- Deploys an OpenVPN and Access Server with Letsencrypt SSL Certificate on EC2
- LetsEncrypt hook to put certificate into OpenVPN-AS config and restart openvpnas service
Customize your OpenVPNServer with these Inputs
Setup logfile /tmp/setup.log
LetsEncrypt auto renew logfile /var/log/letsencrypt-renew.log
For VPN Routing and advanced settings use the Access Server command line interface tools
To use ./sacli navigate to /usr/local/openvpn_as/scripts/
Default settings never route any client traffic through the VPN
You can change this in userdata.sh befor creating the instance but you also can change this after that on the EC2 Instance.
sacli commands examples (no client traffic routing through the VPN connection)
./sacli --key "vpn.client.routing.reroute_dns" --value "false" ConfigPut
./sacli --key "vpn.client.routing.reroute_gw" --value "false" ConfigPut
If everything went well :) you can access your OpenVPN Access server via your browser.
Check your specified Admin URL in the outputs of this terraform module
Username: openvpn
Password: ( set your password with ${var.passwd}
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ami | AWS AMI to use | string | ami-090f10efc254eaf55 | no |
| domain | Domain Name | string | n/a | yes |
| instancename | Name of the Instance | string | n/a | yes |
| instancetype | AWS Instance Type | string | n/a | yes |
| key_city | OpenVPN CA City Name | string | n/a | yes |
| key_country | OpenVPN CA Country Name | string | n/a | yes |
| key_email | OpenVPN CA Email Contact | string | n/a | yes |
| key_org | OpenVPN CA Organisation Name | string | n/a | yes |
| key_ou | OpenVPN Organisation Unit Name | string | n/a | yes |
| key_province | OpenVPN CA Province Name | string | n/a | yes |
| keyname | SSH Access Key | string | n/a | yes |
| owner | AWS Tag for Owner | string | n/a | yes |
| passwd | OpenVPN User Password for AdminUser:openvpn | string | n/a | yes |
| profile | Aws Profile to use | string | n/a | yes |
| region | Region to use | string | n/a | yes |
| sslmail | LetsEncrypt Contact Email | string | n/a | yes |
| subdomain | Subdomain | string | n/a | yes |
| subnetid | Subnet for the EC2 instance | string | n/a | yes |
| vpc | AWS VPC to be used | string | n/a | yes |
| Name | Description |
|---|---|
| Domain Name | TLD for the OpenVPNServer |
| adminurl | Admin Access URL for the OpenVPNServer |
| arn | Your VPC ARN |
| instancearn | Instance ARN |
| instancetype | Instance Type |
| iprange | VPC Iprage |
| keyname | SSH Access Key Name |
| privateip | Instance Private IP |
| pubplicip | The Instance Public IP |
| route table | Route Table |
| sg_id | SecurityGroup ID |
| sg_name | SecurityGroup Name |
| userdata | Userdata Hash |
| vpc_id | VPC ID |
| vpc_name | VPC Name |