mirror of
https://github.com/Nyr/openvpn-install.git
synced 2024-11-27 23:46:07 +03:00
Fixed a stunnel-related bug; Updated README
stunnel may fail to launch in CentOS with 'setuid' and 'setgid', so I removed those from the config files. Users are now asked to run stunnel with sudo.
This commit is contained in:
parent
987556aa66
commit
9eba8d40ce
142
README.md
142
README.md
@ -1,21 +1,139 @@
|
|||||||
## OpenVPN install
|
# OpenVPN Installer
|
||||||
OpenVPN installer for Debian, Ubuntu and CentOS.
|
|
||||||
|
|
||||||
This script will let you setup your own VPN server in no more than a minute, even if you haven't used OpenVPN before. It has been designed to be as unobtrusive and universal as possible.
|
## To Developers and Users
|
||||||
|
|
||||||
### To Developers and Users
|
**WARNING: Only Trust Signed Commits.**
|
||||||
Only Trust Signed Commits.
|
|
||||||
|
|
||||||
### Installation
|
## Table of Contents
|
||||||
Run the script and follow the assistant:
|
|
||||||
|
|
||||||
`wget https://raw.githubusercontent.com/birkhoffcheng/openvpn-install/master/openvpn-install.sh && bash openvpn-install.sh`
|
- [Description](#description)
|
||||||
|
- [Installation](#installation)
|
||||||
|
- [Configure clients](#configure-clients)
|
||||||
|
- [Windows](#windows)
|
||||||
|
- [MacOS](#macos)
|
||||||
|
- [Linux](#linux)
|
||||||
|
- [Android](#android)
|
||||||
|
- [iOS](#ios)
|
||||||
|
- [Troubleshooting](#troubleshooting)
|
||||||
|
- [FAQ](#faq)
|
||||||
|
- [Donations](#donations)
|
||||||
|
|
||||||
Once it ends, you can run it again to add more users, remove some of them or even completely uninstall OpenVPN.
|
## Description
|
||||||
|
|
||||||
### Where to get VPS
|
OpenVPN installer for Debian, Ubuntu and CentOS, with support for OpenVPN over SSL.
|
||||||
You can get a VPS from as little as $2.5/month at [Vultr](https://www.vultr.com/?ref=7088313) or $5/month at [DigitalOcean](https://m.do.co/c/c51ec51bb352).
|
|
||||||
|
|
||||||
### Donations
|
This script lets you set up your own OpenVPN server in minutes, even if you no experience OpenVPN before. It's designed to be as simple, unobtrusive, and universal as possible.
|
||||||
|
|
||||||
|
## Installation
|
||||||
|
|
||||||
|
If you run into any issues during installation, please refer to [Troubleshooting](#Troubleshooting).
|
||||||
|
### Install on CentOS/Debian/Ubuntu
|
||||||
|
|
||||||
|
- Run this in a terminal on your server, and follow the on-screen instructions:
|
||||||
|
```bash
|
||||||
|
# Download the script
|
||||||
|
wget https://raw.githubusercontent.com/birkhoffcheng/openvpn-install/master/openvpn-install.sh
|
||||||
|
|
||||||
|
# Run the install script
|
||||||
|
sudo bash openvpn-install.sh
|
||||||
|
|
||||||
|
# Start stunnel (only if you're using OpenVPN over SSL)
|
||||||
|
sudo stunnel
|
||||||
|
```
|
||||||
|
- Once it finishes, your OpenVPN server is up and running! You should [configure client devices](#configure-clients) next.
|
||||||
|
|
||||||
|
## Configure clients
|
||||||
|
|
||||||
|
### Before continuing...
|
||||||
|
|
||||||
|
- Download `stunnel.conf` and the `.ovpn` file from your server.
|
||||||
|
- If your username is `root`, they're located at `/root`.
|
||||||
|
- Otherwise, they're located at `/home/<YOUR USERNAME>`.
|
||||||
|
|
||||||
|
### OS-specific setup processes
|
||||||
|
|
||||||
|
#### Windows
|
||||||
|
|
||||||
|
- Configure `stunnel`. Skip to the next section if you're NOT using OpenVPN over SSL
|
||||||
|
- Download and install [stunnel](https://www.stunnel.org/downloads.html)
|
||||||
|
- Start `stunnel` by launching `stunnel GUI start ` from the Start Menu
|
||||||
|
- Locate the `stunnel` icon in the Task Bar, right click, and select `Edit Configuration`
|
||||||
|
- Copy everything in `stunnel.conf` and paste into the `stunnel` configuration file. Save and close it after editing.
|
||||||
|
- Right click on the `stunnel` icon again, and select `Reload Configuration`
|
||||||
|
- Configure OpenVPN
|
||||||
|
- Download and install [OpenVPN](https://openvpn.net/index.php/open-source/downloads.html)
|
||||||
|
- Start `OpenVPN GUI` from the Start Menu
|
||||||
|
- Locate the OpenVPN icon in the Task Bar, right click, and select `Import file...`
|
||||||
|
- Select your OVPN file
|
||||||
|
- Right click on the OpenVPN icon again, and select `Connect`
|
||||||
|
|
||||||
|
#### MacOS
|
||||||
|
|
||||||
|
- Supported. Instructions coming soon.
