tls-version-min 1.2
+key-direction 0
+<tls-auth>
+{{ ta_secret }}
+</tls-auth>