From 39f95e3d2c6e1f0e0fa425d9c45104d607c0e3d9 Mon Sep 17 00:00:00 2001 From: Dmitry Shurupov Date: Mon, 17 Feb 2025 12:04:43 +0700 Subject: [PATCH] Small fixes in the README.md Notes --- README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 05a84d5..acc4987 100644 --- a/README.md +++ b/README.md @@ -69,14 +69,14 @@ You can also download and use prebuilt binaries from the [releases](https://gith ## Notes -* this tool uses external calls for `bash`, `coreutils` and `easy-rsa`, thus **Linux systems only are supported** at the moment. -* to enable additional password authentication provide `--auth` and `--auth.db="/etc/easyrsa/pki/users.db`" flags and install [openvpn-user](https://github.com/pashcovich/openvpn-user/releases/latest). This tool should be available in your `$PATH` and its binary should be executable (`+x`). -* master-replica synchronization does not work with `--storage.backend=kubernetes.secrets` - **WIP** -* additional password authentication does not work with `--storage.backend=kubernetes.secrets` - **WIP** -* if you use `--ccd` and `--ccd.path="/etc/openvpn/ccd"` abd plan to use static address setup for users do not forget to provide `--ovpn.network="172.16.100.0/24"` with valid openvpn-server network -* tested only with Openvpn-server versions 2.4 and 2.5 with only tls-auth mode -* not tested with EasyRsa version > 3.0.8 -* status of users connections update every 28 second(*no need to ask why =)*) +* This tool uses external calls for `bash`, `coreutils` and `easy-rsa`, thus **Linux systems only are supported** at the moment. +* To enable additional password authentication, provide `--auth` and `--auth.db="/etc/easyrsa/pki/users.db`" flags and install [openvpn-user](https://github.com/pashcovich/openvpn-user/releases/latest). This tool should be available in your `$PATH` and its binary should be executable (`+x`). +* If you use `--ccd` and `--ccd.path="/etc/openvpn/ccd"` and plan to use static address setup for users, do not forget to provide `--ovpn.network="172.16.100.0/24"` with valid openvpn-server network. +* If you want to pass all the traffic generated by the user, you need to edit `ovpn-admin/templates/client.conf.tpl` and uncomment `redirect-gateway def1`. +* Tested with openvpn-server versions 2.4 and 2.5 and with tls-auth mode only. +* Not tested with Easy-RSA version > 3.0.8. +* Status of user connections update every 28 seconds. +* Master-replica synchronization and additional password authentication do not work with `--storage.backend=kubernetes.secrets` - **WIP** ## Usage