Config: Vpn - HolgerHees/smartserver GitHub Wiki

VPN configuration

Currently there are two VPN solutions deployed. The first one is based on wireguard and the second deprecated one is based on openvpn. For now they will run simultaneously.

Wireguard

The wireguard based VPN is installed by default with the rule wireguard which deployes the base dependencies and the rule wireguard_mobile which creates a container where the service is running.

The role wireguard_mobile is looping of all configured user from variable vault_userdata and creates a vpn configuration for each of them. You can add the additional parameter vpn_gates if you want to have more then one vpn configuration for a specific user. The demo example is a good starting point to see how it can be configured.

Other important variables are vault_wireguard_mobile_internal_port and vault_wireguard_mobile_public_port in vault.yml and public_server_domain in env.yml

After the deployment is done, the client configurations for each user can be found in /smartserver/etc/wireguard_mobile/clients/. Just install the android app on your phone and import the configuration.

OpenVPN (deprecated)

This is the old previous vpn solution which is running directly on the host system. I will just mention the important variables, which are vault_vpn_mobile_pass, vault_vpn_mobile_port and vault_vpn_mobile_public_port in vault.yml and public_server_domain in env.yml too.

The deployed client configuration for the android app can be found in /etc/openvpn/mobile.ovpn. There is only one configuration for all clients.