We open sourced a cdist type __ungleich_openvpn_server

For easily creating and maintaining OpenVPN servers.

Posted on Jan. 9, 2019

VPN and OpenVPN

VPN is an acronym for Virtual Private Network. It is a secure tunnel between two or more devices. It enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. VPNs typically allow only authenticated remote access using tunneling protocols and encryption techniques.

OpenVPN is an open-source software VPN daemon. It supports SSL/TLS security, ethernet bridging, TCP or UDP tunnel transport through proxies or NAT, support for dynamic IP addresses and DHCP, scalability to hundreds or thousands of users, and portability to most major OS platforms.

It is tightly bound to the OpenSSL library. It is designed to work with the TUN/TAP virtual networking interface that exists on most platforms.

For details see OpenVPN.

OpenVPN cdist type

Here at ungleich we have developed cdist type that allows you to create and maintain OpenVPN servers, named __ungleich_openvpn_server.

Type assumes the existence of the directory files/openvpn/ and various subdirectories.

It has only one required parameter:

  • config
    Name of the configuration file below files/openvpn/server-config. This is the main OpenVPN configuration file.

It also supports one optional parameter:

  • srcdir
    Directory with additional files for the server configuration, relative to files/openvpn/. It usually contains files like ca.crt, server.crt and server.key or dh4096.pem file containing DH parameters. If "ccd" sub-directory is present it contains client specific configuration files.

You use this type as in the following examples.

Use the config file ipv6-server.conf:

    __ungleich_openvpn_server --config ipv6-server

Use a customer directory for server files, custom-server-dir. Files from files/openvpn/custom-server-dir are copied to /etc/openvpn:

    __ungleich_openvpn_server --config custom-server \
        --srcdir custom-server-dir

To learn more about cdist visit here, you can checkout the cdist type. You can also join our chat to talk about cdist, it's open for everybody.