No description, website, or topics provided.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.idea
chave
tasks
templates
.gitignore
.hosts.swp
.travis.yml
README.md
hosts

README.md

Playbook - Ansible OpenVPN for Ubuntu 16.04

Step 1 - Clone project

# git clone https://github.com/vandocouto/Ansible-OpenVPN.git

Step 2 - Set as variables

# vim hosts
Configure according to your environment

Example:

54.152.178.130 - Server OpenVPN

ansible_ssh_private_key_file=chave/Blog-Estudo.pem

[openvpn]
54.152.178.130

[all:vars]
COUNTRY=BR
PROVINCE=SaoPaulo
CITY=SaoPaulo
EMAIL=vandocouto@gmail.com
OU=TGL
KEY_ORG=tutoriaisgnulinux
KEY_NAME=ServerOpenVPN
INTERFACE=eth0
NETWORK=10.10.10.0/24
SUBNET=10.10.10.0
NETMASK=255.255.255.0
ansible_ssh_user=ubuntu
ansible_ssh_private_key_file=chave/Blog-Estudo.pem

Step 3 - Run playbook

ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i hosts ./tasks/main.yml
Go to the instance and follow the steps below
# cd /etc/openvpn/easy-rsa

Step 4 - Creating the first certificate for the first client

# source ./vars
# ./build-key client

If you want to set a passphrase for the private key of client's private key, you can use the following command.

# ./build-key-pass client
# cd keys/
# ls -ltr
total 80
-rw------- 1 root root 1704 May  8 19:54 ca.key
-rw-r--r-- 1 root root 1724 May  8 19:54 ca.crt
-rw------- 1 root root 1704 May  8 19:54 server.key
-rw-r--r-- 1 root root 1082 May  8 19:54 server.csr
-rw-r--r-- 1 root root 5587 May  8 19:54 server.crt
-rw-r--r-- 1 root root    3 May  8 19:54 serial.old
-rw-r--r-- 1 root root  135 May  8 19:54 index.txt.old
-rw-r--r-- 1 root root   21 May  8 19:54 index.txt.attr.old
-rw-r--r-- 1 root root 5587 May  8 19:54 01.pem
-rw-r--r-- 1 root root  424 May  8 19:55 dh2048.pem
-rw-r--r-- 1 root root 1082 May  8 19:57 client.csr
-rw-r--r-- 1 root root    3 May  8 19:57 serial
-rw-r--r-- 1 root root   21 May  8 19:57 index.txt.attr
-rw-r--r-- 1 root root  270 May  8 19:57 index.txt
-rw-r--r-- 1 root root 5465 May  8 19:57 client.crt
-rw-r--r-- 1 root root 5465 May  8 19:57 02.pem
-rw------- 1 root root    0 May  8 19:57 client.key
Install openvpn client

Step 5 - For Ubuntu/Debian run the following commands.

# apt-get install openvpn

Step 6 - Now copy the client certificates and keys along with CA certificate on your client machine using SCP or FTP. Move the files into /etc/openvpn/easy-rsa directory. Now create a new file using your favorite text editor.

# vim /etc/openvpn/client.ovpn

Step 7 - Create file configuration

client
dev tun
proto udp
remote IP-SERVER-VPN 1194
resolv-retry infinite
nobind
persist-key
persist-tun
comp-lzo
verb 3
ca ca.crt
cert client.crt
key client.key
Start VPN
# openvpn --config client.ovpn