Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


OpenVPN automated installer
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

OpenVPN automated installer

NyrNyr Community Contributor, Veteran
Few people asked me for the link since it wast lost with the hacks:
https://github.com/Nyr/openvpn-install

It's an script that will set up OpenVPN on Debian-based systems and generate certs/config automagically.
«13456710

Comments

  • Please add an option to install OpenVPN at TCP or UDP.
    Thanked by 1akhfa
  • NyrNyr Community Contributor, Veteran
    edited May 2013
    @SayangAlif sorry, not at this time. OpenVPN over TCP isn't really useful for me.

    If I were to add something like that I would probably want a TCP+UDP option, but that involves two daemons and few more work.
  • Noob question, can openvpn be installed on the same vps as a controll panel, like kloxo?
    Thanks

  • NyrNyr Community Contributor, Veteran
    edited May 2013

    @thedarkfox said:
    Noob question, can openvpn be installed on the same vps as a controll panel, like kloxo?
    Thanks

    Yes.

  • trexostrexos Member
    edited May 2013

    Wow! Thanks a lot. I've been trying to install OpenVPN now for about 3 days. I tried autoinstaller, different tutorials and nothing was working. But your installer works great! And with it I can easily set up new accounts or delete old ones. Thank you so much! :)

    Edit: just a short question: it uses 1024bit encryption right?

  • NyrNyr Community Contributor, Veteran

    @trexos said:
    Edit: just a short question: it uses 1024bit encryption right?

    OpenVPN only uses long PKI keys for authentication. 2048 bit keys by default IIRC, but doesn't really matter.

    During the session, symmetric-key algorithms with lower key lengths are used.

    TL;DR: don't worry.

  • just noticed line 27 and 31 are slightly different of using "grep -q '.'"

    not sure if supposed to be like this?

  • trexostrexos Member

    Ok thanks :)

    another question: you wrote that there might be a problem with using this script @lowendspirit boxes because of the NAT IPv4. Is this problem solved, when I set the right IP while the script is running?

  • NyrNyr Community Contributor, Veteran

    @yaocheng said:
    just noticed line 27 and 31 are slightly different of using "grep -q '.'"

    not sure if supposed to be like this?

    Yeah, the -q means it doesn't show the output and I didn't needed sdout the first time it's used :)

    @trexos said:
    Ok thanks :)

    another question: you wrote that there might be a problem with using this script lowendspirit boxes because of the NAT IPv4. Is this problem solved, when I set the right IP while the script is running?

    The internal IP with LowEndSpirit boxes is autodetected, so no need to touch that during the setup. Once installation finishes, you need to set the external IPv4 instead the internal one on your client.conf.

  • trexostrexos Member

    But the script asks about the Ip, doesn't it? Isn't it possible to set it there?

  • NyrNyr Community Contributor, Veteran

    @trexos said:
    But the script asks about the Ip, doesn't it? Isn't it possible to set it there?

    It's possible (and needed) to set the internal IP there. If you set the public IP instead, isn't going to work with a NATed box.

  • trexostrexos Member

    Okay but with a normal VPS I have to enter the external IP?

  • NyrNyr Community Contributor, Veteran

    @trexos said:
    Okay but with a normal VPS I have to enter the external IP?

    No.

  • trexostrexos Member

    I think we are meaning different things :P

    I mean this field:
    First I need to know the IPv4 address of the network interface you want OpenVPN
    listening to.
    IP address: 111.222.333.444

    Here I have to enter the IPv4 if it's not a NAT'ed VPS, haven't I?

  • NyrNyr Community Contributor, Veteran

    The IP should be autodetected. If it isn't, or it's wrong, you can enter your VPS IP there, but the default should work on most setups.

  • trexostrexos Member

    Yeah and I mean if it's possible to enter here the external IP from a NAT'ed VPS. Not possible right? I have leave the default IP and change the IP in the client.conf file to the external IP?

