OpenVPN config generator

From EnigmaGuy Wiki
Jump to: navigation, search

Simple configuration generator for OpenVPN which supports static IPs, udp/tcp

GitHub Project

About project

This config generator is type of a tool I was always looking for. Actually you do not have to type some command to generate every simple config and you have all clients configurations in one config file - YAML. Every time you run a config generator it looks to YAML for a new config entries and generates only them. It automatically generates all certificates, not just client, but also CA authority, server keys, etc.

The big advantage of my config generator is that it uses static IP addresses to assign to every point with network topology. What does it mean? Every device connected to VPN is able to communicate with every other device connected to VPN using its static IP address. That does mean that you can build your own private VPN LAN where all your devices are able to communicate together.

Because of problems with interruption of malfunctioning OpenVPN clients I have also written a few scripts to automatically check and restart OpenVPN clients when it is not working.

Installation

1. Copy files to /etc/openvpn 2. Start OpenVPN service for each configuration file and enable it

Directory structure

 1 ├── clients
 2 │   ├── client1
 3 │   │   ├── client1.client.conf
 4 │   │   └── keys
 5 │   │       ├── ca.crt
 6 │   │       ├── client1.crt
 7 │   │       ├── client1.csr
 8 │   │       └── client1.key
 9 │   └── client2
10 │       ├── client2.client.conf
11 │       └── keys
12 │           ├── ca.crt
13 │           ├── client2.crt
14 │           ├── client2.csr
15 │           └── client2.key
16 ├── genkey.py
17 ├── server
18 │   ├── ccd
19 │   │   ├── client1
20 │   │   └── client2
21 │   ├── keys
22 │   │   ├── ca.crt
23 │   │   ├── ca.key
24 │   │   ├── dh2048.pem
25 │   │   ├── server.crt
26 │   │   ├── server.csr
27 │   │   └── server.key
28 │   └── server.conf

Config syntax

 1 ---
 2 server:
 3   fqdn: 'openvpn.server.com'
 4   port: '443'
 5   proto: 'udp'
 6   topology: '192.168.10.0 255.255.255.0'
 7 
 8 clients:
 9   - name: client1
10     ip: 192.168.10.10
11     subnet: 255.255.255.0
12 
13   - name: client2
14     ip: 192.168.10.20
15     subnet: 255.255.255.0

Usage

To generate keys and openvpn configs, just edit config file vpn.yml and run python script genkey.py which will generates all neccesary files. It does not overwrite existing configuration so when you add a new client previous client keys will stay untouched.

Share your opinion