Recently I configured SSHd to run on one of my raspberry pi's at home, using Tor to make it accessible remotely even without a static IP, or custom forwarding rules with my routers. This time, I am going to accomplish a similar goal, however using OpenVPN and a cheap $5/mo server from Linode or DigitalOcean. (Next post we will discuss hosting websites from home using this VPN Tunnel).
What is the end goal?
Simply put, I want to host services (ssh, sftp), websites (http, https), & email (smtp, pop3, imap4) from my raspberry pi cluster at home, without purchasing a Static IP or using services like DynDNS. While DynDNS is awesome, there are some issues with DNS Caching which could make the cluster unavailable for periods of time.
OpenVPN Server Configuration
Install openvpn using apt-get
Replace the /etc/openvpn/server.conf with the option below
local [public-ip-address] port 1194 proto tcp dev tun tun-mtu 1400 mssfix 1450 ca ca.crt cert server.crt key server.key dh dh2048.pem server 10.1.10.0 255.255.255.0 client-config-dir /etc/openvpn/staticclients keepalive 10 120 comp-lzo user nobody group nogroup persist-key persist-tun status /tmp/openvpn.log verb 3 # tls-auth ta.key 0 key-direction 0 cipher AES-128-CBC auth SHA256
Create SSL Cert & CA for server and clients