vpn-server 1.3

Create an on demand VPN Server running with OpenVPN using AWS EC2

Platform Supported

Repo Stats

Deployments

VPN Server

• You need a VPN but don't want to pay for it?
• OpenVPN is the solution, but configuring it manually can be a lengthy process.
• Once configured, keeping the instance up all the time costs $$.
• Scaling up/down a VPN server on demand can make that lengthy process an absolute nightmare.
• This module allows you to create your own on demand VPN server in under 2 minutes.
• The solution is fully automated and runs with OpenVPN using AWS EC2.

How it works

• Create an AWS EC2 instance using a pre-built OpenVPN AMI.
• Create a security group with the necessary ports allowed.
• Configure the vpn server using SSH.
• Download the OpenVPN client and connect using the public DNS of the ec2 instance.
• All set! Now the internet traffic will be routed through the VPN. Verify it using an IP Lookup

To take it a step further, if you have a registered domain in AWS, vpn-server can be accessed with an alias record in route53 pointing to the public IP of the ec2 instance.

• All the above steps are performed automatically when creating a new VPN server.
• This module can also be used to clean up all the AWS resources spun up for creating a vpn server.

ENV Variables

Environment variables are loaded from any env file if present.

More on Environment variables

• VPN_USERNAME - Username to access OpenVPN Connect client.

• VPN_PASSWORD - Password to access OpenVPN Connect client.

• VPN_PORT - Port number for web interfaces.

• IMAGE_ID - AMI ID to be used. Defaults to a pre-built AMI from SSM parameter for OpenVPN Access Server AMI Alias.

• INSTANCE_TYPE - Instance type to use for the VPN server. Defaults to t2.nano, use t2.micro if under free-tier.

• KEY_PAIR - Name of the key pair file to connect to ec2.

• SECURITY_GROUP - Name of the security group.

• VPN_INFO - Name of the JSON file to dump the server information.

• HOSTED_ZONE - Domain name for the hosted zone.

• SUBDOMAIN - Alias record name using which the VPN server has to be accessed.

Optionally env vars for AWS config (AWS_PROFILE_NAME, AWS_ACCESS_KEY, AWS_SECRET_KEY, AWS_REGION_NAME) can be setup.

Install

python -m pip install vpn-server

Usage

import os

os.environ['env_file'] = 'custom'  # to load a custom .env file

import vpn

# Instantiates the object, takes the same args as env vars.
vpn_server = vpn.VPNServer()  # Defaults to console logging, but supports custom logger.

vpn_server.create_vpn_server()  # Create a VPN Server, login information will be saved to a JSON file.

# Test an existing VPN Server (not required, as a test is run right after creation anyway)
# vpn_server.test_vpn()

vpn_server.delete_vpn_server()  # Deletes the VPN Server removing the AWS resources acquired during creation.

Limitations

Currently expose cannot handle, tunneling multiple port numbers without modifying the following env vars in the .env file.

KEY_PAIR        # SSH connection to AWS ec2
KEY_FILE        # Private key filename for self signed SSL
CERT_FILE       # Public certificate filename for self signed SSL
SERVER_INFO     # Filename to dump JSON data with server configuration information
SECURITY_GROUP  # Ingress and egress firewall rules to control traffic allowed via VPC

Coding Standards

Docstring format: Google
Styling conventions: PEP 8
Clean code with pre-commit hooks: flake8 and isort

Release Notes

Requirement

python -m pip install gitverse

Usage

gitverse-release reverse -f release_notes.rst -t 'Release Notes'

Linting

PreCommit will ensure linting, and the doc creation are run on every commit.

Requirement

pip install sphinx==5.1.1 pre-commit recommonmark

Usage

pre-commit run --all-files

Links

Repository

Runbook

Package

License & copyright

© Vignesh Rao

Licensed under the MIT License