OpenVPN Official documentation

Configuration

• configuration:
  • openvpn:
    • cipher: BF-CBC
    • dev: tun
    • dns1: 208.67.222.222
    • dns2: 208.67.220.220
    • group: nogroup
    • key:
      • ca_expire: 3650
      • city: SanFrancisco
      • common_name: server
      • country: US
      • email: admin@server
      • key_expire: 3650
      • key_size: 1024
      • name: server
      • org: Fort-Funston
      • org_unit: server
      • province: CA
    • max_client: 100
    • netmask: 255.255.255.0
    • network: 10.8.0.0
    • port: 1194
    • proto: udp
    • user: nobody

cipher string

cipher

Default: BF-CBC

dev string

Device type

Default: tun

dns1 string

DNS to propagate to the clients (default to OpenDNS)

Default: 208.67.222.222

dns2 string

DNS to propagate to the clients (default to OpenDNS)

Default: 208.67.220.220

group string

Running group of openvpn (must exist)

Default: nogroup

key.ca_expire integer

CA validity period (in days)

Default: 3650

key.city string

Key city

Default: SanFrancisco

key.common_name string

Key Common Name (CN)

Default: server

key.country string

Key country

Default: US

key.email string

Key email

Default: admin@server

key.key_expire integer

Key validity period (in days)

Default: 3650

key.key_size integer

Increase key size if you are paranoid; it will slow down TLS negociation

Default: 1024

key.name string

Key name

Default: server

key.org string

Key Organization

Default: Fort-Funston

key.org_unit string

Key Organization Unit (OU)

Default: server

key.province string

Key province

Default: CA

max_client integer

Maximum number of simultaneous clients

Default: 100

netmask string

Netmask to apply on IP range for clients

Default: 255.255.255.0

network string

Network IP range for clients

Default: 10.8.0.0

port integer

Listening port

Default: 1194

proto string

Protocol

Default: udp

user string

Running user of openvpn (must exist)

Default: nobody