diff options
| -rw-r--r-- | doc/guix.texi | 20 | ||||
| -rw-r--r-- | gnu/services/vpn.scm | 6 |
2 files changed, 17 insertions, 9 deletions
diff --git a/doc/guix.texi b/doc/guix.texi index 99068fccfa..d021384b73 100644 --- a/doc/guix.texi +++ b/doc/guix.texi @@ -24909,14 +24909,18 @@ Defaults to @samp{tun}. @end deftypevr -@deftypevr {@code{openvpn-client-configuration} parameter} string ca +If you do not have some of these files (eg.@: you use a username and +password), you can disable any of the following three fields by setting +it to @code{'disabled}. + +@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string ca The certificate authority to check connections against. Defaults to @samp{"/etc/openvpn/ca.crt"}. @end deftypevr -@deftypevr {@code{openvpn-client-configuration} parameter} string cert +@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string cert The certificate of the machine the daemon is running on. It should be signed by the authority given in @code{ca}. @@ -24924,7 +24928,7 @@ Defaults to @samp{"/etc/openvpn/client.crt"}. @end deftypevr -@deftypevr {@code{openvpn-client-configuration} parameter} string key +@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string key The key of the machine the daemon is running on. It must be the key whose certificate is @code{cert}. @@ -25060,14 +25064,18 @@ Defaults to @samp{tun}. @end deftypevr -@deftypevr {@code{openvpn-server-configuration} parameter} string ca +If you do not have some of these files (eg.@: you use a username and +password), you can disable any of the following three fields by setting +it to @code{'disabled}. + +@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string ca The certificate authority to check connections against. Defaults to @samp{"/etc/openvpn/ca.crt"}. @end deftypevr -@deftypevr {@code{openvpn-server-configuration} parameter} string cert +@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string cert The certificate of the machine the daemon is running on. It should be signed by the authority given in @code{ca}. @@ -25075,7 +25083,7 @@ Defaults to @samp{"/etc/openvpn/client.crt"}. @end deftypevr -@deftypevr {@code{openvpn-server-configuration} parameter} string key +@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string key The key of the machine the daemon is running on. It must be the key whose certificate is @code{cert}. diff --git a/gnu/services/vpn.scm b/gnu/services/vpn.scm index 658d5c3e88..70f2617c7e 100644 --- a/gnu/services/vpn.scm +++ b/gnu/services/vpn.scm @@ -273,16 +273,16 @@ servers.") "The device type used to represent the VPN connection.") (ca - (string "/etc/openvpn/ca.crt") + (maybe-string "/etc/openvpn/ca.crt") "The certificate authority to check connections against.") (cert - (string "/etc/openvpn/client.crt") + (maybe-string "/etc/openvpn/client.crt") "The certificate of the machine the daemon is running on. It should be signed by the authority given in @code{ca}.") (key - (string "/etc/openvpn/client.key") + (maybe-string "/etc/openvpn/client.key") "The key of the machine the daemon is running on. It must be the key whose certificate is @code{cert}.") |