2016-08-12 06:56:40 +00:00
|
|
|
# This configuration file uses the YAML format.
|
2021-02-08 09:11:35 +00:00
|
|
|
# ~ means "no value" (i.e. "default value")
|
|
|
|
# Replace it by a value and put quotes (") around values with special characters
|
|
|
|
# List items start with a dash and a space (- )
|
|
|
|
# Note that the whitespace before the settings names is important for the file structure
|
2016-08-12 06:56:40 +00:00
|
|
|
|
2016-11-25 06:15:19 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
listen: 3210 # The port number or ip:port on which to listen for data.
|
2016-11-25 06:15:19 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
peers: # Address of a peer to connect to.
|
|
|
|
# The address should be in the form `addr:port`.
|
|
|
|
# Put [] for an empty list
|
|
|
|
- node2.example.com:3210
|
|
|
|
- node3.example.com:3210
|
2016-08-12 06:40:13 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
crypto: # Crypto settings
|
|
|
|
password: ~ # <-- CHANGE # A password to encrypt the VPN data.
|
|
|
|
private-key: ~ # Private key (alternative to password)
|
|
|
|
public-key: ~ # Public key (alternative to password)
|
|
|
|
trusted-keys: [] # Trusted keys (alternative to password)
|
|
|
|
# Replace [] with list of keys
|
2016-08-12 06:40:13 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
ip: ~ # <-- CHANGE # An IP address to set on the device, e.g. 10.0.0.1
|
|
|
|
# Must be different for every node on the VPN
|
2016-08-12 06:40:13 +00:00
|
|
|
|
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
# ------------------ Advanced features ahead --------------------
|
2016-08-12 06:40:13 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
auto-claim: true # Whether to automatically claim the configured IP on tun devices
|
2016-08-12 06:40:13 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
claims: # The local subnets to use. This parameter should be in the form
|
|
|
|
# `address/prefixlen` where address is an IPv4 address, an IPv6 address, or a
|
|
|
|
# MAC address. The prefix length is the number of significant front bits that
|
|
|
|
# distinguish the subnet from other subnets.
|
2016-08-12 06:40:13 +00:00
|
|
|
# - 10.1.1.0/24
|
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
ifup: ~ # Command to setup the interface. Use $IFNAME for interface name.
|
|
|
|
ifdown: ~ # Command to tear down the interface. Use $IFNAME for interface name.
|
2016-11-25 06:15:19 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
device: # Device settings
|
|
|
|
name: "vpncloud%d" # Name of the virtual device. Any `%d` will be filled with a free number.
|
|
|
|
type: tun # Set the type of network. There are two options: **tap** devices process
|
|
|
|
# Ethernet frames **tun** devices process IP packets. [default: `tun`]
|
|
|
|
path: "/dev/net/tun" # Path of the tun device
|
|
|
|
fix-rp-filter: false # Whether to fix detected rp-filter problems
|
2016-11-25 06:15:19 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
mode: normal # Mode to run in, "normal", "hub", "switch", or "router" (see manpage)
|
2020-10-26 22:00:36 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
port-forwarding: true # Try to map a port on the router
|
2020-10-26 22:00:36 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
switch-timeout: 300 # Switch timeout in seconds (switch mode only)
|
2020-10-26 22:00:36 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
peer-timeout: 300 # Peer timeout in seconds
|
|
|
|
keepalive: ~ # Keepalive interval in seconds
|
2020-10-26 22:00:36 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
beacon: # Beacon settings
|
|
|
|
store: ~ # File or command (prefix: "|") to use for storing beacons
|
|
|
|
load: ~ # File or command (prefix: "|") to use for loading beacons
|
|
|
|
interval: 3600 # How often to load and store beacons (in seconds)
|
|
|
|
password: ~ # Password to encrypt beacon data with
|
2020-10-26 22:00:36 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
statsd: # Statsd settings
|
|
|
|
server: ~ # Statsd server name:port
|
|
|
|
prefix: ~ # Prefix to use for stats keys
|
2020-10-26 22:00:36 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
pid-file: ~ # Store the process id in this file when running in the background
|
|
|
|
stats-file: ~ # Periodically write statistics on peers and current traffic to the given file
|
2020-10-26 22:00:36 +00:00
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
hook: ~ # Hook script to run for every event
|
|
|
|
hooks: {} # Multiple hook scripts to run for specific events
|
2020-10-26 22:00:36 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
2021-02-08 09:11:35 +00:00
|
|
|
# Copy this template and save it to a file named /etc/vpncloud/MYNET.net (replace MYNET with your network name)
|
|
|
|
#
|
|
|
|
# On systems using systemd (most common):
|
|
|
|
# start/stop the network: service vpncloud@MYNET start/stop
|
|
|
|
# enable/disable automatic startup: systemctl enable/disable vpncloud@MYNET
|
|
|
|
#
|
|
|
|
# On older systems (using sysv init):
|
|
|
|
# Add the network name to /etc/default/vpncloud
|
|
|
|
# start/stop all VpnCloud networks: /etc/init.d/vpncloud start/stop
|