servers

rc/servers

History

Timotej Lazar ade6a8e1e2 Add nginx as a role dependency where required This is pretty much anywhere a LE certificate is needed. Similar for nginx-php for PHP sites. Drop these roles from setup.yml.		2025-04-12 18:51:31 +02:00
..
files	Add ocserv role	2025-04-12 18:38:48 +02:00
handlers	Add ocserv role	2025-04-12 18:38:48 +02:00
meta	Add nginx as a role dependency where required	2025-04-12 18:51:31 +02:00
tasks	Add ocserv role	2025-04-12 18:38:48 +02:00
templates	Add ocserv role	2025-04-12 18:38:48 +02:00
README.md	Add ocserv role	2025-04-12 18:38:48 +02:00

README.md

Install and configure ocserv with a script to configure nftables on (dis)connection.

Create a self‐signed CA authority for issuing user certificates. User and group are read from the CN and OU certificate subject fields, respectively. To configure VPN groups, define the variable vpn as follows:

"vpn": {
    "network": "<VPN network>"
    "routes": {
        "<group>": [ "<route>", … ]
        …
    }
}