I’m a big fan of OpenVPN - both for personal and professional VPNs. Seeing as how I’ve been deploying more things with BOSH lately, an OpenVPN release seemed like a good little project. I started one about nine months ago and have been using development releases ever since, but last week I went ahead and created a “final” release of it.
There is only a single job (
openvpn) and the properties are well documented. Its primary purpose is to act as a server for other clients to connect to, however you can also configure it to connect as a client and connect to another OpenVPN network as well. This makes it very easy to join multiple networks from a single OpenVPN connection.
One of the more complicated steps of configuring an OpenVPN server is figuring out and remembering the correct commands for creating and signing security keys and certificates. The README includes all those steps to get a server running in a deployment and a client connected to it. There are also a few other examples about some fancier configuration options such as: setting up
iptables for shared networks, allowing VPN clients to communicate with each other, and making sure specific clients are assigned static IPs.
After going through the process of setting up quite a few OpenVPN servers and trying to automate and maintain them, this BOSH release has become my preferred method given its flexibility, consistency, and handy readme so I’m no longer Googling at every step. Check out the project page if you’d like to learn more, or see the releases page there for a tarball that you can use in your own BOSH environment.