The included terraform configuration brings up a t2.nano
instance to run the VPN server.
cd terraform
terraform plan
terraform apply
Note the IP address in the output from terraform apply
. We'll need it for the steps that follow.
Copy roles/easy-rsa/files/pki_vars.sample
to roles/easy-rsa/files/pki_vars
.
Update pki_vars
with your desired values for your CA.
Next, run ansible-playbook
to configure OpenVPN on your ec2 instance.
Where 1.1.2.2
is the IP address of the ec2 instance brought up in the previous step:
ansible-playbook \
-e 'build_ca=true' \
-e 'build_clients=true' \
-e '{"client_names": ["ryan"]}' \
-i "1.1.2.2," \
-u ec2-user \
provision.yml
ansible-playbook \
-e 'build_clients=true' \
-e '{"client_names": ["another_client", "and_another"]}' \
-i "1.1.2.2," \
-u ec2-user \
provision.yml
Keys, certs, etc. will be placed in lib/EasyRSA-2.2.2/keys/
Based on: How to make your own free VPN with Amazon Web Services
See the blog post for information regarding configuration of your VPN client.