feat: openvpn & cert manager

roles/openvpn/templates/atlantishq.conf

@@ -0,0 +1,42 @@
+server 172.16.1.0 255.255.255.0
+#server-ipv6 fd2a:aef:608:1::/64
+
+dev athq_sheppyvpn
+dev-type tun
+
+proto tcp
+port 7012
+
+topology subnet
+client-to-client
+
+# disable logging
+#log /dev/null
+#status /dev/null
+
+script-security 2
+tls-server
+mode server
+#duplicate-cn
+
+persist-key
+persist-tun
+
+keepalive 10 60
+
+user nobody
+group nogroup
+
+auth SHA512
+cipher AES-256-CBC
+
+ca   atlantishq/ca.crt
+cert atlantishq/vpn.atlantishq.de.crt
+key  atlantishq/vpn.atlantishq.de.key
+dh   atlantishq/dhparam
+
+crl-verify /opt/data/certificate-manager/crl.pem
+
+client-config-dir /opt/certificate-manager/client-config-dir
+ccd-exclusive
+management 127.0.0.1 {{ openvpn_management_port }} {{ openvpn_management_passfile }}