Init Scripts

open_vpn_setup_cloudflare.sh

@@ -0,0 +1,45 @@
+#!/bin/bash
+
+# Update System
+sudo apt-get update && sudo apt-get upgrade -y
+
+# Install OpenVPN and Easy-RSA
+sudo apt-get install openvpn easy-rsa -y
+
+# Make Easy-RSA directory and set up variables
+make-cadir ~/openvpn-ca
+cd ~/openvpn-ca
+
+# Build the Certificate Authority (CA)
+source vars
+./clean-all
+./build-ca --batch
+
+# Generate server certificate and key
+./build-key-server --batch server
+
+# Generate Diffie-Hellman parameters
+./build-dh
+
+# Generate HMAC signature to strengthen the server's TLS integrity verification capabilities
+openvpn --genkey --secret keys/ta.key
+
+# Copy the needed keys and certificates to OpenVPN directory
+sudo cp keys/{ca.crt,server.crt,server.key,ta.key,dh2048.pem} /etc/openvpn
+
+# Copy the sample server configuration
+gunzip -c /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz | sudo tee /etc/openvpn/server.conf
+
+# Configure OpenVPN with Cloudflare DNS
+echo 'push "dhcp-option DNS 1.1.1.1"' | sudo tee -a /etc/openvpn/server.conf
+echo 'push "dhcp-option DNS 1.0.0.1"' | sudo tee -a /etc/openvpn/server.conf
+
+# Enable IP forwarding
+echo 'net.ipv4.ip_forward=1' | sudo tee -a /etc/sysctl.conf
+sudo sysctl -p
+
+# Start and enable OpenVPN service
+sudo systemctl start openvpn@server
+sudo systemctl enable openvpn@server
+
+echo "OpenVPN installation and configuration complete."