| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 |
- version = "1.0"
- [main]
- name = "Auto-configuration"
- [main.vpn]
- name = ""
- optional = false
-
- [main.vpn.status]
- ask = "The status of your VPN is unknown."
- type = "alert"
- style = "info"
-
- [main.vpn.service_enabled]
- ask = "Enable VPN"
- type = "boolean"
- help = "If disabled, the VPN service will not automatically be started at boot."
-
- [main.vpn.doc]
- ask = "Only VPN with a dedicated public ip that accept inbound traffic are compatible. See the compatible providers list."
- type = "alert"
- style = "warning"
- [main.vpn.config_file]
- ask = "Configuration file"
- type = "file"
- accept = ".cube, .ovpn, .conf"
- help = ".cube file recommended, .ovpn file accepted"
- bind = "/etc/openvpn/client.conf"
-
- [main.auth]
- name = "Authentication"
- optional = true
- visible = 'config_file && ((match(config_file,"^\s*ca\s") && ! match(config_file,"^\s*<ca>")) || (match(config_file,"^\s*cert\s") && ! match(config_file,"^\s*<cert>")) || (match(config_file,"^\s*key\s") && ! match(config_file,"^\s*<key>")) || (match(config_file,"^\s*tls-auth\s") && ! match(config_file,"^\s*<tls-auth>")) || match(config_file,"^\s*auth-user-pass(\s.*)?$"))'
- [main.auth.crt_server_ca]
- ask = "Update Server CA"
- type = "file"
- help = "You should upload a CA certificate to start"
- bind = "/etc/openvpn/keys/ca-server.crt"
- visible = 'config_file && match(config_file,"^\s*ca\s") && ! match(config_file,"^\s*<ca>")'
-
- [main.auth.crt_client]
- ask = "Update Client Certificate"
- type = "file"
- bind = "/etc/openvpn/keys/user.crt"
- visible = 'config_file && match(config_file,"^\s*cert\s") && ! match(config_file,"^\s*<cert>")'
-
- [main.auth.crt_client_key]
- ask = "Update Client Key"
- type = "file"
- help = "This file begins with -----BEGIN PRIVATE KEY-----"
- bind = "/etc/openvpn/keys/user.key"
- visible = 'config_file && match(config_file,"^\s*key\s") && ! match(config_file,"^\s*<key>")'
-
- [main.auth.login_user]
- ask = "Username"
- type = "string"
- example = "camille"
- pattern.regexp = '^[a-zA-Z_\-\\\.@]+$'
- pattern.error = "OpenVPN accept only alphabetic chars and -_\\.@"
- visible = 'config_file && match(config_file,"^\s*auth-user-pass\s")'
-
- [main.auth.login_passphrase]
- ask = "Password"
- type = "password"
- visible = 'config_file && match(config_file,"^\s*auth-user-pass(\s.*)?$")'
-
- [main.auth.crt_client_ta]
- ask = "TLS Auth shared secret"
- type = "file"
- example = "ta.key"
- help = "Some servers have an additional protection agains Deny of Service attack. If you have no tls-auth key in your ovpn, skip this question."
- bind = "/etc/openvpn/keys/user_ta.key"
- visible = 'config_file && match(config_file,"^\s*tls-auth\s") && ! match(config_file,"^\s*<tls-auth>")'
-
- [advanced]
- name = "DNS & IPv6"
- [advanced.dns]
- name = "DNS"
- [advanced.dns.dns_method]
- ask = "DNS provider"
- type = "select"
- choices.pushed = "Use DNS from my VPN provider"
- choices.yunohost = "Keep DNS from YunoHost"
- choices.custom = "Use custom DNS"
- [advanced.dns.nameservers]
- ask = "DNS resolvers"
- type = "tags"
- optional = true
- visible = "dns_method == 'custom'"
- pattern.regexp = "^([0-9.]{8,16}|[0-9a-fA-F:]+)$"
- pattern.error = "Not an ip"
-
- [advanced.ipv6]
- name = "IPv6"
- [advanced.ipv6.ip6_addr]
- ask = "IPv6"
- type = "string"
- optional = true
- example = "2001:db8:42::2"
- help = "If ipv6 address is not pushed directly by your openvpn server, you can indicate a specific ip to use."
- pattern.regexp = "^[0-9a-fA-F:]+$"
- pattern.error = "Please provide a valid IPv6"
|
