| # OpenVPN Server Configuration | |
| # Port 7860 for Hugging Face compatibility | |
| port 7860 | |
| proto udp | |
| dev tun | |
| # SSL/TLS root certificate (ca), certificate | |
| # (cert), and private key (key) | |
| ca /etc/openvpn/server/keys/ca.crt | |
| cert /etc/openvpn/server/keys/server.crt | |
| key /etc/openvpn/server/keys/server.key | |
| # Diffie hellman parameters | |
| dh /etc/openvpn/server/keys/dh2048.pem | |
| # Network topology | |
| topology subnet | |
| # Configure server mode and supply a VPN subnet | |
| # for OpenVPN to draw client addresses from | |
| server 10.8.0.0 255.255.255.0 | |
| # Maintain a record of client <-> virtual IP address | |
| # associations in this file | |
| ifconfig-pool-persist /var/log/openvpn/ipp.txt | |
| # Push routes to the client | |
| push "redirect-gateway def1 bypass-dhcp" | |
| push "dhcp-option DNS 8.8.8.8" | |
| push "dhcp-option DNS 8.8.4.4" | |
| # Client-to-client communication | |
| client-to-client | |
| # Keep alive ping | |
| keepalive 10 120 | |
| # TLS authentication | |
| tls-auth /etc/openvpn/server/keys/ta.key 0 | |
| key-direction 0 | |
| # Cipher selection | |
| cipher AES-256-CBC | |
| # Enable compression | |
| compress lz4-v2 | |
| push "compress lz4-v2" | |
| # Maximum number of concurrently connected clients | |
| max-clients 10 | |
| # Run with reduced privileges | |
| user nobody | |
| group nogroup | |
| # Persist keys and tun device | |
| persist-key | |
| persist-tun | |
| # Status file | |
| status /var/log/openvpn/openvpn-status.log | |
| # Log file verbosity | |
| verb 3 | |
| # Silence repeating messages | |
| mute 20 | |
| # Explicit exit notify | |
| explicit-exit-notify 1 |