38 lines
950 B
Markdown
38 lines
950 B
Markdown
#### notes:
|
|
- Use 'RUSTFLAGS="-C target-feature=+crt-static" cargo build --trarget x86_64-unknown-linux-musl' to make static binary
|
|
|
|
#### example openvpn configuration
|
|
```
|
|
verb 2
|
|
server 10.44.0.0 255.255.0.0
|
|
server-ipv6 2a00:dead:beef:code::/64
|
|
script-security 2
|
|
remote-cert-tls client
|
|
port 1195
|
|
proto udp
|
|
proto udp6
|
|
dev vpn1
|
|
dev-type tun
|
|
route-metric 100
|
|
|
|
crl-verify /etc/openvpn/server/vpn-crl.pem
|
|
|
|
topology subnet
|
|
client-connect "/usr/local/bin/client-connect -c connect -4 10.44 -6 2a00:dead:beef:code -o"
|
|
push "dhcp-option DNS 8.8.8.8"
|
|
push "dhcp-option DNS 8.8.4.4"
|
|
push "dhcp-option DNS 2001:4860:4860::8888"
|
|
push "dhcp-option DNS 2001:4860:4860::8844"
|
|
push "route-ipv6 2a00:dead:beef:code::/64"
|
|
push "route-ipv6 2000::/4"
|
|
push "route-ipv6 3000::/4"
|
|
push "route-ipv6 200::/7"
|
|
push "redirect-gateway def1"
|
|
|
|
keepalive 10 30
|
|
cipher AES-256-GCM
|
|
replay-window 128 15
|
|
mute-replay-warnings
|
|
|
|
management /run/openvpn-server/vpn-management.sock unix
|
|
``` |