summaryrefslogtreecommitdiff
path: root/doc/guix.texi
diff options
context:
space:
mode:
authorJulien Lepiller <julien@lepiller.eu>2020-11-18 14:57:29 +0100
committerJulien Lepiller <julien@lepiller.eu>2020-11-18 15:05:41 +0100
commit5221df34149465c5bbc1a76f83cb09f8911279f5 (patch)
tree17cc9addbca67febd7eb5e91d3ccd2445d2a14a2 /doc/guix.texi
parent82df93e27c57f939c71d9bd184c70d21fa6f605f (diff)
gnu: vpn: Make ca, key and cert optional.
* gnu/services/vpn.scm (openvpn-client-configuration) (openvpn-server-configuration): Make ca, key an cert fields optional. * doc/guix.texi (VPN Services): Document the change.
Diffstat (limited to 'doc/guix.texi')
-rw-r--r--doc/guix.texi20
1 files changed, 14 insertions, 6 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index 99068fccfa..d021384b73 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -24909,14 +24909,18 @@ Defaults to @samp{tun}.
@end deftypevr
-@deftypevr {@code{openvpn-client-configuration} parameter} string ca
+If you do not have some of these files (eg.@: you use a username and
+password), you can disable any of the following three fields by setting
+it to @code{'disabled}.
+
+@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string ca
The certificate authority to check connections against.
Defaults to @samp{"/etc/openvpn/ca.crt"}.
@end deftypevr
-@deftypevr {@code{openvpn-client-configuration} parameter} string cert
+@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string cert
The certificate of the machine the daemon is running on. It should be
signed by the authority given in @code{ca}.
@@ -24924,7 +24928,7 @@ Defaults to @samp{"/etc/openvpn/client.crt"}.
@end deftypevr
-@deftypevr {@code{openvpn-client-configuration} parameter} string key
+@deftypevr {@code{openvpn-client-configuration} parameter} maybe-string key
The key of the machine the daemon is running on. It must be the key whose
certificate is @code{cert}.
@@ -25060,14 +25064,18 @@ Defaults to @samp{tun}.
@end deftypevr
-@deftypevr {@code{openvpn-server-configuration} parameter} string ca
+If you do not have some of these files (eg.@: you use a username and
+password), you can disable any of the following three fields by setting
+it to @code{'disabled}.
+
+@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string ca
The certificate authority to check connections against.
Defaults to @samp{"/etc/openvpn/ca.crt"}.
@end deftypevr
-@deftypevr {@code{openvpn-server-configuration} parameter} string cert
+@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string cert
The certificate of the machine the daemon is running on. It should be
signed by the authority given in @code{ca}.
@@ -25075,7 +25083,7 @@ Defaults to @samp{"/etc/openvpn/client.crt"}.
@end deftypevr
-@deftypevr {@code{openvpn-server-configuration} parameter} string key
+@deftypevr {@code{openvpn-server-configuration} parameter} maybe-string key
The key of the machine the daemon is running on. It must be the key whose
certificate is @code{cert}.