github.com/cad/ovpm

OVPM - OpenVPN Management Server

OVPM allows you to administrate an OpenVPN server on linux easily via command line and web interface.

With OVPM you can create and run an OpenVPN server, add/remove VPN users, generate client .ovpn files for your users etc.

This software is not stable yet. We recommend against using it for anything serious until, version 1.0 is released.

NOTICE: Version 0.2.8 comes with comp-lzo option disabled by default as it is deprecated by OpenVPN.

Roadmap

• OpenVPN management functionality
• User management functionality
• Network management functionality
• Command Line Interface (CLI)
• API (REST and gRPC)
• Web User Interface (WebUI)
• Import/Export/Backup OVPM config
• Effortless client profile (.ovpn file) delivery over Web
• Monitoring and Quota functionality

Demo Here is a little demo of what it looks on terminal to init the server, create a vpn user and generate .ovpn file for the created user.

Installation

from RPM (CentOS/Fedora):

# Add YUM Repo
$ sudo yum install yum-utils -y
$ sudo yum install epel-release -y
$ sudo yum-config-manager --add-repo https://cad.github.io/ovpm/rpm/ovpm.repo

# Install OVPM
$ sudo yum install ovpm

# Enable and start ovpmd service
$ systemctl start ovpmd
$ systemctl enable ovpmd

from DEB (Ubuntu/Debian):

This is tested only on Ubuntu >=16.04.3 LTS

# Add APT Repo
$ sudo sh -c 'echo "deb [trusted=yes] https://cad.github.io/ovpm/deb/ ovpm main" >> /etc/apt/sources.list'
$ sudo apt update

# Install OVPM
$ sudo apt install ovpm

# Enable and start ovpmd service
$ systemctl start ovpmd
$ systemctl enable ovpmd  

from Source (go get):

Only dependency for ovpm is OpenVPN>=2.3.3.

$ go get -u github.com/cad/ovpm/...

# Make sure user nobody and group nogroup is available
# on the system
$ sudo useradd nobody
$ sudo groupadd nogroup

# Start ovpmd on a seperate terminal
$ sudo ovpmd

Now ovpmd should be running.

Quickstart

Create a vpn user and export vpn profile for the created user.

# We should init the server after fresh install
$ ovpm vpn init --hostname <vpn.example.com>
INFO[0004] ovpm server initialized

# Now, lets create a new vpn user
$ ovpm user create -u joe -p verySecretPassword
INFO[0000] user created: joe

# Finally export the vpn profile for, the created user, joe
$ ovpm user genconfig -u joe
INFO[0000] exported to joe.ovpn

OpenVPN profile for user joe is exported to joe.ovpn file. You can simply use this file with OpenVPN to connect to the vpn server from another computer.

Next Steps

• User Management
• Network Management
• Web Interface

Troubleshooting

Q: My clients cannot connect to VPN after updating OVPM to v0.2.8

Since comp-lzo is disabled by default in OVPM v0.2.8, existing clients' .ovpn profiles became invalid.

In order to solve this you have the options below:

• Generate new .ovpn profile for existing clients
• Or manually remove comp-lzo line from clients .ovpn profiles yourself.
• Or you can upgrade to v0.2.9 and enable lzo option back by invoking the following command.

$ ovpm vpn update --enable-use-lzo

But please note that this is not recommended as lzo option is deprecated in OpenVPN.