Git Product home page Git Product logo

vpn-setup's Introduction

OpenVPN setup

Автонастройка

Настройка сервера

cd vpn-setup
./init.sh

Далее следуйте указаниям установщика.

Генерация конфига клиента

cd ~/client-configs
./make_config.sh <CLIENT_ID>

Далее следуйте указаниям генератора.

Ручная настройка

Подготовка

Установка необходимых утилит:

apt update
apt install -y openvpn easy-rsa ufw

Ключи и сертификаты сервера

mkdir ~/easy-rsa
ln -s /usr/share/easy-rsa/* ~/easy-rsa/

cd ~/easy-rsa
nano vars

Вставить содержимое vars в ~/easy-rsa/vars.

./easyrsa init-pki
./easyrsa gen-req server nopass
./easyrsa build-ca
./easyrsa sign-req server server
cp pki/ca.crt pki/issued/server.crt pki/private/server.key /etc/openvpn/server

openvpn --genkey secret ta.key
cp ta.key /etc/openvpn/server

Общие ключи и сертификаты клиентов

mkdir -p ~/client-configs/keys
cp ta.key pki/ca.crt  ~/client-configs/keys

Конфигурация OpenVPN

nano /etc/openvpn/server/server.conf

Вставить содержимое server.conf в /etc/openvpn/server/server.conf. Поправить IP и порт.

nano /etc/sysctl.conf

Вставить содержимое sysctl.conf в /etc/sysctl.conf.

sysctl -p

Брандмауэр

ip route list default

Узнать имя интерфейса (e.g. eth0).

nano /etc/ufw/before.rules

Вставить содержимое before.rules в /etc/ufw/before.rules.

nano /etc/default/ufw

Вставить содержимое ufw в /etc/default/ufw.

ufw allow <PORT>/udp
ufw allow OpenSSH
ufw disable
ufw enable

Указать выбранный порт.

Запуск OpenVPN

systemctl -f enable [email protected]
systemctl start [email protected]
systemctl status [email protected]

Генератор клиентских конфигов

mkdir -p ~/client-configs/files
nano ~/client-configs/base.conf

Вставить содержимое base.conf в ~/client-configs/base.conf. Указать IP и порт OpenVPN сервера в директиве remote в конфиге.

nano ~/client-configs/make_config.sh

Вставить содержимое make_config.sh в ~/client-configs/make_config.sh.

chmod +x ~/client-configs/make_config.sh

Генерация конфига:

cd ~/client-configs
./make_config.sh <CLIENT_ID>

Конфиг будет тут ~/client-configs/files/<CLIENT_ID>.ovpn.

Источники

vpn-setup's People

Contributors

azrael avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.