amnezia-client/client/server_scripts/template_openvpn.ovpn

client
dev tun
proto $PROTO
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-256-GCM
auth SHA512
verb 3
tls-client
tls-version-min 1.2
key-direction 1
remote-cert-tls server
redirect-gateway def1 bypass-dhcp

dhcp-option DNS $PRIMARY_DNS
dhcp-option DNS $SECONDARY_DNS
block-outside-dns

remote $REMOTE_HOST $REMOTE_PORT

<ca>
$CA_CERT
</ca>
<cert>
$CLIENT_CERT
</cert>
<key>
$PRIV_KEY
</key>
<tls-auth>
$TA_KEY
</tls-auth>