Openvpn
- By tengu-team
- Networking
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/stable | 9 | 11 Nov 2020 | |
latest/beta | 7 | 11 Nov 2020 | |
latest/edge | 6 | 11 Nov 2020 |
juju deploy openvpn
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
-
clients | string
Default: client1
Space-separated list with names of users to generate config for.
-
duplicate-cn | boolean
Default: True
Will multiple users connect using the same client config? (yes = True)
-
extra_packages | string
Space separated list of extra deb packages to install.
-
install_keys | string
List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
-
install_sources | string
List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
-
key-city | string
Default: Ubuntu
City field for RSA certificate.
-
key-country | string
Default: US
Country field for RSA certificate.
-
key-email | string
Default: Juju
Email field for RSA certificate.
-
key-org | string
Default: Juju
Organization field for RSA certificate.
-
key-province | string
Default: CA
Province field for RSA certificate.
-
package_status | string
Default: install
The status of service-affecting packages will be set to this value in the dpkg database. Valid values are "install" and "hold".
-
port | int
Default: 443
Port for VPN traffic. Default is 443 since it isn't likely to be blocked by the firewall.
-
protocol | string
Default: tcp
Protocol for VPN communication (tcp|udp). Tcp on port 443 is least likely to be blocked by firewalls. Udp on port 1194 is fastest.
-
puppet-gpg-key | string
Default: -----BEGIN PGP PUBLIC KEY BLOCK----- mQINBFe2Iz4BEADqbv/nWmR26bsivTDOLqrfBEvRu9kSfDMzYh9Bmik1A8Z036Eg h5+TZD8Rrd5TErLQ6eZFmQXk9yKFoa9/C4aBjmsL/u0yeMmVb7/66i+x3eAYGLzV FyunArjtefZyxq0B2mdRHE8kwl5XGl8015T5RGHCTEhpX14O9yigI7gtliRoZcl3 hfXtedcvweOf9VrV+t5LF4PrZejom8VcB5CE2pdQ+23KZD48+Cx/sHSLHDtahOTQ 5HgwOLK7rBll8djFgIqP/UvhOqnZGIsg4MzTvWd/vwanocfY8BPwwodpX6rPUrD2 aXPsaPeM3Q0juDnJT03c4i0jwCoYPg865sqBBrpOQyefxWD6UzGKYkZbaKeobrTB xUKUlaz5agSK12j4N+cqVuZUBAWcokXLRrcftt55B8jz/Mwhx8kl6Qtrnzco9tBG T5JN5vXMkETDjN/TqfB0D0OsLTYOp3jj4hpMpG377Q+6D71YuwfAsikfnpUtEBxe NixXuKAIqrgG8trfODV+yYYWzfdM2vuuYiZW9pGAdm8ao+JalDZss3HL7oVYXSJp MIjjhi78beuNflkdL76ACy81t2TvpxoPoUIG098kW3xd720oqQkyWJTgM+wV96bD ycmRgNQpvqHYKWtZIyZCTzKzTTIdqg/sbE/D8cHGmoy0eHUDshcE0EtxsQARAQAB tEhQdXBwZXQsIEluYy4gUmVsZWFzZSBLZXkgKFB1cHBldCwgSW5jLiBSZWxlYXNl IEtleSkgPHJlbGVhc2VAcHVwcGV0LmNvbT6JAj4EEwECACgFAle2Iz4CGwMFCQlm AYAGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEH9DgoDvjTSfIN0P/jcCRzK8 WIdhcNz5dkj7xRZb8Oft2yDfenQmzb1SwGGa96IwJFcjF4Nq7ymcDUqunS2DEDb2 gCucsqmW1ubkaggsYbc9voz/SQwhsQpBjfWbuyOX9DWmW6av/aB1F85wP79gyfqT uidTGxQE6EhDbLe7tuvxOHfM1bKsUtI+0n9TALLLHfXUEdtaXCwMlJuO1IIn1PWa H7HzyEjw6OW/cy73oM9nuErBIio1O60slPLOW2XNhdWZJCRWkcXyuumRjoepz7WN 1JgsLOTcB7rcQaBP3pDN0O/Om5dlDQ6oYitoJs/F0gfEgwK68Uy8k8sUR+FLLJqM o0CwOg6CeWU4ShAEd1xZxVYW6VOOKlz9x9dvjIVDn2SlTBDmLS99ySlQS57rjGPf GwlRUnuZP4OeSuoFNNJNb9PO6XFSP66eNHFbEpIoBU7phBzwWpTXNsW+kAcY8Rno 8GzKR/2FRsxe5Nhfh8xy88U7BA0tqxWdqpk/ym+wDcgHBfSRt0dPFnbaHAiMRlgX J/NPHBQtkoEdQTKA+ICxcNTUMvsPDQgZcU1/ViLMN+6kZaGNDVcPeMgDvqxu0e/T b3uYiId38HYbHmD6rDrOQL/2VPPXbdGbxDGQUgX1DfdOuFXw1hSTilwI1KdXxUXD sCsZbchgliqGcI1l2En62+6pI2x5XQqqiJ7+ =HpaX -----END PGP PUBLIC KEY BLOCK-----
Puppet gpg key used to configure Puppetlabs apt sources. You can find and verify this key at https://apt.puppetlabs.com/DEB-GPG-KEY-puppet
-
push-default-gateway | boolean
Default: True
Do not set to false if you don't know what you're doing. Should the connecting clients use the VPN server for ALL connections? (yes = True) If this is False then the client will not use the VPN for ANY connections unless the client configures routes manually.
-
push-dns | boolean
Default: True
Should the connecting clients use the same DNS and search domain as the OpenVPN server? (yes = True)