mirror/setup-ipsec-vpn
1
0
Fork 0
mirror of synced 2024-11-22 04:56:03 +03:00
Code Issues Projects Releases Wiki Activity

Deploy on Azure

Browse Source
This commit is contained in:
Daniel Falkner 2016-08-10 15:29:42 +02:00
parent 9a7844f869
commit 4d7ca74d4a
4 changed files with 355 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -37,6 +37,12 @@ We will use <a href="https://libreswan.org/" target="_blank">Libreswan</a> as th
## Requirements
Microsoft Azure Subscription
<a href="https://portal.azure.com/#create/Microsoft.Template/uri/https%3A%2F%2Fraw.githubusercontent.com%2Fderdanu%2Fsetup-ipsec-vpn%2Fmaster%2Fazure%2Fazuredeploy.json" target="_blank">
<img src="http://azuredeploy.net/deploybutton.png"/>
</a>
A newly created <a href="https://aws.amazon.com/ec2/" target="_blank">Amazon EC2</a> instance, using these AMIs: (See <a href="https://blog.ls20.com/ipsec-l2tp-vpn-auto-setup-for-ubuntu-12-04-on-amazon-ec2/#vpnsetup" target="_blank">instructions</a>)
- <a href="https://cloud-images.ubuntu.com/locator/" target="_blank">Ubuntu 16.04 (Xenial), 14.04 (Trusty) or 12.04 (Precise)</a>
- <a href="https://wiki.debian.org/Cloud/AmazonEC2Image" target="_blank">Debian 8 (Jessie) EC2 Images</a>

