Skip to content

Instantly share code, notes, and snippets.

@CasperCL

CasperCL/Private-VPN.md

Last active February 13, 2020 09:26
Show Gist options
  • Save CasperCL/d761c26545a90e57345cb586f05ed41d to your computer and use it in GitHub Desktop.
Save CasperCL/d761c26545a90e57345cb586f05ed41d to your computer and use it in GitHub Desktop.
Download ZIP
Private VPN (On Demand)
Raw
Private-VPN.md

Private VPN (On Demand)

Don't use VPN Services, roll your own.

8 steps to setup a private on demand VPN. With this setup you can spin up (and shutdown) a private VPN with just two buttons.

Prerequisites

Costs

You pay $0.007/hr for the server. That's 5$ if you let it run all month. Snapshots are charged at a rate of $0.05/GB per month (you'll need 2GB) so that will costs 0.10$ a month.

Guide

Step 1: Create a Droplet

Go to OpenVPN Access Server and click 'Configure OpenVPN Access Server Droplet'.

From there:

  • You'd want to select the smallest machine (5$/mo)
  • Don't enable backups
  • Select a region of you liking (you can add more later on), but do make note of what region you choose right now.
  • Select or add a SSH key
  • Hit create

From here on you'd want to follow the marketplace steps

I'd advice to create a seperate account on the Access Server to access the VPN using a non admin account.

You can login with your phone/pc/table on the instance by going directly to the https://$IP, download the profile and import it into the OpenVPN app.

Step 2: Create a snapshot

How to Create Snapshots of Droplet

Step 3: Destroy droplet

How to Delete a Droplet from the DigitalOcean Control Panel

Step 4: Create an API Key

How to Create a Personal Access Token

Step 5: Grab snapshot ID

You can get the snapshot ID from the API, but you can also get it by using the inspect element developer feature. Right click and hit inspect when you hover over VPN the snapshot. Copy the data-id.

<div data-value="openvpn" data-type="snapshot" data-id="50734616" ...

This is the snapshot/image id and you'll need to recreate the Droplet.

Step 6: (Optional) Setup domain

How to Add Domains

Step 7: Install Shortcuts

There are three Shortcuts

  1. VPNUp: it ups the VPN server and copies the IP of the server to your clipboard. It will only boot the server once; pressing the button multiple times won't have effect.
  2. VPNDown: it shuts the VPN server off
  3. VPNStatus: checks if the VPN server is up or not

Step 8: Replace questions with static text

I had to delete all my static variables like my API Key from the shortcuts to share them.

You can just remove the 'ask'-prompts and replace them with text.

You may also choose to add the shortcuts to you widgets or homescreen.

Closing notes

It will take around 2 minutes for your VPN Server to have fully booted. You can check the progress in the Droplet dashboard if you'd like. I've used this setup for some time now and it works like a charm. Sometimes the vpn domain record gets bugged, but you can always access to server using the IP.

You can add SSH-Keys by altering the ssh_keys contents in VPNUp.

VPNDown will terminate all Droplets with tag openvpn-shortcuts, so if you came up with the exact same tag for a different Droplet, change the tag in VPNUp, VPNDown and VPNStatus.

Problems

If you (1) up, (2) down and (3) up it again your DNS record will still point to the old server as long as the TTL (1800seconds default). If the Droplet is on, try connecting using IP instead.

Questions? 👇

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment