openvpn job from openvpn/2.1.0

Github source: 92458dbe or master branch

Properties¶

openvpn¶

ca_crt¶

CA Certificate

ccd¶

A list of Client Configuration Directives

Default

[]

client_config¶

A list of Client Configuration Connections

Default

[]

crl_pem¶

Certificate Revocation List

dh_pem¶

Diffie-Hellmann Key

extra_config¶

Custom OpenVPN configuration statements

iptables¶

IPTable rules to manage

Default

[]

Example

- POSTROUTING -t nat -s 192.0.2.0/24 -d 10.10.1.0/24 -j MASQUERADE -m comment --comment
  'vpn -> private lan'
- POSTROUTING -t nat -s 192.0.2.0/24 -d 10.10.2.100/32 -j MASQUERADE -m comment --comment
  'vpn -> internal backup server'

local¶

Bind IP for the server

Default

0.0.0.0

port¶

Bind Port for the server

Default

1194

push_routes¶

Routes to push to connecting clients

Default

[]

routes¶

Routes for the local routing table

Default

[]

server¶

VPN IP and netmask

server_crt¶

Server Certificate

server_key¶

Server Key

Templates¶

Templates are rendered and placed onto corresponding instances during the deployment process. This job's templates will be placed into /var/vcap/jobs/openvpn/ directory (learn more).

• bin/apply-iptables (from bin/apply-iptables.erb)
• bin/control (from bin/control)
• bin/control-client (from bin/control-client)
• bin/write-ccd (from bin/write-ccd.erb)
• bin/write-clients (from bin/write-clients.erb)
• etc/ca.crt (from etc/ca.crt.erb)
• etc/crl.pem (from etc/crl.pem.erb)
• etc/dh.pem (from etc/dh.pem.erb)
• etc/openvpn.conf (from etc/openvpn.conf.erb)
• etc/server.crt (from etc/server.crt.erb)
• etc/server.key (from etc/server.key.erb)

Packages¶

Packages are compiled and placed onto corresponding instances during the deployment process. Packages will be placed into /var/vcap/packages/ directory.

• openvpn