~fkooman/vpn-documentation

ref: 13ed958d65981a2744683ffbffae1c0d2c51e36d vpn-documentation/VPN_DAEMON.md -rw-r--r-- 1.7 KiB
13ed958dFrançois Kooman make clear that "the only difference" now refers only to OAuth 4 months ago

#title: VPN Daemon description: Use VPN Daemon for OpenVPN Management category: advanced

NOTE: if you run on Debian, replace yum with apt.

This document describes how to switch to using the VPN daemon to control OpenVPN processes.

We assume you setup your current VPN server using deploy_${DIST}.sh and have everything on one machine.

Enabling the daemon is rather simple:

$ sudo yum -y install vpn-daemon
$ sudo systemctl enable --now vpn-daemon

Modify /etc/vpn-server-api/config.php and add the configuration key useVpnDaemon and set its value to true in the "root", i.e. on the same level as vpnProfiles, e.g.:

<?php

return [

    'useVpnDaemon' => true,

    // List of VPN profiles
    'vpnProfiles' => [
        'internet' => [
            // The number of this profile, every profile per instance has a 
            // unique number
            // REQUIRED
            'profileNumber' => 1,

            // ...

Make sure everything still works, i.e. you can see connected clients when visiting the "Connections" tab in the portal, or use vpn-server-api-status to check the "load" of the OpenVPN processes for each profile, for example:

$ sudo vpn-server-api-status --json
[
    {
        "profile_id": "amsterdam",
        "active_connection_count": 110,
        "max_connection_count": 488,
        "percentage_in_use": 22,
        "port_client_count": {
            "udp/1194": 17,
            "udp/1195": 20,
            "udp/1196": 29,
            "udp/1197": 23,
            "tcp/443": 9,
            "tcp/1194": 5,
            "tcp/1195": 3,
            "tcp/1196": 4
        }
    }
]