Merge pull request #131 from jlund/openvpn-improvements

OpenVPN improvements

roles/common/tasks/ufw.yml

     - 5222/tcp  # xmpp c2s
     - 5269/tcp  # xmpp s2s
     - 6697/tcp  # znc
-    - openvpn/udp
+    - "{{ openvpn_port }}/{{ openvpn_protocol }}"
     - 60000:61000/udp  # mosh udp packets
 
 - name: Check status of ufw

roles/vpn/templates/client.cnf.j2

 client
 dev tun
-proto udp
-remote {{ openvpn_server }} 1194
+proto {{ openvpn_protocol }}
+remote {{ openvpn_server }} {{ openvpn_port }}
+cipher {{ openvpn_cipher }}
+auth {{ openvpn_auth_digest }}
 resolv-retry infinite
 nobind
 persist-key

roles/vpn/templates/etc_openvpn_server.conf.j2

 # on the same machine, use a different port
 # number for each one.  You will need to
 # open up this port on your firewall.
-port 1194
+port {{ openvpn_port }}
 
 # TCP or UDP server?
 ;proto tcp
-proto udp
+proto {{ openvpn_protocol }}
 
 # "dev tun" will create a routed IP tunnel,
 # "dev tap" will create an ethernet tunnel.

vars/defaults.yml

 openvpn_dhparam: "{{ openvpn_path }}/dh{{ openvpn_key_size }}.pem"
 openvpn_hmac_firewall: "{{ openvpn_path }}/ta.key"
 openvpn_server: "{{ domain }}"
+openvpn_port: "1194"
+openvpn_protocol: "udp"
 # openvpn_clients: (required)
 
 # webmail