Commit 14607624 authored by Girish Ramakrishnan's avatar Girish Ramakrishnan

Add notes on various options and what can be customized

Fixes #22
parent 97cb9c04
### Cloudron OpenVPN configuration
### Only specific options can be changed. Be sure to read the docs on what options
### are supported before editing this file - https://cloudron.io/documentation/apps/openvpn/
### https://github.com/OpenVPN/openvpn/blob/master/sample/sample-config-files/server.conf
# Server TCP
mode server
tls-server
# Cloudron only supports TCP mode
proto tcp
port ##VPN_TCP_PORT
# Cloudron only supports IP tunnel
dev tun
dev-node /app/code/net-tun
......@@ -20,16 +25,6 @@ crl-verify /app/data/keys/crl.pem
cipher AES-256-CBC
auth SHA256
# Network
# The OpenVPN app is only tested against the /24 subnet mask.
# Be sure to fixup the DNS server address if you change the network
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.8.0.1"
push "dhcp-option DOMAIN ##CLOUDRON_APP_DOMAIN"
client-to-client
keepalive 10 120
# Security
user cloudron
group cloudron
......@@ -39,6 +34,8 @@ persist-tun
# Log
verb 3
mute 20
# status file of connected clients, refreshed every minute
status /run/openvpn-status.log
# Hooks to update server status
......@@ -47,5 +44,32 @@ client-connect /app/code/hooks/openvpn-on-client-connect.sh
client-disconnect /app/code/hooks/openvpn-on-client-disconnect.sh
learn-address /app/code/hooks/openvpn-on-learn-address.sh
# Custom options go here
# Network
# The OpenVPN app is only tested against the /24 subnet mask.
# Be sure to fixup the DNS server address below if you change the network
server 10.8.0.0 255.255.255.0
keepalive 10 120
# This makes clients use this app's built-in DNS server which resolves
# names of the form "username.devicename"
push "dhcp-option DNS 10.8.0.1"
# This makes clients redirect all the traffic via the VPN.
push "redirect-gateway def1 bypass-dhcp"
# This makes clients set their domain name. This way, they can ping "username.devicename"
# instead of the full "username.devicename.app.cloudrondomain.com"
push "dhcp-option DOMAIN ##CLOUDRON_APP_DOMAIN"
# This enables connected clients to talk to each other
client-to-client
# This file tracks IP addresses for devices across disruptions/disconnects
ifconfig-pool-persist /app/data/ipp.txt
# Enable this if multiple clients with the same VPN config can concurrently connect
# duplicate-cn
# maximum number of concurrently connected clients
# max-clients 100
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment