~fkooman/vpn-documentation

ref: fefa8a67d1bb4afa2d24cda3dea66e940a5f9a95 vpn-documentation/VPN_DAEMON.md -rw-r--r-- 1.7 KiB
fefa8a67François Kooman remove EXPIRY_AT_NIGHT 4 months ago

#title: VPN Daemon description: Use VPN Daemon for OpenVPN Management category: advanced

NOTE: if you run on Debian, replace yum with apt.

This document describes how to switch to using the VPN daemon to control OpenVPN processes.

We assume you setup your current VPN server using deploy_${DIST}.sh and have everything on one machine.

Enabling the daemon is rather simple:

$ sudo yum -y install vpn-daemon
$ sudo systemctl enable --now vpn-daemon

Modify /etc/vpn-server-api/config.php and add the configuration key useVpnDaemon and set its value to true in the "root", i.e. on the same level as vpnProfiles, e.g.:

<?php

return [

    'useVpnDaemon' => true,

    // List of VPN profiles
    'vpnProfiles' => [
        'internet' => [
            // The number of this profile, every profile per instance has a 
            // unique number
            // REQUIRED
            'profileNumber' => 1,

            // ...

Make sure everything still works, i.e. you can see connected clients when visiting the "Connections" tab in the portal, or use vpn-server-api-status to check the "load" of the OpenVPN processes for each profile, for example:

$ sudo vpn-server-api-status --json
[
    {
        "profile_id": "amsterdam",
        "active_connection_count": 110,
        "max_connection_count": 488,
        "percentage_in_use": 22,
        "port_client_count": {
            "udp/1194": 17,
            "udp/1195": 20,
            "udp/1196": 29,
            "udp/1197": 23,
            "tcp/443": 9,
            "tcp/1194": 5,
            "tcp/1195": 3,
            "tcp/1196": 4
        }
    }
]