# DO NOT EDIT - This file is being maintained by Chef

# Set the local port to use
port <%= @port %>

# Use UDP
proto udp

# Use routed IP tunnels
dev tun

# Use shared secret authentication
secret <%= @name %>.key

# Run in peer-to-peer mode
mode p2p
<% if @mode == "client" -%>

# Connect to the remote machine
remote <%= @peer[:host] %> <%= @peer[:port] %>
<% end -%>

# Configure interface and routing
ifconfig <%= @address %> <%= @peer[:address] %>
<% @peer[:networks].each do |network| -%>
route <%= network[:address] %> <%= network[:netmask] %>
<% end -%>

# Keepalive - check every 10 seconds and reset after 2 minutes
keepalive 10 120

# Use AES-128 as the cipher
cipher AES-128-CBC

# Enable compression
comp-lzo

# Run unprivileged
user nobody
group nogroup

# Reuse resources on restart to avoid privilege problems
persist-key
persist-tun

# Set log verbosity
verb 3