OpenVPN config generator

From EnigmaGuy Wiki
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Simple configuration generator for OpenVPN which supports static IPs, udp/tcp

GitHub Project

About project

This config generator is type of a tool I was always looking for. Actually you do not have to type some command to generate every simple config and you have all clients configurations in one config file - YAML. Every time you run a config generator it looks to YAML for a new config entries and generates only them. It automatically generates all certificates, not just client, but also CA authority, server keys, etc.

The big advantage of my config generator is that it uses static IP addresses to assign to every point with network topology. What does it mean? Every device connected to VPN is able to communicate with every other device connected to VPN using its static IP address. That does mean that you can build your own private VPN LAN where all your devices are able to communicate together.

Because of problems with interruption of malfunctioning OpenVPN clients I have also written a few scripts to automatically check and restart OpenVPN clients when it is not working.

Installation

1. Copy files to /etc/openvpn 2. Start OpenVPN service for each configuration file and enable it

Directory structure

├── clients
│   ├── client1
│   │   ├── client1.client.conf
│   │   └── keys
│   │       ├── ca.crt
│   │       ├── client1.crt
│   │       ├── client1.csr
│   │       └── client1.key
│   └── client2
│       ├── client2.client.conf
│       └── keys
│           ├── ca.crt
│           ├── client2.crt
│           ├── client2.csr
│           └── client2.key
├── genkey.py
├── server
│   ├── ccd
│   │   ├── client1
│   │   └── client2
│   ├── keys
│   │   ├── ca.crt
│   │   ├── ca.key
│   │   ├── dh2048.pem
│   │   ├── server.crt
│   │   ├── server.csr
│   │   └── server.key
│   └── server.conf

Config syntax

---
server:
  fqdn: 'openvpn.server.com'
  port: '443'
  proto: 'udp'
  topology: '192.168.10.0 255.255.255.0'

clients:
  - name: client1
    ip: 192.168.10.10
    subnet: 255.255.255.0

  - name: client2
    ip: 192.168.10.20
    subnet: 255.255.255.0

Usage

To generate keys and openvpn configs, just edit config file vpn.yml and run python script genkey.py which will generates all neccesary files. It does not overwrite existing configuration so when you add a new client previous client keys will stay untouched.