From 11c2a6ad6bcc1be772a0608af0ea6dc5fafc0038 Mon Sep 17 00:00:00 2001
From: Christopher Howard <christopher.howard@qlfiles.net>
Date: Mon, 1 Jan 2018 08:36:41 -0900
Subject: [PATCH] Adds more material to OpenVPN Layer 2 Server doc

---
 docs/OpenVPN_Layer_2_Server.md | 26 +++++++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

diff --git a/docs/OpenVPN_Layer_2_Server.md b/docs/OpenVPN_Layer_2_Server.md
index 6c03aac983..faaabc956f 100644
--- a/docs/OpenVPN_Layer_2_Server.md
+++ b/docs/OpenVPN_Layer_2_Server.md
@@ -1,8 +1,10 @@
 # OpenVPN Layer 2 Server
 
-## Installing OpenVPN packages
+## Required packages
 
-TODO
+* openvpn-openssl
+* openvpn-easy-rsa
+* luci-app-openvpn
 
 ## Interface Setup
 
@@ -10,7 +12,19 @@ TODO
 
 ## Certificate and Key Setup Instructions
 
-TODO
+N.B.: The LEDE community rejected easy-rsa on the grounds that it does
+not crease secure enough certs.[1] But it does seem to be, well, easy to
+use:
+
+```
+cd /etc/easy-rsa
+source vars
+clean-all
+build-ca
+build-dh
+build-key-server myvpn
+openvpn --genkey --secret /etc/easy-rsa/keys/ta.key
+```
 
 ## Server configuration
 
@@ -59,3 +73,9 @@ config openvpn 'myvpn'
 ## Client setup information
 
 TODO
+
+## Footnotes
+
+[1] "OpenVPN Server",
+https://lede-project.org/docs/user-guide/openvpn.server?s[]=openvpn&s[]=server,
+retrieved 1 Jan 2017.
-- 
2.25.1