Deploy your own VPN server on GCP almost for free
Problem to solve
Deploy your own VPN server without depending on free, but dangerous, you can’t trust VPN services.
Chosen solution: Algo
Algo is a really easy-way-to-setup a VPN server. The documentation is good, the setup script is intuitive and you can choose deploy your VPN on DigitalOcean, Amazon EC2, Microsoft Azure, Google Compute Engine, or your own server.
How-to
GCP setup
Algo setup
- clone the official repository
- add users to the config.cfg file
- add your Service Account credentials to
./configs/
directory
Algo deploy
For my deploy I created a Dockerfile while try my best to maintain my environment cleanest as possible. If you prefer read the README, it’s really easy to follow ;)
- save the Dockerfile in the project root
- run
docker build --tag algo .
to build the Docker image - run
docker run -v $PWD:/algo -it algo
to deploy your VPN server (it will create a f1-micro instance) - follow de deploy script steps, chosing the options that fits best for your use case
- remeber to secure your certificates password in the end of the setup (look for “The p12 and SSH keys password is XXXXXXXX” in the final message)
Dockerfile
FROM ubuntu:16.04
RUN rm /bin/sh && ln -s /bin/bash /bin/sh
RUN apt-get update -y \
&& apt-get install \
build-essential \
openssh-client \
libssl-dev \
libffi-dev \
python-dev \
python-pip \
python-setuptools \
python-virtualenv \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& python -m virtualenv env \
&& source env/bin/activate \
&& python -m pip install -U pip
WORKDIR /algo
COPY requirements.txt .
RUN python -m pip install -r requirements.txt
CMD [ "./algo" ]
Android client setup
Follow the docs.
As I had thouble to copy username.p12
certificate to my phone’s internal storage using rsync and SSHelper, here goes a tip for copying your certificate file to your Android’s internal storage:
The problem was that my Android’s SSHelper server was serving on port 2222 but Mike Hostetler have alread answered this question ;)
# rsync -Pavz -e "ssh -p 2222" /full/path/to/algo/configs/your-vpn-ip/username.p12 your-android-local-ip:/path/to/your/android/internal/storage
Another tip: use $ ssh your-android-local-ip -p 2222
to get the full path to your Android’s internal storage.