1. 26
  1. 4

    Something I like to use to set up a VPN in a hurry is the OpenVPN install script by nyr https://github.com/Nyr/openvpn-install It takes very little time to setup and is easy to use, but I could totally see how someone would want to avoid that script (youre blindly trusting some shell script, curl | sh style) in favour of a solution like the one presented in this post.

    1. 2

      I use that script too - spin up a lowendspirit box, run the script and you have a cheap VPN set up in a few minutes.

    2. 4

      If you want to do this on FreeBSD with OpenVPN and automate it, I wrote an Ansible role as part of my Bee2 projects that you can look at here:

      https://github.com/sumdog/bee2/tree/master/ansible/roles/vpn

      1. 2

        I’ve used Streisand to create a VPN endpoint on a Digital Ocean droplet. AWS, Google Cloud and more are supported out of the box.

        1. 2

          Streisand looks very cool!

          I’ve personally used Algo a lot - spins up a quick IPSEC VPN. I’ll trash it and make a new one every few weeks, really well written and good bit of software.

        2. 2

          I use Algo by Trail of Bits. It’s super easy to set up (has a command line wizard to walk you through setting up your server on a variety of providers), generates mobile profiles for iOS to connect on demand on unknown networks, and had super secure defaults.

          1. 1

            Algo supports WireGuard now too, which is nice.

          2. 2

            I wanted IKEv2 for performance and security reasons (I won’t elaborate on this here, if you’re curious about the differences, there’s a lot of content out on the web explaining this).

            A similar setup and blog post for WireGuard would be even better still, in terms of both performance and security! @zx2c4