# # This is the end-point to which the client will connect. # # This is a mandatory configuration-setting. # # NOTE: That you MUST use TLS to ensure your traffic is secure, and that # means that the websocket URI will have an "wss://" prefix. # vpn = wss://vpn.example.com/vpn # # This is the shared-secret, this key must match the one specified upon # the server-host. # # If the client-key does not match the server key then the connection will # be terminated and not accepted. # # Ideally this key will be long and complex. # key = Iequa[oogho5reiNgoo7ci4ruho~r#%fdsflj30-1l;alj1.>SDF£LK! ## ## Optional settings now follow ## ## ## Every time a client connects to the server it sends a name, which the server ## may choose to use to assign a static IP address. ## ## If you have multiple hosts with identical names you can send an explicit ## alternative here. (For example if you have "www.example.com" and ## "www.example.net" both hosts might be named "www".) # # name = frodo # ## ## When the client connects to the VPN server it will launch a series ## of commands to configure IP, route, and gateway. ## ## If you wish you may configure a command to execute after that. This ## "up" command will receive details of the link via environmental ## variables: ## ## $DEVICE - e.g. tun0. ## $CLIENT_IP - e.g 10.0.0.2. ## $SERVER_IP - e.g. 10.0.0.1. ## $SUBNET - e.g. 10.0.0.0/24. ## $MTU - e.g. 1280. ## # # up = /etc/simple-vpn/blah.sh # ## ## When a new client joins the VPN, or an existing connection is ## terminated, then the server will send a refresh-message to each ## of the connected peers. ## ## The update contains the name & IPs of each client which is currently ## connected. ## ## If you wish to react to changes you can define a `peers` command ## here which will receive the list of connected names/IPs as a JSON ## object on STDIN ## ## Sample input might look like this: ## ## [ {"Name":"vpn-server","IP":"10.137.248.1"}, ## {"Name":"www.vpn","IP":"10.137.248.2"}, ## {"Name":"alert.vpn","IP":"10.137.248.3"} ] ## ## # # peers = /bin/cat #