Bringing up an OpenVPN server from scratch can be hard and tedious. Also, the settings on different operation systems are different. Fortunately, docker saves us, and I would like to give my respect to the contributors of the Docker image for OpenVPN.
Let’s see the steps.
Step 1 Install Docker on Ubuntu if not installed
Please see this article.
Step 2 Set up OpenVPN by one command
IP=<IP> PORT=1194 /bin/bash -c "$(curl -fsSL https://bit.ly/install-openvpn-sh-v5)"You will be asked to type pass phrase for the private keys and common name for the certificate. A passphrase , also known as a private key password, is used to encrypt and secure a private key.
Note: please remember the passphrase because it will be used when producing client configurations.
Generating RSA private key takes a bit time, after that the OpenVPN is installed on your server.
Step 3 Create configuration files for users
The configuration files are used for VPN clients to join the VPN network. The following the command generates configurations for users. The configurations can be with passwords or no passwords.
Generate configuration files without password:
OVPN_DATA="ovpn-data-ucloud" docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full test-user nopass
# Here the password is the password you typed for the private key in Step 2
# Enter pass phrase for /etc/openvpn/pki/private/ca.key:
# After you type the correct password, you would see
# Signature ok
# The Subject's Distinguished Name is as follows
# commonName :ASN.1 12:'test-user'
# Certificate is to be certified until May 8 14:07:14 2025 GMT (825 days)
# Write out database with 1 new entries
# Data Base UpdatedGenerate configuration files with password:
OVPN_DATA="ovpn-data-ucloud" docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full test-user
# Here the password is for user authentication.
# writing new private key to '/etc/openvpn/pki/easy-rsa-1.aohIhA/tmp.BeJgLf'
# Enter PEM pass phrase:
# Verifying - Enter PEM pass phrase:
# Here the password is the password you typed for the private key in Step 2
# Enter pass phrase for /etc/openvpn/pki/private/ca.key:
# After you type the correct password, you would see
# Signature ok
# The Subject's Distinguished Name is as follows
# commonName :ASN.1 12:'test-user'
# Certificate is to be certified until May 8 14:07:14 2025 GMT (825 days)
# Write out database with 1 new entries
# Data Base UpdatedThe previous command has created the configuration file for test-user. Now we need to export the file from docker volume.
Export the configuration file:
OVPN_DATA="ovpn-data-ucloud" docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn ovpn_getclient test-user > test-user.ovpnThe configuration file is named as test-user.ovpn, and then can be sent to a user to let them join connect to the VPN network using proper OpenVPN clients.
Conclusion
The steps to setup a OpenVPN server and use it on a daily basis include: prepare docker environment, run the docker image and generate certificates for users to login.
Please follow me if you like to see tutorials with simply and clear instructions to guide you.
Thanks.
