vpn-server 0.6.4

Create an on demand VPN Server running with OpenVPN using AWS EC2

Platform Supported

Repo Stats

Deployments

VPN Server

• You need a VPN but don't want to pay for it?
• OpenVPN is the solution, but configuring it manually can be a lengthy process.
• Once configured, keeping the instance up all the time costs $$.
• Scaling up/down a VPN server on demand can make that lengthy process an absolute nightmare.
• This module allows you to create your own on demand VPN server in under 2 minutes.
• The solution is fully automated and runs with OpenVPN using AWS EC2.

How it works

• Create an AWS EC2 instance using a pre-built OpenVPN AMI.
• Create a security group with the necessary ports allowed.
• Configure the vpn server using SSH.
• Download the OpenVPN client and connect using public IP of the ec2 instance.
• All set! Now the internet traffic will be routed through the VPN. Verify it using an IP Lookup

To take it a step further, if you have a registered domain in AWS, vpn-server can be accessed with an alias record in route53 pointing to the public IP of the ec2 instance.

• All the above steps are performed automatically when creating a new VPN server.
• This module can also be used to clean up all the AWS resources spun up for creating a vpn server.

ENV Variables

Environment variables are loaded from .env file if present.

More on Environment variables

• IMAGE_ID [REQUIRED] - AMI ID to be used. Defaults to a pre-built AMI for the US regions. Refer OpenVPN Access Server for other regions.
• INSTANCE_TYPE - Instance type to use for the VPN server. Defaults to t2.nano, use t2.micro if under free-tier.
• VPN_USERNAME - Username to access OpenVPN Connect client. Defaults to log in profile or openvpn
• VPN_PASSWORD - Password to access OpenVPN Connect client. Defaults to awsVPN2021
• DOMAIN - Domain name for the hosted zone.
• RECORD_NAME - Alias record name using which the VPN server has to be accessed.

To get notification about login information:

• GMAIL_USER - Username of the gmail account.
• GMAIL_PASS - Password of the gmail account.
• RECIPIENT - Email address to which the notification has to be sent.
• PHONE - Phone number to which the notification has to be sent (Works only for US based cellular)

Optionally env vars for AWS config (AWS_ACCESS_KEY, AWS_SECRET_KEY, AWS_REGION_NAME) can be setup.

Install

python -m pip install vpn-server

Usage

import vpn

# Instantiates the object, takes the same args as env vars.
vpn_server = vpn.VPNServer()  # Defaults to console logging. Pass 'log="file"' for file logging.

vpn_server.create_vpn_server()  # Create a VPN Server, login information will be saved to a JSON file.

# Re-configure an existing VPN Server (not required, unless the configuration steps have been interrupted)
# vpn_server.reconfigure_vpn()

# Test an existing VPN Server (not required, as a test is run right after creation anyway)
# vpn_server.test_vpn()

vpn_server.delete_vpn_server()  # Deletes the VPN Server removing the AWS resources acquired during creation.

Manual Configuration

Following are the prompts and response required to configure the VPN server.

• Are you sure you want to continue connecting (yes/no)? yes

1. Please enter 'yes' to indicate your agreement [no]: yes
2. Will this be the primary Access Server node? Default: yes
3. Please specify the network interface and IP address to be used by the Admin Web UI: Default: all interfaces: 0.0.0.0
4. Please specify the port number for the Admin Web UI. Default: 943
5. Please specify the TCP port number for the OpenVPN Daemon. Default: 443
6. Should client traffic be routed by default through the VPN? yes
7. Should client DNS traffic be routed by default through the VPN? Default: No
8. Use local authentication via internal DB? Default: yes
9. Should private subnets be accessible to clients by default? Default: yes
10. Do you wish to login to the Admin UI as "openvpn"? Default: yes
11. Specify the username for an existing user or for the new user account: {USERNAME}
12. Type the password for the 'vicky' account: {PASSWORD}
13. Confirm the password for the 'vicky' account: {PASSWORD}
14. Please specify your Activation key (or leave blank to specify later): {ENTER/RETURN}

• Download the OpenVPN application and get connected to the VPN server.

AWS Resources Used

• EC2
  • Instances
  • SecurityGroups
• VPC [Default]
• Subnet [Default]

Release Notes

Requirement

python -m pip install changelog-generator

Usage

changelog reverse -f release_notes.rst -t 'Release Notes'

Linting

PreCommit will ensure linting, and the doc creation are run on every commit.

Requirement

pip install sphinx==5.1.1 pre-commit recommonmark

Usage

pre-commit run --all-files

Links

Repository

Runbook

Package

License & copyright

© Vignesh Sivanandha Rao

Licensed under the MIT License