Skip to content

A way to deploy kylmanna/docker-openvpn in AWS EC2 using Terraform and Puppet.

Notifications You must be signed in to change notification settings

brasey/deploy-docker-openvpn

Repository files navigation

deploy-docker-openvpn

Description

A way to deploy kylmanna/docker-openvpn in AWS EC2 using Terraform and Puppet.

docker-openvpn is a great project that defines a Docker container that runs OpenVPN. If you're looking for a way to set up your own VPN, this is a really good option.

Running OpenVPN in a container is just a great idea.

This project deploys a Fedora Cloud server. I've configured firewall rules and SELinux to secure things as much as possible.

Prerequisites

Terraform

Terraform is a cool project from Hashicorp that allows you to define a stack of infrastructure in code, then CRUD that infrastructure. Download and install it.

AWS

The point of this project is to set up an OpenVPN box in AWS, so obviously you need an AWS account. For this project, you will also need

FQDN

While you don't technically need a 'friendly' name for your VPN, this project depends on your having one. You could work your way around this, but I didn't think it too burdensome to require one. You'll need to be able to assign the IP address of your VPN to this FQDN after you're assigned one during provisioning.

I've also included managing this FQDN in Route53, if you go your own way you'll have to comment out this stuff.

Make it so

Configuration

First, you need to edit a couple of text files. I included examples in the project; just edit these and rename them.

terraform.tfvars

  • aws_access_key - Your Access Key ID.
  • aws_secret_key - Your Secret Access Key.
  • region - AWS region to deploy to.
  • route53_domain_name - The domain your FQDN will be in.
  • base_image - AMI ID of the Fedora Cloud image in your region. The included ID is Fedora 29 in us-east-1.
  • instance_type - EC2 instance type. t2.micro is probably fine for personal use.
  • ssh_key - Path to your local secret EC2 (SSH) Key.
  • ssh_key_name - Name of the Key Pair in EC2.

files_to_provision/vpn.yaml

  • vpn_url - The FQDN you'll assign to your VPN.
  • clients - A list of client configs you want to generate. This could be a single client config if that's what you want.

Note! yaml is very sensitive to syntax, so watch your spaces and indents.

Deploy to AWS

terraform plan

This will tell you what Terraform is going to do.

terraform apply

This will deploy your VPN in AWS. At the end of the run, it will output the IP address of your EC2 instance.

Configure your VPN

ssh -i /path/to/your_private_key.pem [email protected]
sudo /opt/docker-openvpn/quickstart.sh

Answer the prompts and configure your VPN.

Note that the CA setup phase can take a long time. Be patient.

Client setup

Client configs for each of the clients you defined will be on your EC2 instance. Retrieve them

scp -i /path/to/your_private_key.pem [email protected]:your_client.ovpn .

and set up your client.

About

A way to deploy kylmanna/docker-openvpn in AWS EC2 using Terraform and Puppet.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published