  • NyrNyr Community Contributor, Veteran

    @trexos said:
    I have leave the default IP and change the IP in the client.conf file to the external IP?

    Correct. Just follow the instructions.

  • ChanChan Member

    Fantastic script, I used it to setup a VPN for a friend of mine today on a httpzoom node and it worked perfect!

  • trexostrexos Member
    edited May 2013

    Yeah! Using this script @bandwagonhost and @httpzoom :) both debian 6.0.7 64bit minimal.

  • udkudk Member

    Works perfectly, all done within minutes! Thanks

  • trexostrexos Member

    awesome update! thanks :)

  • DroidzoneDroidzone Member
    edited July 2013

    Awesome script. You could use bash functions and reduce the size a bit. I'd also like an option to build openvpn from source too, instead of the apt package. I made a fork of it and trying that. The source package doesn't seem to have easy-rsa examples.

  • awsonawson Member
    edited July 2013

    @joelgm said:
    Awesome script. You could use bash functions and reduce the size a bit. I'd also like an option to build openvpn from source too, instead of the apt package. I made a fork of it and trying that. The source package doesn't seem to have easy-rsa examples.

    Neither do new OpenVPN packages. Just use the easy-rsa directory from this repo:

    https://github.com/OpenVPN/easy-rsa

  • NyrNyr Community Contributor, Veteran

    @joelgm @awson looks like easy-rsa will be available as a separate package with future Debian versions. I will update the script in the future to either use that package from the repos or a standalone one before jessie becomes stable :)

    @joelgm I know I should use some functions too. Will cleanup the script in the future before adding new features.

    I don't plan on compiling from the sources in the near future, I don't think that would be a good idea on very low RAM containers.

    Thanks for the suggestions, guys!

  • ideas: possible of adding more customized ports and option to listen to tcp as well?

  • NyrNyr Community Contributor, Veteran

    @yaocheng said:
    ideas: possible of adding more customized ports and option to listen to tcp as well?

    Maybe in the future, that was requested by another user too :)

  • user123user123 Member
    edited August 2013

    Is anyone else having everything error out after the DH key is generated? Until that point, the script was working as expected. Any ideas what caused this or how to fix it?
    @Nyr

    ./openvpn-install.sh: line 160: cd: /usr/share/doc/openvpn/examples/sample-config-files: No such file or directory
    gzip: server.conf.gz: No such file or directory
    cp: cannot stat server.conf': No such file or directory sed: can't read server.conf: No such file or directory sed: can't read server.conf: No such file or directory sed: can't read server.conf: No such file or directory sed: can't read server.conf: No such file or directory sed: can't read server.conf: No such file or directory ./openvpn-install.sh: line 185: /etc/init.d/openvpn: No such file or directory sed: can't read /usr/share/doc/openvpn/examples/sample-config-files/client.conf: No such file or directory cp: cannot stat/usr/share/doc/openvpn/examples/sample-config-files/client.conf': No such file or directory
    sed: can't read client.conf: No such file or directory
    sed: can't read client.conf: No such file or directory
    tar: client.conf: Cannot stat: No such file or directory
    tar: Exiting with failure status due to previous errors

    Finished!

    Your client config is available at ~/ovpn-client.tar.gz

    If you want to add more clients, you simply need to run this script another time!

  • NyrNyr Community Contributor, Veteran

    @user123 that's weird. Can you please tell me what Linux distro and version are you using the script in?

  • @Nyr Debian 6.0 32-bit. 2.6.32-042stab074.10.

  • NyrNyr Community Contributor, Veteran

    @user123 there is definitely something weird going on, since the directory appearing as missing is definitely there on the official Debían Squeeze packages.

    I don't know if that's possible, but could I maybe get access to that box you are trying to install the script in?

    If not, please paste here the output of:
    dpkg --get-selections | grep openvpn

    Also a ls of:
    /usr/share/doc/openvpn

Sign In or Register to comment.