vpn-server 0.6.1

Create an on demand VPN Server running with OpenVPN using AWS EC2.

Platform Supported

Repo Stats

Deployments

VPN Server

Create your own VPN server on demand (fully automated) running with OpenVPN using AWS EC2 implemented using python.

How it works

• Create an AWS EC2 instance using a pre-built OpenVPN AMI.
• Create a security group with the necessary ports allowed.
• Configure the vpn server.
• Download the OpenVPN client and connect using public IP of the ec2 instance and login.

To take it a step further, if you have a registered domain in AWS, vpn-server can be accessed with an alias record in route53 pointing to the public IP of the ec2 instance

• All the above steps are performed automatically when creating a new VPN server.
• This module can also be used to clean up all the AWS resources spun up for creating a vpn server.

ENV Variables

Environment variables are loaded from .env file if present.

More on Environment variables

Use cloudping.info to pick the fastest (from current location) available region.

• VPN_USERNAME - Username to access OpenVPN Connect client. Defaults to login profile or openvpn
• VPN_PASSWORD - Password to access OpenVPN Connect client. Defaults to awsVPN2021
• IMAGE_ID - AMI ID to be used. Defaults to a pre-built AMI for the US regions.
• INSTANCE_TYPE - Instance type to use for the VPN server. Defaults to t2.nano, use t2.micro when on free-tier.
• DOMAIN - Domain name for the hosted zone.
• RECORD_NAME - Alias record name using which the VPN server has to be accessed.

To get notification about login information:

• GMAIL_USER - Username of the gmail account.
• GMAIL_PASS - Password of the gmail account.
• RECIPIENT - Email address to which the notification has to be sent.
• PHONE - Phone number to which the notification has to be sent (Only works for US based cellular)

Optionally env vars for AWS config (AWS_ACCESS_KEY, AWS_SECRET_KEY, AWS_REGION_NAME) can be setup.

Install

pip install vpn-server

Usage

from vpn.controller import VPNServer

vpn_server = VPNServer()

vpn_server.create_vpn_server()  # Create a VPN Server, login information will be saved to a JSON file

vpn_server.reconfigure_vpn()  # Re-configure an existing VPN Server

vpn_server.test_vpn()  # Test an existing VPN Server

vpn_server.delete_vpn_server()  # Delete the VPN Server

Manual Configuration

Following are the prompts and response required to configure the VPN server.

• Are you sure you want to continue connecting (yes/no)? yes

1. Please enter 'yes' to indicate your agreement [no]: yes
2. Will this be the primary Access Server node? Default: yes
3. Please specify the network interface and IP address to be used by the Admin Web UI: Default: all interfaces: 0.0.0.0
4. Please specify the port number for the Admin Web UI. Default: 943
5. Please specify the TCP port number for the OpenVPN Daemon. Default: 443
6. Should client traffic be routed by default through the VPN? yes
7. Should client DNS traffic be routed by default through the VPN? Default: No
8. Use local authentication via internal DB? Default: yes
9. Should private subnets be accessible to clients by default? Default: yes
10. Do you wish to login to the Admin UI as "openvpn"? Default: yes
11. Specify the username for an existing user or for the new user account: {USERNAME}
12. Type the password for the 'vicky' account: {PASSWORD}
13. Confirm the password for the 'vicky' account: {PASSWORD}
14. Please specify your Activation key (or leave blank to specify later): {ENTER/RETURN}

• Download the OpenVPN application and get connected to the VPN server.

AWS Resources Used

• EC2
  • Instances
  • AMI
  • KeyPairs
  • SecurityGroups
• Network Interfaces
• VPC [Default]
• Subnet [Default]

Linting

PreCommit will ensure linting, and the doc creation are run on every commit.

Requirement:
pip install --no-cache --upgrade sphinx pre-commit recommonmark

Usage:
pre-commit run --all-files

Links

Repository

Runbook

Package

License & copyright

© Vignesh Sivanandha Rao

Licensed under the MIT License

Change Log

0.6.1 (11/16/2022)

• Remove port number requirement
• Remove env vars displayed in docs
• Update README.md

0.6.0 (11/15/2022)

• Provide option for instance types and validate
• Include validations for env vars
• Dedicated config module for prompts and responses
• Set pypi publish to run on release tags

0.5.9 (11/13/2022)

• Add route53 record to set custom dns name
• Clean up route53 record while deleting vpn server
• Update README.md and docs
• Simplify python-publish.yml

0.5.8 (10/27/2022)

• Improve type hinting
• Upgrade paramiko
• Set build to kick off on push to main branch
• Setup manual workflow dispatch for pypi build

0.5.7 (10/26/2022)

• Add option to store run time files in any directory
• Refactor code
• Bump gmail-connector version to 0.5.4
• Update requirements.txt
• Fix imports

0.5.6 (01/19/2022)

• Flush screen output before carriage return

0.5.5 (01/19/2022)

• Take optional args to delete vpn server

0.5.4 (01/17/2022)

• Redirect prints to log file when used
• Split server config into its own module

0.5.3 (01/12/2022)

• Take vpn_username and vpn_password as args
• Create log files only when requested
• Notify upon failure and attach logfile in email

0.5.2 (01/10/2022)

• Disable printing final config when logged in a file

0.5.1 (01/10/2022)

• Change configuration input to match regex
• Set interactive timeouts

0.5.0 (01/10/2022)

• Take notification args during class instantiation

0.4.9 (01/09/2022)

