Pi-hole/pi-hole
Pi-hole/pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/pi-hole.git synced 2025-03-01 06:18:33 +00:00
Code Issues Projects Releases Packages Wiki Activity

Destroyed OpenVPN server: Installation (markdown)

DL6ER 2018-05-13 14:24:58 +02:00
parent 0b30b8a766
commit 10823e3619
1 changed files with 0 additions and 70 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

70
OpenVPN-server:-Installation.md

@ -1,70 +0,0 @@
## Install an operating system
Once you have your preferred OS up and running. You may already have a server set up on your network, or you may prefer to make a [Digital Ocean](http://www.digitalocean.com/?refcode=344d234950e1) droplet. In either case, you'll use the quick OpenVPN "road warrior" installer. The cloud-hosted server option is convenient if you don't want to host the hardware at home, but you'll need to take additional steps to secure the server as it's available on the public Internet. Failure to do so is [not only irresponsible, but you also put yourself and others at risk](https://www.us-cert.gov/ncas/alerts/TA13-088A).
## Install OpenVPN + Pi-hole
### A note about security
For security purposes, it is recommended that the CA machine should be separate from the machine running OpenVPN. If you lose control of your CA private key, you can no longer trust any certificates from this CA. Anyone with access to this CA private key can sign new certificates without your knowledge, which then can connect to your OpenVPN server without needing to modify anything on the VPN server. Place your CA files on a storage which can be offline as much as possible, only to be activated when you need to get a new certificate for a client or server.
This is less convenient, so many users will simply decide to install Pi-hole and OpenVPN on a single machine, which is what this guide will walkthrough.
### Install the OpenVPN server
First, download the OpenVPN installer; make it executable, and then run it:
```
wget https://git.io/vpn -O openvpn-install.sh
chmod 755 openvpn-install.sh
./openvpn-install.sh
```
Enter your server's IP address and accept all the defaults, unless you require special needs:
```
Welcome to this quick OpenVPN "road warrior" installer
I need to ask you a few questions before starting the setup
You can leave the default options and just press enter if you are ok with them
First I need to know the IPv4 address of the network interface you want OpenVPN
listening to.
IP address: 10.8.0.1
Which protocol do you want for OpenVPN connections?
1) UDP (recommended)
2) TCP
Protocol [1-2]: 1
What port do you want OpenVPN listening to?
Port: 1194
Which DNS do you want to use with the VPN?
1) Current system resolvers
2) Google
3) OpenDNS
4) NTT
5) Hurricane Electric
6) Verisign
DNS [1-6]: 1
Finally, tell me your name for the client certificate
Please, use one word only, no special characters
Client name: pihole
Okay, that was all I needed. We are ready to setup your OpenVPN server now
Press any key to continue...
```
Let the installer run...
```
Finished!
Your client configuration is available at /root/pihole.ovpn
If you want to add more clients, you simply need to run this script again!
```
### Install Pi-hole
Next, install Pi-hole and choose `tun0` as the interface. You can accept all the defaults, or configure Pi-hole to your liking. The interface selection is the most important step; if you don't choose `tun0` (at least to begin with), it will not work properly.
```
curl -sSL https://install.pi-hole.net | bash
```