An AWS EC2 instance running in your terminal set up using your own IAM account. Having an Android phone with Termux and OpenVPN.
Make sure you have installed Termux and OpenVPN.
In your phone open Termux and install these packages, installing them takes about 30 mins,
apt update
apt install python
pip install magic-wormhole
While installing wormhole at one stage it will be showing you Building wheel for pynacl (PEP 517), after this it will take around 20 mins to finish the installation. (Dont think of it as an error!!!)
While setting up your AWS EC2 instance in the cloud don't forget include the UDP 1194 Port in the networking section.
Installing Docker:
## Installing docker
sudo apt update && sudo apt install docker.io -y
## Configuring docker
sudo groupadd docker # Add your user to the docker group.
sudo usermod -aG docker $USER # Run the following command or Logout and login again and run (that doesn't work you may need to reboot your machine first)
newgrp docker # Check if docker can be run without root
docker run hello-world # Checking if docker has been installed perfectly
A very good docker commands list is avilable here. (Credits:aswinkumar1999)
We will use the most popular Docker image for Open VPN kylemanna/docker-openvpn. For convenience we need to store our VPN’s private key in a Docker volume, named "ovpn-data-family". It is basically a folder that will be shared by all OpenVPN containers. One advantage is that you can remove the container or run OpenVPN commands in parallel.
## Creating the docker volume
OVPN_DATA="ovpn-data-family"
docker volume create --name $OVPN_DATA
## Configuring the dcoker container
PUBLIC="public-ip-or-domain" ## Put the public-ip from the AWS instance that you have created
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://$PUBLIC
## Initializing keys, you have to set up a password and must remember it!!
## You have to enter it four times, don't miss it else it will through an error.
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki
## Generating the client
CLIENT_NAME="my-laptop" #You can put your own name too!!
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full $CLIENT_NAME nopass
## Get the client configuration file, download it from the server and add it to your open vpn client in your machine that which you are going to add it to the vpn
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_getclient $CLIENT_NAME > $CLIENT_NAME.ovpn
The .ovpn file is a configuration file that also contains an unique key for each device. If you lose/change a device you can also remove its credentials from the server.
## Start the server
docker run -v $OVPN_DATA:/etc/openvpn --name openvpn --detach -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn
## Check if the conatiner is running
docker ps
After running the avove command the output will be like:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
597602f73190 kylemanna/openvpn "ovpn_run" 2 seconds ago Up 2 seconds 0.0.0.0:1194->1194/udp openvpn
Now you can test from a client that your traffic is routed trough the VPN server. This can be done after you put the .ovpn file and import them to the OpenVPN clients. This can be done either on your laptop or throgh yor phone. To Download the clients for Windows/Linux and for your Phone Android. The best option is to use your phone to test it. For phone you must also have installed the Termux app from playstore.
Importing the .ovpn file through wormhole:
sudo apt install magic-wormhole #Installing the wormhole package
wormhole send "my_laptop.ovpn" #This will generate a command with a code, put that in your terminal(on laptop)/Termux( on phone) to recieve it.
## Sample: wormhole recieve 7-virginia-drumbeat