• Bump gmail-connector version
• Include sender in email notification

0.4.8 (01/09/2022)

• Update return types and docstrings

0.4.7 (01/09/2022)

• Remove AMI_ID from mandatory args
• Retrieve AMI_ID automatically
• Setup AWS defaults
• Update docs

0.4.6 (01/09/2022)

• Make vpn-server a package and onboard to pypi

0.4.5 (01/09/2022)

• Automate onboarding to pypi

0.4.4 (01/09/2022)

• Remove os.system usage and introduce hybrid logger

0.4.3 (01/09/2022)

• Add a note on firewall configuration ports

0.4.2 (01/02/2022)

• Change sensitive values to a list to hide from logs
• Do not log server info

0.4.1 (01/02/2022)

• Hide port number and password from the logs
• Add timeout and display options as arguments
• Add one more option to test/update existing connection

0.4.0 (01/01/2022)

• Add more logging and remove unnecessary args
• Pass the initial 'yes' as part of the configuration dict
• Bump timeout to 30 seconds

0.3.9 (01/01/2022)

• Restructure static methods into a single module

0.3.8 (01/01/2022)

• Use paramiko for interactive ssh commands
• Get rid of the OS limitation
• Improve the overall speed of configuration
• Add an option to reconfigure

0.3.7 (12/31/2021)

• Upgrade gmailconnector version
• Update year in LICENSE file

0.3.6 (10/04/2021)

• Strip https from notification URL
• Distinguish attempt wise notification
• Log a warning message if env vars for notification is missing

0.3.5 (09/24/2021)

• FEATURE::Sends a notification when a second instance is triggered
• Swap delete security group and sleeper

0.3.4 (09/24/2021)

• Simplify notification process
• Add logs to .gitignore

0.3.3 (09/23/2021)

• Write only to file when triggered by Jarvis
• Remove root logger
• Move sleeper within class

0.3.2 (09/23/2021)

• Add loggingWrapper for file and console logging
• Create log files when triggered by Jarvis
• Add datetime to email subject to avoid threads

0.3.1 (09/22/2021)

• Add optional email notification upon vpn startup

0.3.0 (09/21/2021)

• Fix buggy walrus operator which kept failing notifications
• Reduce file IO operations
• Strip https from url in notification
• Increase wait time while shutting down vpn
• Modify sleeper in _instance_info
• Remove optional arguments

0.2.9 (09/21/2021)

• Split sleep time as its own function to avoid redundancy

0.2.8 (09/21/2021)

• Log results of notification
• Change method name to avoid conflict with module
• Add waiting time for file IO to finish

0.2.7 (09/20/2021)

• Add a feature to send login details via SMS
• Update requirements.txt and docstrings

0.2.6 (09/20/2021)

• Add custom PORT number feature

0.2.5 (09/20/2021)

• Add VPN_USERNAME option for custom login info
• Write region name in server_info.json
• Add a color to terminal
• Update README.md and docstrings

0.2.4 (09/20/2021)

• Update styling in README.md to populate in sphinx docs

0.2.3 (09/20/2021)

• Use region specific AMI IDs
• Add more info on env vars to README.md
• Clean up and update docstrings

0.2.2 (09/20/2021)

• Redirect client traffic via VPN automatically
• Update README.md and add applescript in docstring

0.2.1 (09/20/2021)

• Optionally load env-vars from .env file

0.2.0 (09/20/2021)

• Make script to initiate only from commandline
• Don't exit script until SecurityGroup is deleted
• Update requirements.txt and docs

0.1.9 (09/16/2021)

• Change branch name to main to pick up page build

0.1.8 (09/16/2021)

• Add manual config info for Windows OS
• Clean up
• Update README.md and docs

0.1.7 (09/16/2021)

• FEATURE::Spins up a VPN Server on EC2 with a single click
• Add all the automation bits
• Add time converter to calculate run time
• Add an apple script for the automation
• Add functionality to re-use AWS resources

0.1.6 (09/16/2021)

• Setup github action for docs

0.1.5 (09/15/2021)

• Add features to create and delete SecurityGroups
• Reconfigure flow of code
• Update docstrings and docs

0.1.4 (09/15/2021)

• Proceed to terminate instance even when KeyPair deletion fails
• Add access key and secret id as optional arguments during class initialization

0.1.3 (09/15/2021)

• First automation to add ip and host entry in known_hosts file

0.1.2 (09/15/2021)

• Delete recent instance if an instance id is not provided to terminate
• Delete instance_info.json while terminating an instance

0.1.1 (09/14/2021)

• Onboard sphinx auto docs
• Add pre-commit and sync up with doc generation
• Rename repo from openvpn to vpn-server

0.1.0 (09/14/2021)

• Update README.md

0.0.9 (09/14/2021)

• Wrap everything inside a class and add docstrings

0.0.8 (09/14/2021)

• Add exception handlers where necessary

0.0.7 (09/14/2021)

• Get public dns name and public ip address and write as JSON

0.0.6 (09/14/2021)

• Add functions to delete keypair and terminate instance

0.0.5 (09/14/2021)

• Add logging instead of print statements

0.0.4 (09/14/2021)

• Create pem file while spinning up an instance

0.0.3 (09/14/2021)

• Base script to create an instance using an AMI ID
• Add requirements.txt

0.0.2 (09/14/2021)

• Update LICENSE, README.md and add .gitignore

0.0.1 (09/14/2021)

• Initial commit