diff options
author | Kim Hagen <kim@sentrium.io> | 2021-09-03 06:00:07 -0500 |
---|---|---|
committer | Kim Hagen <kim@sentrium.io> | 2021-09-03 06:00:07 -0500 |
commit | 5366f9c9ce9850cdf3fddbf0c2947994a0c7eef6 (patch) | |
tree | 458ce7a76adc282ac352a646175d9d691b839ce3 /data/templates/openvpn/server.conf.tmpl | |
parent | cfebb0b01c37e92503aeb88bca42fa18f6927814 (diff) | |
download | vyos-1x-5366f9c9ce9850cdf3fddbf0c2947994a0c7eef6.tar.gz vyos-1x-5366f9c9ce9850cdf3fddbf0c2947994a0c7eef6.zip |
do not use capitals in opmode
rename t0 to drift
add subnemu for 2fa to make it more readable
Diffstat (limited to 'data/templates/openvpn/server.conf.tmpl')
-rw-r--r-- | data/templates/openvpn/server.conf.tmpl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl index 679c25dd8..d97ff7717 100644 --- a/data/templates/openvpn/server.conf.tmpl +++ b/data/templates/openvpn/server.conf.tmpl @@ -131,7 +131,7 @@ push "dhcp-option DOMAIN {{ server.domain_name }}" {% if server['2fa']['totp'] is defined and server['2fa']['totp'] is not none %} plugin "/usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-otp.so" "otp_secrets=/config/auth/openvpn/{{ ifname }}-otp-secrets otp_slop= {{- server['2fa']['totp']['slop']|default(180) }} totp_t0= -{{- server['2fa']['totp']['t0']|default(0) }} totp_step= +{{- server['2fa']['totp']['drift']|default(0) }} totp_step= {{- server['2fa']['totp']['step']|default(30) }} totp_digits= {{- server['2fa']['totp']['digits']|default(6)}} password_is_cr= {%-if server['2fa']['totp']['challenge']|default('enable') == 'enable' %}1{% else %}0{% endif %}" |