321
azure/azuredeploy.json Normal file
View File

@ -0,0 +1,321 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"username": {
"type": "string",
"minLength": 1,
"metadata": {
"description": "User name for SSH and VPN"
}
},
"password": {
"type": "securestring",
"metadata": {
"description": "User password for SSH and VPN"
}
},
"preSharedKey": {
"type": "securestring",
"metadata": {
"description": "Pre-Shared Key for VPN"
}
},
"image": {
"type": "string",
"allowedValues": [
"ubuntu",
"debian"
],
"defaultValue": "debian",
"metadata": {
"description": "OS to use. Debian or Ubuntu"
}
},
"VMSize": {
"type": "string",
"defaultValue": "Standard_A0",
"allowedValues": [
"Standard_A0",
"Standard_A1",
"Standard_A2",
"Standard_A3",
"Standard_A4",
"Standard_A5",
"Standard_A6",
"Standard_A7",
"Standard_A8",
"Standard_A9",
"Standard_A10",
"Standard_A11",
"Standard_D1",
"Standard_D2",
"Standard_D3",
"Standard_D4",
"Standard_D11",
"Standard_D12",
"Standard_D13",
"Standard_D14",
"Standard_D1_v2",
"Standard_D2_v2",
"Standard_D3_v2",
"Standard_D4_v2",
"Standard_D5_v2",
"Standard_D11_v2",
"Standard_D12_v2",
"Standard_D13_v2",
"Standard_D14_v2",
"Standard_G1",
"Standard_G2",
"Standard_G3",
"Standard_G4",
"Standard_G5",
"Standard_DS1",
"Standard_DS2",
"Standard_DS3",
"Standard_DS4",
"Standard_DS11",
"Standard_DS12",
"Standard_DS13",
"Standard_DS14",
"Standard_GS1",
"Standard_GS2",
"Standard_GS3",
"Standard_GS4",
"Standard_GS5"
],
"metadata": {
"description": "The size of the Virtual Machine."
}
}
},
"variables": {
"location": "[resourceGroup().location]",
"vmName": "vpnserver",
"virtualNetworkName": "vpnVnet",
"addressPrefix": "10.0.0.0/16",
"subnetName": "VPNSubnet",
"subnetPrefix": "10.0.1.0/24",
"apiVersion": "2015-06-15",
"storageName": "[concat(uniqueString(resourceGroup().id), 'vpnsa')]",
"vhdStorageType": "Standard_LRS",
"vnetId": "[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]",
"SubnetRef": "[concat(variables('vnetId'), '/subnets/', variables('subnetName'))]",
"ubuntu": {
"publisher": "Canonical",
"offer": "UbuntuServer",
"sku": "16.04.0-LTS",
"version": "latest"
},
"debian": {
"publisher": "credativ",
"offer": "Debian",
"sku": "8",
"version": "latest"
},
"installScriptURL": "https://raw.githubusercontent.com/derdanu/setup-ipsec-vpn/master/azure/install.sh",
"installCommand": "[concat('sh install.sh ', parameters('preSharedKey'), ' ', parameters('username'), ' ', parameters('password'))]"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('storageName')]",
"apiVersion": "[variables('apiVersion')]",
"location": "[variables('location')]",
"tags": {
"displayName": "StorageAccount"
},
"properties": {
"accountType": "[variables('vhdStorageType')]"
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/virtualNetworks",
"name": "[variables('virtualNetworkName')]",
"location": "[variables('location')]",
"tags": {
"displayName": "VirtualNetwork"
},
"properties": {
"addressSpace": {
"addressPrefixes": [
"[variables('addressPrefix')]"
]
},
"subnets": [
{
"name": "[variables('subnetName')]",
"properties": {
"addressPrefix": "[variables('subnetPrefix')]"
}
}
]
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/networkInterfaces",
"name": "[concat(variables('vmName'), 'nic')]",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "NetworkInterface"
},
"dependsOn": [
"[concat('Microsoft.Network/virtualNetworks/', concat(variables('virtualNetworkName')))]",
"[concat('Microsoft.Network/publicIPAddresses/', concat(variables('vmName'), 'pip'))]",
"[concat('Microsoft.Network/networkSecurityGroups/', concat(variables('vmName'), 'nsg'))]"
],
"properties": {
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', concat(variables('vmName'), 'pip'))]"
},
"subnet": {
"id": "[variables('subnetRef')]"
}
}
}
],
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', concat(variables('vmName'), 'nsg'))]"
}
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Compute/virtualMachines",
"name": "[variables('vmName')]",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "VirtualMachine"
},
"dependsOn": [
"[concat('Microsoft.Network/networkInterfaces/', concat(variables('vmName'), 'nic'))]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[variables('vmName')]",
"adminUsername": "[parameters('username')]",
"adminPassword": "[parameters('password')]"
},
"storageProfile": {
"imageReference": "[variables(parameters('image'))]",
"osDisk": {
"name": "osdisk",
"vhd": {
"uri": "[concat('http://', variables('storageName'), '.blob.core.windows.net/vmachines/', variables('vmName'), '.vhd')]"
},
"caching": "ReadWrite",
"createOption": "FromImage"
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', concat(variables('vmName'), 'nic'))]"
}
]
}
}
},
{
"type": "Microsoft.Compute/virtualMachines/extensions",
"name": "[concat(variables('vmName'),'/installcustomscript')]",
"apiVersion": "[variables('apiVersion')]",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "VirtualMachineCustomScriptExtension"
},
"dependsOn": [
"[concat('Microsoft.Compute/virtualMachines/', variables('vmName'))]"
],
"properties": {
"publisher": "Microsoft.OSTCExtensions",
"type": "CustomScriptForLinux",
"typeHandlerVersion": "1.3",
"settings": {
"fileUris": [ "[variables('installScriptURL')]" ],
"commandToExecute": "[variables('installCommand')]"
}
}
},
{
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[concat(variables('vmName'), 'nsg')]",
"tags": {
"displayName": "NetworkSecurityGroup"
},
"apiVersion": "[variables('apiVersion')]",
"location": "[resourceGroup().location]",
"properties": {
"securityRules": [
{
"name": "default-ssh",
"properties": {
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "22",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 1000,
"direction": "Inbound"
}
},
{
"name": "default-udp-500",
"properties": {
"protocol": "Udp",
"sourcePortRange": "*",
"destinationPortRange": "500",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 2000,
"direction": "Inbound"
}
},
{
"name": "default-udp-4500",
"properties": {
"protocol": "Udp",
"sourcePortRange": "*",
"destinationPortRange": "4500",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 2001,
"direction": "Inbound"
}
}
]
}
},
{
"apiVersion": "[variables('apiVersion')]",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[concat(variables('vmName'), 'pip')]",
"location": "[resourceGroup().location]",
"tags": {
"displayName": "PublicIPAddress"
},
"properties": {
"publicIPAllocationMethod": "Static"
}
}
],
"outputs": {
"Public IP": {
"type": "string",
"value": "[reference(concat(variables('vmName'), 'pip')).ipAddress]"
}
}
}

15
azure/azuredeploy.parameters.json Normal file
View File

@ -0,0 +1,15 @@
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"username": {
"value": "Vpnuser"
},
"password": {
"value": "Password123#"
},
"preSharedKey": {
"value": "mypsksupersecure"
}
}
}

13
azure/install.sh Normal file
View File

@ -0,0 +1,13 @@
#/bin/bash
export VPN_IPSEC_PSK=$1
export VPN_USER=$2
export VPN_PASSWORD=$3
# Debian on Azure has no lsb_release installed.
if ! [[ -x "/usr/bin/lsb_release" ]]
then
apt-get update
apt-get install -y lsb-release
fi
wget https://git.io/vpnsetup -O vpnsetup.sh && sh vpnsetup.sh