It’s not extremly difficult to set up an openvpn server, but you have to deal with certificates, rsa keys, configs, subnet addresses, iptables … such trifles are annoying.
So I wrote this script to make my life easier, only to provide essential infomation like the server IP, and configuraion will be done at the background, then tared packages are ready for both servers and clients.
Source is available at Github. Pull requests are welcome.
The script is recommanded running at your work station, and then upload only the server part to the server, for secure considerations.
- Provide tared config which ready for any server distribution.
- Random VPN subnet will be generated to avoid conflict.
- Random digital subffixed server/client CommonName will be assigned (if you don’t provide one) for clearer management.
- All those config files are based on examples that ship together within your distribution.
- tls-auth enabled by default.
For new setup:
Just do as promoted. When select 5 to exit, all the files will be packed into a single
NAME-all.tar.gz, you should save it to somewhere safe. And if you want to sign some more certificate from this root ca, put this tar file as the argument.
At last the script also provide you iptables commands that can be useful to setup the server as a VPN gateway.
Direct download via wget/curl should be ok: