This folder contains an example Packer template for building an AMI (Amazon Machine Image) containing the OpenVPN server.
Pre-requisites:
In order to build this AMI you will need to provide some input variables. There are several variables but the most important ones are:
In which AWS region should Packer build your AMI
Where should Packer look for a copy of the openvpn-admin binary that you will use to manage your VPN certificates. If you haven't built this before, take a look at it's documentation for steps on how to build it. Remember: When building openvpn-admin for use in this packer template, keep in mind the OS and architecture where this will be deployed and not the OS/architecture of the machine that's building openvpn-admin. E.g., if you're firing up an EC2 Instance that runs Linux, you'll need to build the binary for Linux, even if you happen to be running the build on a Mac.
All variables below:
Variable name
Description
Default Value
active_git_branch
The git branch to use for gruntwork-install.
null
aws_region
Tells Packer in which AWS region to build your AMI
us-east-1
github_oauth_token
Your github OAuth token.
env.GITHUB_OAUTH_TOKEN
openvpn_admin_binary
Where should Packer look for a copy of the openvpn-admin binary that you will use to manage the VPN certificates on your VPN server. See: openvpn-admin for more info.
-only flag allows you to execute one specific builder with the given name. This parameter can be ommitted if the packer template has only one builder defined in it. This example has just one builder, but we're including the parameter for reference.
openvpn_admin_binary in the example above is pointing to a sample location. Unless you execute the automated test, which will actually build the artifact for you and place it into that folder, you will have to provide your own path where that binary is located.
Questions? Ask away.
We're here to talk about our services, answer any questions, give advice, or just to chat.
{"treedata":{"name":"root","toggled":true,"children":[{"name":".circleci","children":[{"name":"config.yml","path":".circleci/config.yml","sha":"6bb75d0430b18f1f7c187b2222b8011ccd81ad9d"}]},{"name":".gitignore","path":".gitignore","sha":"e02f16ef8063fc8d9d24ad92b30536beb06aba44"},{"name":".pre-commit-config.yaml","path":".pre-commit-config.yaml","sha":"54c0821e8bc133285e4b99948cab34ee7088fd5b"},{"name":"CODEOWNERS","path":"CODEOWNERS","sha":"8c24c86ef8447a19436b38826f458c71b4da4f45"},{"name":"LICENSE.txt","path":"LICENSE.txt","sha":"5ae97660cb6e3a07b61c971f1a25edf402e90f53"},{"name":"README.md","path":"README.md","sha":"e2c9e245380306d0426600ae8578d48e159ca1b2"},{"name":"examples","children":[{"name":"openvpn-host-duo","children":[{"name":"README.md","path":"examples/openvpn-host-duo/README.md","sha":"1a3065f058745f0f03fd74844ac4e872d52538de"},{"name":"main.tf","path":"examples/openvpn-host-duo/main.tf","sha":"2a1a2329f41dfeddbdfa332aa3c6356d6b0ddf9f"},{"name":"outputs.tf","path":"examples/openvpn-host-duo/outputs.tf","sha":"f527145f657a5a99d32c301c591f461f2230e3b9"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/openvpn-host-duo/user-data/user-data.sh","sha":"83cc9cc2145089141c3e7c58b3c930eeeb609c42"}]},{"name":"vars.tf","path":"examples/openvpn-host-duo/vars.tf","sha":"5d9d760ae9700c178ae6898e9e652b50ecfa92cc"}]},{"name":"openvpn-host","children":[{"name":"README.md","path":"examples/openvpn-host/README.md","sha":"debef80eecb3e988d1bee242f41659bb94f63a07"},{"name":"main.tf","path":"examples/openvpn-host/main.tf","sha":"a3fb3afa6cdd79ca9601191c08617fa2a7f85fbd"},{"name":"outputs.tf","path":"examples/openvpn-host/outputs.tf","sha":"f527145f657a5a99d32c301c591f461f2230e3b9"},{"name":"user-data","children":[{"name":"user-data.sh","path":"examples/openvpn-host/user-data/user-data.sh","sha":"04787c97e63d89c1ac32fb1f91f0398800f83074"}]},{"name":"vars.tf","path":"examples/openvpn-host/vars.tf","sha":"377921b5d6fb85a8151889d006fa54f990cfbd7d"}]},{"name":"packer-duo","children":[{"name":"README.md","path":"examples/packer-duo/README.md","sha":"d885b8114f2af50fb01d4707e56bb81ae79da798"},{"name":"build.json","path":"examples/packer-duo/build.json","sha":"2501eebc12fa53e05200d61ec8d241265fa50b14"}]},{"name":"packer","children":[{"name":"README.md","path":"examples/packer/README.md","sha":"de54777e323364919ee79bbf2f2c5d942de9e7dd","toggled":true},{"name":"build.json","path":"examples/packer/build.json","sha":"1e3a089e4f3abb1bfb87696e88e7b71d908048c1"}],"toggled":true}],"toggled":true},{"name":"modules","children":[{"name":"backup-openvpn-pki","children":[{"name":"README.md","path":"modules/backup-openvpn-pki/README.md","sha":"d271084a97e3ea953afb0e9e690fac951bb6be6d"},{"name":"bin","children":[{"name":"backup-openvpn-pki","path":"modules/backup-openvpn-pki/bin/backup-openvpn-pki","sha":"ac4b49684ea0dc776449f786473975fc98db79b5"}]},{"name":"install.sh","path":"modules/backup-openvpn-pki/install.sh","sha":"af225b1dcd43eaab802a9e8040b3d39e25dd46a0"}]},{"name":"init-openvpn","children":[{"name":"README.md","path":"modules/init-openvpn/README.md","sha":"3a55b2c92611085870730ea15d589723b31dc775"},{"name":"bin","children":[{"name":"init-openvpn","path":"modules/init-openvpn/bin/init-openvpn","sha":"9d37721e8910585a9259bb5209f6485669bd539b"}]},{"name":"install.sh","path":"modules/init-openvpn/install.sh","sha":"9a41f990f62b2a9b526edfa813075cff277e1312"}]},{"name":"install-openvpn","children":[{"name":"README.md","path":"modules/install-openvpn/README.md","sha":"6073ab56f3a3ca0a69ca949a8a1e6086d7797709"},{"name":"bin","children":[{"name":"install-openvpn","path":"modules/install-openvpn/bin/install-openvpn","sha":"21816693acc9c1d2d0024c0845629421afe8b780"}]},{"name":"files","children":[{"name":"before.rules","path":"modules/install-openvpn/files/before.rules","sha":"e9f11106dda0d258910a36d88b3cac05c0d85146"},{"name":"openvpn-client.ovpn","path":"modules/install-openvpn/files/openvpn-client.ovpn","sha":"3fe8af5d74c724399d2b2acaaac3e5d07889912f"},{"name":"ufw-default","path":"modules/install-openvpn/files/ufw-default","sha":"ff5e7f69b1f65a2760579d4aa7575b278273e56b"},{"name":"vars.local","path":"modules/install-openvpn/files/vars.local","sha":"b19ce7da2758a7792a05d7563201127f8b1542c9"}]},{"name":"install.sh","path":"modules/install-openvpn/install.sh","sha":"65c8ed227131e94e7db76f47093f05b953950d07"},{"name":"scripts","children":[{"name":"generate-wrapper.sh","path":"modules/install-openvpn/scripts/generate-wrapper.sh","sha":"34d49724be9c3555a886d3cf00cf9cdbcb2a43bf"},{"name":"revoke-wrapper.sh","path":"modules/install-openvpn/scripts/revoke-wrapper.sh","sha":"d158a871cdd70cfed92418b6618d81c6bef08bd7"}]}]},{"name":"openvpn-admin","children":[{"name":".dockerignore","path":"modules/openvpn-admin/.dockerignore","sha":"a725465aee245635a2bd129af54858ed32c84cb8"},{"name":"Dockerfile","path":"modules/openvpn-admin/Dockerfile","sha":"d8b2de7aeb782a31932157e3a4fb183333da4259"},{"name":"README.md","path":"modules/openvpn-admin/README.md","sha":"2b15711eedfcfd4ea5f132bd7893e52c6991fc76"},{"name":"_ci","children":[{"name":"build-and-test.sh","path":"modules/openvpn-admin/_ci/build-and-test.sh","sha":"7b57f49d2a5cbce5f3e833c6e3dac767a90a92fa"},{"name":"test.sh","path":"modules/openvpn-admin/_ci/test.sh","sha":"ba48b9b10f31ca3f2e41ee3ce85e04d6ae289657"}]},{"name":"docker-compose.yml","path":"modules/openvpn-admin/docker-compose.yml","sha":"9a1c04848275d1a302063301d55b811aa0d666ed"},{"name":"go.mod","path":"modules/openvpn-admin/go.mod","sha":"2beebe549f0709db70e4055469a537dbb704f8de"},{"name":"go.sum","path":"modules/openvpn-admin/go.sum","sha":"bccd39c716b788f56cfca70bb3e74a6e5f532678"},{"name":"openvpn-request-flow-diagram.svg","path":"modules/openvpn-admin/openvpn-request-flow-diagram.svg","sha":"4c170df3fd6cf76d4c8e0bed7e1f2dbd98c08942"},{"name":"openvpn-revoke-flow-diagram.svg","path":"modules/openvpn-admin/openvpn-revoke-flow-diagram.svg","sha":"488101bcb015fee6de88b69ad8291b8a8daaf2d4"},{"name":"scripts","children":[{"name":"build-linux-binary.sh","path":"modules/openvpn-admin/scripts/build-linux-binary.sh","sha":"3dfe844499b28878ebbb177453887bc786aec4de"},{"name":"run.sh","path":"modules/openvpn-admin/scripts/run.sh","sha":"bbcb7f9bdf8578561226954669cdb3e886093fcb"}]},{"name":"src","children":[{"name":"app","children":[{"name":"app.go","path":"modules/openvpn-admin/src/app/app.go","sha":"8accfb5682d91790c232b4383c1996cbbf377fe8"},{"name":"cert_helpers.go","path":"modules/openvpn-admin/src/app/cert_helpers.go","sha":"de91f4d887b08a1b2d1b3e0769c7ea43ccca796d"},{"name":"cmd_process_certificate_requests.go","path":"modules/openvpn-admin/src/app/cmd_process_certificate_requests.go","sha":"200937a37f7fdd6b0650a600d4264b294c24ecc1"},{"name":"cmd_process_certificate_revocation_requests.go","path":"modules/openvpn-admin/src/app/cmd_process_certificate_revocation_requests.go","sha":"28969a1664113f2d9b8e4c22fedac3c60b4c9fb1"},{"name":"cmd_request_new_certificate.go","path":"modules/openvpn-admin/src/app/cmd_request_new_certificate.go","sha":"d21a31e6e299c544f08799cb78c788ba14530fd3"},{"name":"cmd_revoke_certificate.go","path":"modules/openvpn-admin/src/app/cmd_revoke_certificate.go","sha":"fb1b44c449b9dc4b875d5ed72109f227cbca7071"},{"name":"common.go","path":"modules/openvpn-admin/src/app/common.go","sha":"e2bdf9b9b4338ae7764d986b39b7c2a26f811a30"},{"name":"flags.go","path":"modules/openvpn-admin/src/app/flags.go","sha":"e70ac21a257bdcd443d3e6020e796973553a36eb"}]},{"name":"aws_helpers","children":[{"name":"iam.go","path":"modules/openvpn-admin/src/aws_helpers/iam.go","sha":"b8977018784245fa75010b36cc5fa732c1768969"},{"name":"sqs.go","path":"modules/openvpn-admin/src/aws_helpers/sqs.go","sha":"4e5e86bdbdeaad3fbacf774cff5d52d74f4410ff"}]},{"name":"main.go","path":"modules/openvpn-admin/src/main.go","sha":"09f1ad6fc7b388e1d42fc4152b8dd840f6c05357"}]}]},{"name":"openvpn-server","children":[{"name":"README.md","path":"modules/openvpn-server/README.md","sha":"2b783ba0b817778cb304f4c30afaec0335b2b550"},{"name":"main.tf","path":"modules/openvpn-server/main.tf","sha":"52b9c4adb8b802f06e518f21226ccd8f82a5bb2d"},{"name":"outputs.tf","path":"modules/openvpn-server/outputs.tf","sha":"01795f8945ae5141df3b1ea54f79b4f22ae36a68"},{"name":"vars.tf","path":"modules/openvpn-server/vars.tf","sha":"dfdf42eefbd9ef702e06ad38a0287e0ac6809dc7"}]},{"name":"start-openvpn-admin","children":[{"name":"README.md","path":"modules/start-openvpn-admin/README.md","sha":"0c9902a49939a60e80a57fa0f39bfbb50eafd40a"},{"name":"bin","children":[{"name":"run-process-requests","path":"modules/start-openvpn-admin/bin/run-process-requests","sha":"6c8c52b3a6b6d58fd9cedfa40212071a27cc703c"},{"name":"run-process-revokes","path":"modules/start-openvpn-admin/bin/run-process-revokes","sha":"cffcbe2dcc9f16dd6989a68153e81edede8c0cb2"}]},{"name":"install.sh","path":"modules/start-openvpn-admin/install.sh","sha":"2af5af7f24c40136b22d50cb8cec47f7a9d2b2ac"}]}]},{"name":"terraform-cloud-enterprise-private-module-registry-placeholder.tf","path":"terraform-cloud-enterprise-private-module-registry-placeholder.tf","sha":"ae586c0fe830819580e1009d41a9074f16e65bed"},{"name":"test","children":[{"name":"README.md","path":"test/README.md","sha":"6c2e79488468f407d805afb5c83a41b523a16195"},{"name":"go.mod","path":"test/go.mod","sha":"76f9a862c7a47e5863026e6ea1a17cd095339896"},{"name":"go.sum","path":"test/go.sum","sha":"7ac28b8916052fca9d5254640ea7c5a8d0a0790e"},{"name":"local-test","children":[{"name":"docker-compose.yml","path":"test/local-test/docker-compose.yml","sha":"e69de29bb2d1d6434b8b29ae775ad8c2e48c5391"}]},{"name":"openvpn_test.go","path":"test/openvpn_test.go","sha":"77ad645185168f52137f03712cdbbe4fa0c1a6d9"}]}]},"detailsContent":"<h1 class=\"preview__body--title\" id=\"open-vpn-example-ami\">Open VPN example AMI</h1><div class=\"preview__body--border\"></div><p>This folder contains an example <a href=\"https://www.packer.io/\" class=\"preview__body--description--blue\" target=\"_blank\">Packer</a> template for building an AMI (Amazon Machine Image) containing the OpenVPN server.</p>\n<h2 class=\"preview__body--subtitle\" id=\"pre-requisites\">Pre-requisites:</h2>\n<p>In order to build this AMI you will need to provide some input variables. There are several variables but the most important ones are:</p>\n<ul>\n<li>In which AWS region should Packer build your AMI</li>\n<li>Where should Packer look for a copy of the <a href=\"/repos/v0.12.0/package-openvpn/modules/openvpn-admin\" class=\"preview__body--description--blue\">openvpn-admin</a> binary that you will use to manage your VPN certificates. If you haven't built this before, take a look at it's documentation for steps on how to build it. <strong>Remember:</strong> When building <code>openvpn-admin</code> for use in this packer template, keep in mind the OS and architecture where this will be <em>deployed</em> and not the OS/architecture of the machine that's building <code>openvpn-admin</code>. E.g., if you're firing up an EC2 Instance that runs Linux, you'll need to build the binary for Linux, even if you happen to be running the build on a Mac.</li>\n</ul>\n<p>All variables below:</p>\n<table>\n<thead>\n<tr>\n<th>Variable name</th>\n<th>Description</th>\n<th>Default Value</th>\n</tr>\n</thead>\n<tbody>\n<tr>\n<td>active_git_branch</td>\n<td>The git branch to use for gruntwork-install.</td>\n<td><code>null</code></td>\n</tr>\n<tr>\n<td>aws_region</td>\n<td>Tells Packer in which AWS region to build your AMI</td>\n<td><code>us-east-1</code></td>\n</tr>\n<tr>\n<td>github_oauth_token</td>\n<td>Your github OAuth token.</td>\n<td><code>env.GITHUB_OAUTH_TOKEN</code></td>\n</tr>\n<tr>\n<td>openvpn_admin_binary</td>\n<td>Where should Packer look for a copy of the <code>openvpn-admin</code> binary that you will use to manage the VPN certificates on your VPN server. See: <a href=\"/repos/v0.12.0/package-openvpn/modules/openvpn-admin\" class=\"preview__body--description--blue\">openvpn-admin</a> for more info.</td>\n<td><code>/examples/bin/openvpn-admin</code></td>\n</tr>\n<tr>\n<td>gruntwork_installer_version</td>\n<td>What version of <a href=\"/repos/gruntwork-installer\" class=\"preview__body--description--blue\">Gruntwork Installer</a> to use</td>\n<td><code>v0.0.20</code></td>\n</tr>\n<tr>\n<td>bash_commons_version</td>\n<td>What version of <a href=\"/repos/bash-commons\" class=\"preview__body--description--blue\">bash-commons</a> to use</td>\n<td><code>v0.0.6</code></td>\n</tr>\n</tbody>\n</table>\n<h2 class=\"preview__body--subtitle\" id=\"building-the-packer-template\">Building the packer template</h2>\n<p>Below is an example of the command you could run to build this packer template.</p>\n<pre>packer build \\\n\t-var <span class=\"hljs-attribute\">aws_region</span>=us-east-1 \\\n\t-var <span class=\"hljs-attribute\">openvpn_admin_binary</span>=../examples/bin/openvpn-admin \\\n\t<span class=\"hljs-attribute\">-only</span>=ubuntu-16-build \\\n\t<span class=\"hljs-built_in\">..</span>/examples/packer/build.json\n</pre>\n<p><strong>Notes</strong></p>\n<ul>\n<li><code>-only</code> flag allows you to execute one specific builder with the given name. This parameter can be ommitted if the packer template has only one builder defined in it. This example has just one builder, but we're including the parameter for reference.</li>\n<li><code>openvpn_admin_binary</code> in the example above is pointing to a sample location. Unless you execute the <a href=\"/repos/v0.12.0/package-openvpn/test/openvpn_test.go\" class=\"preview__body--description--blue\">automated test</a>, which will actually build the artifact for you and place it into that folder, you will have to provide your own path where that binary is located.</li>\n</ul>\n","repoName":"package-openvpn","repoRef":"v0.13.1","serviceDescriptor":{"serviceName":"OpenVPN","serviceRepoName":"package-openvpn","serviceRepoOrg":"gruntwork-io","cloudProviders":["aws"],"description":"Deploy an OpenVPN server. Supports auto healing, public key infrastructure (PKI), cert backup, and managing user accounts using IAM groups.","imageUrl":"openvpn.png","licenseType":"subscriber","technologies":["Terraform","Bash","Go"],"compliance":[],"tags":[""]},"serviceCategoryName":"Client VPN access","fileName":"README.md","filePath":"/examples/packer","title":"Repo Browser: OpenVPN","description":"Browse the repos in the Gruntwork Infrastructure as Code Library."}