← Back to branch summary

~moon127/+junk/openvpn-server-charm 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189

options:
  # Deprecated in favor of standard apt layer settings,
  # install_sources & install_keys
  # 
  # openvpn_origin:
  #   default: distro
  #   type: string
  #   description: |
  #     Repository from which to install.  May be one of the following:
  #     distro (default), ppa:somecustom/ppa, a deb url sources entry,
  #     or a supported Cloud Archive release pocket.

  #     Supported Cloud Archive sources include: cloud:precise-folsom,
  #     cloud:precise-folsom/updates, cloud:precise-folsom/staging,
  #     cloud:precise-folsom/proposed.

  #     Note that updating this setting to a source that is known to
  #     provide a later version of openvpn will trigger a software
  #     upgrade.
  ca_certificate:
    default: ""
    type: string
    description: |
      base64 encoded ca certificate
  server_certificate:
    default: ""
    type: string
    description: |
      base64 encoded server certificate
  server_key:
    default: ""
    type: string
    description: |
      base64 encoded server key
  crl_filename:
    default: ""
    type: string
    description: |
      certificate revocation list filename
  tls_auth_key:
    default: ""
    type: string
    description: |
      base64 encoded tls-auth key
  tls_auth_direction:
    default: "0"
    type: string
    description: |
      tls-auth direction
  ccd_exclusive:
    default: false
    type: boolean
    description: |
      maps to ccd-exclusive in the configs.
  user:
    default: openvpn
    type: string
    description: |
      user for openvpn
  group:
    default: openvpn
    type: string
    description: |
      group for openvpn
  udp_daemon:
    default: true
    type: boolean
    description: |
      Enable UDP daemon
  udp_proto:
    default: "udp"
    type: string
    description: |
      protocol: one of "udp" or "udp6"
  udp_ip_address:
    default: ""
    type: string
    description: |
      Address to listen on.  Defaults to the IP address on the default route interface
  udp_port:
    default: "1194"
    type: string
    description: |
      port to listen on (default: 1194)
  udp6_network:
    default: ""
    type: string
    description: |
      IPv6 Network for UDP clients, if any. CIDR format (e.g.: 2001:db8::0/64)
  udp_network:
    default: ""
    type: string
    description: |
      Network for UDP clients, if any. (netmask is separate)
  udp_netmask:
    default: ""
    type: string
    description: |
      Netmask for UDP clients
  udp_client_config_directory:
    default: ""
    type: string
    description: |
      Name  of UDP client config directory, or none
  udp_device:
    default: tun0
    type: string
    description: |
      Interface name for UDP vpn device
  udp_cipher:
    default: AES-128-CBC
    type: string
    description: |
      Cipher to use for udp.
  udp_extra_commands:
    default: ""
    type: string
    description: |
      yaml string of extra directives for the udp config (usually routes)
  tcp_daemon:
    default: false
    type: boolean
    description: |
      Enable TCP daemon
  tcp_proto:
    default: "tcp"
    type: string
    description: |
      protocol: one of "tcp" or "tcp6"
  tcp_ip_address:
    default: ""
    type: string
    description: |
      Address to listen on.  Defaults to the IP address on the default route interface
  tcp_port:
    default: "1194"
    type: string
    description: |
      port to listen on (default: 1194)
  tcp6_network:
    default: ""
    type: string
    description: |
      IPv6 Network for TCP clients, if any. CIDR format (e.g.: 2001:db8::0/64)
  tcp_network:
    default: ""
    type: string
    description: |
      Network for TCP clients, if any. (netmask is separate)
  tcp_netmask:
    default: ""
    type: string
    description: |
      Netmask for TCP clients
  tcp_client_config_directory:
    default: ""
    type: string
    description: |
      Name  of TCP client config directory, or none
  tcp_device:
    default: tun1
    type: string
    description: |
      Interface name for TCP vpn device
  tcp_cipher:
    default: AES-128-CBC
    type: string
    description: |
      Cipher to use for tcp.
  tcp_extra_commands:
    default: ""
    type: string
    description: |
      yaml string of extra directives for the tcp config (usually routes)
  ccd_sync_key:
    default: ""
    type: string
    description: |
      ssh public key used to sync ccd data.
  ccd_sync_ip:
    default: ""
    type: string
    description: |
      ip address(es) that will rsync ccd data.
  ssh_auth_key_path:
    default: ""
    type: string
    description: |
      path to the ssh authorized keys file for "user"