BPopp Sanctuary

VPN: Difference between revisions

Page Discussion
No edit summary
Line 1: Line 1:
= PIA and OpenVPN (Improved) =
= PIA and OpenVPN (Improved) =


Found [https://gist.github.com/helloavo/5693d36f63d8fa3beefe00143495d893 this guide] here which seems to be more powerful
Found [https://gist.github.com/helloavo/5693d36f63d8fa3beefe00143495d893 this guide] which seems to be more powerful:
 
Update
<pre>apt-upgrade && apt update</pre>
 
Add user to run PIA
 
<pre>adduser pia-gateway
usermod -aG sudo pia-gateway
su pia-gateway
cd /home/pia</pre>


= PIA and OpenVPN =
= PIA and OpenVPN =

Revision as of 20:43, 22 December 2024

PIA and OpenVPN (Improved)

Found this guide which seems to be more powerful:

Update 

apt-upgrade && apt update

Add user to run PIA 

adduser pia-gateway
usermod -aG sudo pia-gateway
su pia-gateway
cd /home/pia

PIA and OpenVPN

Install OpenVPN 

sudo apt-get install openvpn unzip -y
cd /etc/openvpn

Download Private Internet Access 

sudo wget --no-check-certificate https://www.privateinternetaccess.com/openvpn/openvpn.zip
sudo unzip openvpn.zip
ls -lh

Pick a Country to use as Primary VPN 

cp spain.ovpn spain_bp.ovpn
vi spain_bp.ovpn

At the end of the file, add Routes to the Local Networks (if needed) 

route 192.168.1.0 255.255.255.0 net_gateway
route 192.168.2.0 255.255.255.0 net_gateway

Add Credentials to Login.txt file 

sudo vi /etc/openvpn/login.txt

In this format: 

username
password

Limit access to login file 

sudo chmod 700 /etc/openvpn/login.txt

Add nameservers to DNS (if needed) 

echo "nameserver 8.8.8.8" | sudo tee -a /etc/resolv.conf
echo "nameserver 8.8.4.4" | sudo tee -a /etc/resolv.conf

sudo chattr +i /etc/resolve.conf

At this point, you should be able to test with: 

sudo openvpn --config /etc/openvpn/spain_bp.ovpn --auth-user-pass /etc/openvpn/login.txt

And then to test that your network providers IP is hidden: 

wget http://ipinfo.io/ip -qO -

Start PIA via Service

sudo /etc/init.d/pia

Add the following: 

#!/bin/sh
### BEGIN INIT INFO
# Provides:          OpenVPN Autoconnect
# Required-Start:    $local_fs $remote_fs $network
# Required-Stop:     $local_fs $remote_fs $network
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: OpenVPN Autoconnect
# Description:       OpenVPN Autoconnect
### END INIT INFO


# Documentation available at
# http://refspecs.linuxfoundation.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptfunc.html
# Debian provides some extra functions though
. /lib/lsb/init-functions


DAEMON_NAME="openvpnauto"
DAEMON_USER=root
DAEMON_PATH="/usr/sbin/openvpn"
DAEMON_OPTS="--config /etc/openvpn/spain_bp.ovpn --auth-user-pass /etc/openvpn/login.txt"
DAEMON_PWD="/etc/openvpn"
DAEMON_DESC=$(get_lsb_header_val $0 "Short-Description")
DAEMON_PID="/var/run/${DAEMON_NAME}.pid"
DAEMON_NICE=0
DAEMON_LOG='/var/log/openvpnauto.log'

[ -r "/etc/default/${DAEMON_NAME}" ] && . "/etc/default/${DAEMON_NAME}"

do_start() {
  local result

    pidofproc -p "${DAEMON_PID}" "${DAEMON_PATH}" > /dev/null
    if [ $? -eq 0 ]; then
        log_warning_msg "${DAEMON_NAME} is already started"
        result=0
    else
        log_daemon_msg "Starting ${DAEMON_DESC}" "${DAEMON_NAME}"
        touch "${DAEMON_LOG}"
        chown $DAEMON_USER "${DAEMON_LOG}"
        chmod u+rw "${DAEMON_LOG}"
        if [ -z "${DAEMON_USER}" ]; then
            start-stop-daemon --start --quiet --oknodo --background \
                --nicelevel $DAEMON_NICE \
                --chdir "${DAEMON_PWD}" \
                --pidfile "${DAEMON_PID}" --make-pidfile \
                --exec "${DAEMON_PATH}" -- $DAEMON_OPTS
            result=$?
        else
            start-stop-daemon --start --quiet --oknodo --background \
                --nicelevel $DAEMON_NICE \
                --chdir "${DAEMON_PWD}" \
                --pidfile "${DAEMON_PID}" --make-pidfile \
                --chuid "${DAEMON_USER}" \
                --exec "${DAEMON_PATH}" -- $DAEMON_OPTS
            result=$?
        fi
        log_end_msg $result
    fi
    return $result
}

do_stop() {
    local result

    pidofproc -p "${DAEMON_PID}" "${DAEMON_PATH}" > /dev/null
    if [ $? -ne 0 ]; then
        log_warning_msg "${DAEMON_NAME} is not started"
        result=0
    else
        log_daemon_msg "Stopping ${DAEMON_DESC}" "${DAEMON_NAME}"
        killproc -p "${DAEMON_PID}" "${DAEMON_PATH}"
        result=$?
        log_end_msg $result
        rm "${DAEMON_PID}"
    fi
    return $result
}

do_restart() {
    local result
    do_stop
    result=$?
    if [ $result = 0 ]; then
        do_start
        result=$?
    fi
    return $result
}

do_status() {
    local result
    status_of_proc -p "${DAEMON_PID}" "${DAEMON_PATH}" "${DAEMON_NAME}"
    result=$?
    return $result
}

do_usage() {
    echo $"Usage: $0 {start | stop | restart | status}"
    exit 1
}

case "$1" in
start)   do_start;   exit $? ;;
stop)    do_stop;    exit $? ;;
restart) do_restart; exit $? ;;
status)  do_status;  exit $? ;;
*)       do_usage;   exit  1 ;;
esac

Start Service Automatically 

sudo chmod +x /etc/init.d/pia
sudo update-rc.d pia defaults 98

Service can now be started and stopped normally 

sudo service pia stop
sudo service pia start
Retrieved from "http://wiki.bpopp.net/index.php?title=VPN&oldid=2046"