Note: I have not worked on this project for a long time. I'm not actually using this as a VPN server implementation anymore (I've switched to Wireguard for my VPN needs), but reimplementing this project with Wireguard might be something I'd do in the future at some point. For now, I recommend not to use this software when you actually need a VPN, but only for educational or entertainment purposes.
yovpn is a server that can be used to create VPN endpoints on public cloud infrastructure. Currently only DigitalOcean is supported as a provider.
The aim of VPNs created using this tool is mainly to avoid IP geolocation and not provide secure internet access. As such, the security of the VPN tunnel is not very high and no public-key cryptography is used to keep setup simple.
This tool will only provide the VPN server. You still need an OpenVPN client for your platform to connect to the provisioned endpoints.
Note: This tool is still in the early stages. While the yovpn-cli command line version is already quite useable, the HTTP server still has many unimplemented features (most notably authentication and secure transfer of VPN credentials) and should be considered unsafe.
First you will need credentials for DigitalOcean:
- Create an account on digitalocean
- Go to the API settings
- Create a "personal access token" with write access (the name does not matter)
- Take note of the token (a long hexadecimal number)
Now you need to decide if you want to use the command-line or start a HTTP server
Assuming a correctly setup Go environment you can get the sources and build the command-line client with the following command:
go get -u github.com/xperimental/yovpn/cmd/yovpn-cliYou should now have a yovpn-cli binary in your path. You can get usage information using:
yovpn-cli -helpTo get available regions for new VPN endpoints run:
yovpn-cli -token $tokenYou can now provision a new VPN endpoint in one of the available regions. The tool will create a new virtual server, run configuration commands on it and write the client configuration to a file on your computer:
yovpn-cli -token $token -region $region -output yovpn.ovpn
# For example
yovpn-cli -token c0ff33 -region nyc1 -output yovpn.ovpnWhen the command completes successfully (takes approximately 2-5min) the directory you ran the command in should contain a new file called yovpn.ovpn (or what you selected with the -output parameter). That file should contain the client configuration needed for your VPN.
Assuming a correctly setup Go environment you can get the sources and build the HTTP server with the following command:
go get -u github.com/xperimental/yovpn/cmd/yovpn-serverYou should now have a yovpn-server binary in your path. The HTTP server can be started using the following command:
yovpn-server -port $port -token $token
# For example
yovpn-server -port 8080 -token c0ff33Note: The HTTP server is currently not suitable for use as very important features are missing.
If you are really daring you can already deploy the HTTP server to Heroku. You will still need to create the DigitalOcean token beforehand.
The HTTP server currently has the following endpoints:
| Method | Path | Description |
|---|---|---|
| GET | /regions |
List all available regions. |
| GET | /cleanup |
Remove all known endpoints. |
| GET | /endpoint/:id |
Return information about endpoint with id |
| PUT | /endpoint?region=:region |
Create a new endpoint in selected region. |
| DELETE | /endpoint/:id |
Remove endpoint with id |