server.erb

# Auto-generated by vpnmaker on <%= @gen_host %> at <%= Time.now.to_s %>
# See http://github.com/pc/vpnmaker

mode server
tls-server

local <%= @host %>
port <%= @port %>
proto udp

dev tun0
server <%= @base_ip %> <%= @base_netmask %>
<% @subnets.each do |net| %>
route <%= net[:base_ip] %> <%= net[:netmask] %>
push "route <%= net[:base_ip] %> <%= net[:netmask] %>"<% end %>
<% @bridgednets.each do |net| %>
push "route <%= net[:base_ip] %> <%= net[:netmask] %>"<% end %>

# Drop privileges to user/group nobody
user <%= @user %>
group <%= @group %>

dh <%= @root %>/keys/dh.pem

ca <%= @root %>/keys/ca.crt
cert <%= @root %>/keys/server.crt
key <%= @root %>/keys/server.key
crl-verify <%= @root %>/keys/crl.pem

keepalive 10 120 # ping every 10 secs; no reply for 120 secs -> down

log <%= @log %>

# try to give same IP to client as before
persist-tun
persist-key

tls-auth <%= @root %>/keys/ta.key 0

client-config-dir <%= @root %>/ccd