lupine5/openvpn: additional config, open firewall
Build topology graph / evals (push) Successful in 2m24s
Eval nix flake / evals (push) Successful in 6m50s

This commit is contained in:
2026-07-06 02:37:06 +09:00
parent fcfcb07e59
commit 4b8be337e0
+11 -2
View File
@@ -28,8 +28,10 @@ in
services.openvpn.servers."ov-tunnel" = {
config = renderConfig {
mode = "server";
# TODO: use aliases
local = values.services.knutsen-vpn;
local = "0.0.0.0";
port = 1194;
proto = "udp";
@@ -63,7 +65,6 @@ in
];
keepalive = "10 120";
data-ciphers = "none";
user = "nobody";
group = "nobody";
@@ -84,9 +85,17 @@ in
persist-key = true;
persist-tun = true;
tls-version-min = "1.2";
tls-version-max = "1.2";
verb = 5;
explicit-exit-notify = 1;
};
};
networking.firewall = {
allowedTCPPorts = [ 1194 ];
allowedUDPPorts = [ 1194 ];
};
}