Skip to content

hex22a/crash-cdk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits

.yarn

.yarn

 
 

bin

bin

 
 

lib

lib

 
 

.gitignore

.gitignore

 
 

.npmignore

.npmignore

 
 

.pnp.cjs

.pnp.cjs

 
 

.pnp.loader.mjs

.pnp.loader.mjs

 
 

.yarnrc.yml

.yarnrc.yml

 
 

README.md

README.md

 
 

cdk.json

cdk.json

 
 

package.json

package.json

 
 

tsconfig.json

tsconfig.json

 
 

yarn.lock

yarn.lock

 
 

Repository files navigation

Crash CDK

🏗 CDK App for Amazon CDK! Lets you create your own VPN server in few simple steps.

💸 Suits for AWS Free Tier instances

☀️ Fast, but verbose setup

👯‍ Mostly copy-pasting

💥 Easy to destroy

Pre-requirements

🚜 Latest node.js

nvm use 14

🧶 Yarn

npm install -g yarn

🧾 AWS Account

🚜 AWS CLI

🔌 EC2 Instance Connect CLI

🤖 IAM User with following policies:

  1. AmazonEC2FullAccess

  2. AWSCloudFormationFullAccess

  3. EC2InstanceConnect

💭 Important: Create a separate user instead of using default sudo-level access.

💭 Important 2: Best practice is to attach permissions to a group and then add users to that group, rather than giving permissions to user directly. In this particular case there's not much difference, so you can do either.

Configure AWS CLI

aws configure

The tool will prompt for an IAM credentials. Fill in ones, created before.

Deploy

## Actually you need to clone this repo first, and install all deps
git clone https://github.com/hex22a/crash-cdk.git && cd ./crash-cdk && yarn install

yarn cdk deploy

Go to EC2 Dashboard and copy instance id and then SSH to the instance 🔑

mssh ubuntu@INSTANCE_ID
# Set default user password
sudo passwd openvpn

Instance configuration is complete 🎉

Set up VPN

Server

Log in as openvpn user at https://PUBLIC_IP:943/admin. Ignore SSL warning, or add SSL Cert as trusted to the keychain. You can find your public ip in AWS Console. To bypass Google Chrome's "Not Secure" warning, just type in "thisisunsafe" while the tab is open.

Update Hostname or IP Address at Network Settings (https://PUBLIC_IP:943/admin/network_settings). Value in the field should be your PUBLIC_IP.

Create 👩‍💻 VPN users, click "More Settings" to set password, enable auto-login

Don't forget to "Update Running Server"

Client

Login as a 👩‍💻 VPN user https://PUBLIC_IP:943/?src=connect

Download client app if you haven't yet

Click Yourself (autologin profile) to download client.ovpn file. Use this file to establish your custom VPN connection.

🚨 Destroy

npm run cdk destroy

Notes

Unrecognized option or missing or extra parameter(s) in configuration: (line 4): dhcp-pre-release (2.4.4)

If you're configuring WiFi router with .ovpn autologin profile like above, try adding following lines to the .ovpn file in your favorite text editor

## Add this right after comments block, just for better arrangemnt
pull-filter ignore "dhcp-pre-release"
pull-filter ignore "dhcp-renew"
pull-filter ignore "dhcp-release"
pull-filter ignore "register-dns"
pull-filter ignore "block-ipv6"

About

Crash CDK for VPN!

Topics

aws aws-cdk

Resources

Readme
Activity

Stars

4 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages