## - Configuration/Initialization OpenVPN ## - # ==================== # - Some Parameter Settings # ==================== # --- # - Common parameters # --- # - IP-Address/Hostname of OpenVPN Server OPENVPN_SERVER="" # - Server Port SERVER_PORT= # - Organisation shortcut # - # - Example: 'AKB' or 'FLR' or 'OPP' or.. # - ORG_SHORTCUT="" # - Name of the OpenVPN Service # - # - Multiple names are posssible - List of blank separated names. # - # - Example: 'so36' # - 'home' # - 'gw-ckubu' # - 'opp' # - 'opferperspektive' # - 'home gw-ckubu' # - 'spr gw-ckubu' # - OPENVPN_NAME="" # - OpenVPN Base Directory for Service # - # - Defaults to: OPENVPN_BASE_DIR="/etc/openvpn/server/${OPENVPN_NAME}" # - OPENVPN_BASE_DIR="" # --- # - Parameters OpenVPN Configuration / KEY Creation # --- # - Example: (3*365+366)*8 = 11688 = 32 Jahre # - CA_EXPIRE=11688 # - CA_EXPIRE=11688 # - Example: (3*365+366)*5 = 7305 = 20 Jahre # - CERT_EXPIRE=7305 # - CERT_EXPIRE=7305 KEY_SIZE=4096 KEY_COUNTRY="DE" KEY_PROVINCE="Berlin" KEY_CITY="Berlin" KEY_ORG="o.open" KEY_EMAIL="argus\@oopen.de" KEY_OU="Network Services" # - Name of the Key # - # - Example: 'VPN opp' # - KEY_NAME="" # - Base Common Name of the certificates # - # - Example: 'VPN-opp' # - KEY_CN="" # - Example: 'VPN-opp' # - KEY_ALTNAMES="" # --- # - Parameters for Server Configurations # --- # - Enable LZO compression # - # - Note: # - enabling LZO compression is deprecated # - LZO_COMPRESSION="no" # - DATA_CIPHERS # - # - Server cryptographic cipher # - # - Example: # - DATA_CIPHERS="AES-256-CBC" # - DATA_CIPHERS="AES-256-GCM:AES-128-GCM:AES-256-CBC" # - # - Defaults to "AES-256-GCM:AES-128-GCM" # - # - DATA_CIPHERS="" # - SERVER_CIPHER # - # - Server additional cryptographic cipher # - # - Example: # - SERVER_CIPHER="AES-256-CBC" # - SERVER_AES-256-GCM" # - # - Defaults to "AES-256-CBC" and is added to DATA_CIPHERS if DATA_CIPHERS was leaave empty. # - # - Note: # - if set, also add the cipher to "DATA_CIPHERS" # - SERVER_CIPHER="" # - DATA_CIPHERS_FALLBACK # - # - Server fallback cryptographic cipher # - # - Example: # - DATA_CIPHERS_FALLBACK="BF-CBC" # - # - Defaults to "BF-CBC" # - # - DATA_CIPHERS_FALLBACK="" # - OpenVPN Network(s) used for this server. # - # - Eample: "10.0.217.0" # - "10.0.82.0 10.0.82.1" # - OPENVPN_NETWORK="" # - Networks to push from OpenVPN server to the client # - # - - use CIDR notation # - - multiple networks are possible: use blank separated list of CIDR-networks # - - "None" if no network should be pushed from OpenVPN server. # - # - Example: '192.168.82.0/24 192.168.83.0' # - REMOTE_NETWORKS="None" # - IP-Address of DNS server to push from OpenVPN server to the client. # - # - "None" if no DNS Server should be pushed. # - DNS_SERVER="None" # - Search Domain(s) to push from OpenVPN server to the client. # - # - - multiple domains are possible: use a blank separated list of search domains # - - "None" if no default domain should be pushed. # - SEARCH_DOMAINS="" # - Local networks to route through OpenVPN line # - # - - use CIDR notation # - - multiple networks are possible: use blank separated list of CIDR-networks # - - "None" if no network should be pushed from OpenVPN server. # - # - Example: '192.168.63.0/24 192.168.64.0/24' # - LOCAL_NETWORKS=""