🏗 CDK App for Amazon CDK! Lets you create your own VPN server in few simple steps.
💸 Suits for AWS Free Tier instances
☀️ Fast, but verbose setup
👯 Mostly copy-pasting
💥 Easy to destroy
🚜 Latest node.js
nvm use 14
🧶 Yarn
npm install -g yarn
🧾 AWS Account
🚜 AWS CLI
🤖 IAM User with following policies:
💭 Important: Create a separate user instead of using default sudo-level access.
💭 Important 2: Best practice is to attach permissions to a group and then add users to that group, rather than giving permissions to user directly. In this particular case there's not much difference, so you can do either.
aws configure
The tool will prompt for an IAM credentials. Fill in ones, created before.
## Actually you need to clone this repo first, and install all deps
git clone https://github.com/hex22a/crash-cdk.git && cd ./crash-cdk && yarn install
yarn cdk deploy
Go to EC2 Dashboard and copy instance id and then SSH to the instance 🔑
mssh ubuntu@INSTANCE_ID
# Set default user password
sudo passwd openvpn
Instance configuration is complete 🎉
Log in as openvpn
user at https://PUBLIC_IP:943/admin
. Ignore SSL warning, or add SSL Cert as trusted to the keychain. You can find your public ip in AWS Console. To bypass Google Chrome's "Not Secure" warning, just type in "thisisunsafe" while the tab is open.
Update Hostname or IP Address at Network Settings (https://PUBLIC_IP:943/admin/network_settings). Value in the field should be your PUBLIC_IP.
Create 👩💻 VPN users, click "More Settings" to set password, enable auto-login
Don't forget to "Update Running Server"
Login as a 👩💻 VPN user https://PUBLIC_IP:943/?src=connect
Download client app if you haven't yet
Click Yourself (autologin profile)
to download client.ovpn
file. Use this file to establish your custom VPN connection.
npm run cdk destroy
Unrecognized option or missing or extra parameter(s) in configuration: (line 4): dhcp-pre-release (2.4.4)
If you're configuring WiFi router with .ovpn
autologin profile like above, try adding following lines to the .ovpn
file in your favorite text editor
## Add this right after comments block, just for better arrangemnt
pull-filter ignore "dhcp-pre-release"
pull-filter ignore "dhcp-renew"
pull-filter ignore "dhcp-release"
pull-filter ignore "register-dns"
pull-filter ignore "block-ipv6"