configpolicy/roles/protonvpn/templates/protonvpn.conf.j2

connections {
    protonvpn {
        local_addrs = %any
        include /var/lib/protonvpn/remote_addrs
        vips = 0.0.0.0,::
        keyingtries = 0
        dpd_delay = 10s
        local {
            auth = eap-mschapv2
            eap_id = {{ protonvpn_username }}
        }
        remote {
            auth = pubkey
        }
        children {
            protonvpn {
                remote_ts = {{ protonvpn_tunnel }}
                start_action = start
                close_action = start
                dpd_action = start
            }
        }
    }
}

secrets {
    eap-protonvpn {
        id = {{ protonvpn_username }}
        secret = {{ protonvpn_password }}
    }
}