explaingit

angristan/openvpn-install

15,793ShellAudience · ops devopsComplexity · 3/5Setup · moderate

TLDR

A shell script that sets up a fully configured OpenVPN server on your Linux machine in seconds, handling certificates, firewall rules, and client config generation automatically.

Mindmap

mindmap
  root((openvpn-install))
    What it does
      Installs OpenVPN server
      Generates client configs
      Manages firewall rules
    Features
      Non-interactive CLI
      JSON output
      IPv4 and IPv6
    Supported distros
      Debian and Ubuntu
      Fedora and CentOS
      Arch and openSUSE
    Use cases
      Private VPN
      Remote home access
      Network bypass
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Set up a private VPN on a rented VPS to route your internet traffic securely through a server you control.

USE CASE 2

Create a remote-access tunnel so you can reach home network services from anywhere using a generated .ovpn config file.

USE CASE 3

Automate VPN client provisioning using the non-interactive CLI subcommands (add, revoke, list) from a script with JSON output.

USE CASE 4

Get around network blocks or censorship using an OpenVPN server you fully control.

Tech stack

ShellOpenVPNsystemdiptablesnftables

Getting it running

Difficulty · moderate Time to first run · 30min

Requires a Linux server with root access and systemd, the server must have a public IP address for clients to connect.

In plain English

This project is a shell script that sets up an OpenVPN server on a Linux machine. OpenVPN is software that lets you build your own VPN, a private encrypted tunnel between your devices and a server you control, so a phone or laptop can route its internet traffic through that server instead of directly through the local network. The script takes the fiddly setup work, generating certificates, configuring the server, opening the firewall, and turns it into something you can do in just a few seconds. You run the script on a server you own, whether that is a rented VPS, a dedicated box, or a computer at home. After installation you generate a client configuration file (an .ovpn file) for each device, copy it across, and connect with any OpenVPN client. The README also documents a non-interactive CLI for automation: subcommands like install, uninstall, client add, client list, client revoke, client renew, and server renew, with JSON output for scripting. Revoking a client disconnects it immediately. The script supports a wide range of Linux distributions including AlmaLinux, Amazon Linux 2023, Arch Linux, CentOS Stream, Debian, Fedora, openSUSE, Oracle Linux, Rocky Linux, and Ubuntu, and it requires systemd. It manages firewall rules through firewalld, nftables, or iptables, supports IPv4 and IPv6 in any combination, lets you pick TCP or UDP, and offers configurable VPN subnets, MTU, DNS resolvers, and encryption settings. People reach for it when they want their own VPN for privacy, getting around blocked networks, or remote access to home services, without learning the whole OpenVPN configuration surface by hand. The full README is longer than what was provided.

Copy-paste prompts

Prompt 1
Using the angristan/openvpn-install script, how do I add a new VPN client and download its .ovpn config file to connect my phone?
Prompt 2
How do I use the openvpn-install non-interactive CLI to automate adding new clients in a shell script, and what does the JSON output look like?
Prompt 3
Walk me through revoking a client certificate with openvpn-install so that device immediately loses VPN access.
Prompt 4
How do I configure openvpn-install to use a custom DNS resolver and TCP port 443 instead of the default UDP?
Open on GitHub → Explain another repo

← angristan on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.