|
||||||
|
|
||||||
|
#### Linux
|
||||||
|
|
||||||
|
- Install `stunnel` and `openvpn` on your device.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Debian/Ubuntu
|
||||||
|
sudo apt install -y stunnel openvpn
|
||||||
|
|
||||||
|
# CentOS/RHEL
|
||||||
|
sudo yum install -y epel-release
|
||||||
|
sudo yum install -y stunnel openvpn
|
||||||
|
|
||||||
|
# Fedora
|
||||||
|
sudo dnf install -y stunnel openvpn
|
||||||
|
```
|
||||||
|
|
||||||
|
- If you're using OpenVPN over SSL, configure and start `stunnel`
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Run this in the directory that contains 'stunnel.conf'
|
||||||
|
sudo cp stunnel.conf /etc/stunnel/
|
||||||
|
# Start stunnel
|
||||||
|
sudo stunnel
|
||||||
|
```
|
||||||
|
|
||||||
|
- Connect to OpenVPN
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Run this in the directory that contains your OVPN file
|
||||||
|
# Replace 'client' with your OVPN filename
|
||||||
|
openvpn --config client.ovpn
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Android
|
||||||
|
|
||||||
|
- Supported. Instructions coming soon.
|
||||||
|
|
||||||
|
#### iOS
|
||||||
|
|
||||||
|
- OpenVPN is supported on iOS, but OpenVPN over SSL is not supported.
|
||||||
|
- If you installed OpenVPN without SSL, download [OpenVPN Connect from App Store](https://itunes.apple.com/app/openvpn-connect/id590379981)
|
||||||
|
- Follow the on-screen instruction to add the OpenVPN profile.
|
||||||
|
|
||||||
|
## Troubleshooting
|
||||||
|
|
||||||
|
- `wget: command not found`: This means that `wget` isn't install it on your server. Just install it and try again. To install `wget`:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
# Run this on Debian/Ubuntu
|
||||||
|
sudo apt -y install wget
|
||||||
|
|
||||||
|
# Run this on CentOS
|
||||||
|
sudo yum -y install wget
|
||||||
|
```
|
||||||
|
|
||||||
|
- `The TUN device is not available. You need to enable TUN before running this script`: Follow [this guide](https://help.skysilk.com/support/solutions/articles/9000136471-how-to-enable-tun-tap-on-linux-vps-with-skysilk).
|
||||||
|
|
||||||
|
## FAQ
|
||||||
|
|
||||||
|
### Where to find a VPS
|
||||||
|
|
||||||
|
You can get a VPS for as little as $2.50/month (IPv6 only) or $5/month (with IPv4) at [Vultr](https://www.vultr.com/?ref=7088313) or $5/month (with IPv4) at [DigitalOcean](https://m.do.co/c/c51ec51bb352).
|
||||||
|
|
||||||
|
## Donations
|
||||||
|
|
||||||
If you want to show your appreciation, you can donate via [PayPal](https://paypal.me/birkhoffcheng) or Bitcoin (12R4euPg17EfJyYNfdTxjiQ2SctW1b4CRz). Thanks!
|
If you want to show your appreciation, you can donate via [PayPal](https://paypal.me/birkhoffcheng) or Bitcoin (12R4euPg17EfJyYNfdTxjiQ2SctW1b4CRz). Thanks!
|
||||||
|
@ -278,8 +278,6 @@ else
|
|||||||
pid = /var/run/stunnel4.pid
|
pid = /var/run/stunnel4.pid
|
||||||
debug = 7
|
debug = 7
|
||||||
output = /var/log/stunnel4/stunnel.log
|
output = /var/log/stunnel4/stunnel.log
|
||||||
setuid = root
|
|
||||||
setgid = root
|
|
||||||
socket = l:TCP_NODELAY=1
|
socket = l:TCP_NODELAY=1
|
||||||
socket = r:TCP_NODELAY=1
|
socket = r:TCP_NODELAY=1
|
||||||
[openvpn]
|
[openvpn]
|
||||||
@ -450,9 +448,7 @@ connect = $IP:$PORT
|
|||||||
TIMEOUTclose = 1000
|
TIMEOUTclose = 1000
|
||||||
session=300
|
session=300
|
||||||
stack=65536
|
stack=65536
|
||||||
sslVersion=TLSv1.2
|
sslVersion=TLSv1.2" > /etc/stunnel/stunnel-client.conf
|
||||||
setuid=root
|
|
||||||
setgid=root" > /etc/stunnel/stunnel-client.conf
|
|
||||||
cp /etc/stunnel/stunnel-client.conf $HOME/stunnel.conf
|
cp /etc/stunnel/stunnel-client.conf $HOME/stunnel.conf
|
||||||
fi
|
fi
|
||||||
# Generates the custom client.ovpn
|
# Generates the custom client.ovpn
|
||||||
|
Loading…
Reference in New Issue
Block a user