summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--data/templates/openvpn/server.conf.tmpl4
1 files changed, 3 insertions, 1 deletions
diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl
index 1348912b3..679c25dd8 100644
--- a/data/templates/openvpn/server.conf.tmpl
+++ b/data/templates/openvpn/server.conf.tmpl
@@ -127,13 +127,15 @@ push "dhcp-option DNS6 {{ nameserver }}"
{% if server.domain_name is defined and server.domain_name is not none %}
push "dhcp-option DOMAIN {{ server.domain_name }}"
{% endif %}
-{% if server['2fa']['totp'] is defined and server['2fa']['totp'] is not none %}
+{% if server['2fa'] is defined and server['2fa'] is not none %}
+{% if server['2fa']['totp'] is defined and server['2fa']['totp'] is not none %}
plugin "/usr/lib/x86_64-linux-gnu/openvpn/plugins/openvpn-otp.so" "otp_secrets=/config/auth/openvpn/{{ ifname }}-otp-secrets otp_slop=
{{- server['2fa']['totp']['slop']|default(180) }} totp_t0=
{{- server['2fa']['totp']['t0']|default(0) }} totp_step=
{{- server['2fa']['totp']['step']|default(30) }} totp_digits=
{{- server['2fa']['totp']['digits']|default(6)}} password_is_cr=
{%-if server['2fa']['totp']['challenge']|default('enable') == 'enable' %}1{% else %}0{% endif %}"
+{% endif %}
{% endif %}
{% endif %}
{% else %}