Hey guys, today we will be creating a our very own VPN server with Alpine Linux and OpenVPN in an AWS EC2 instance. So, let''s get started. What we will be doing is, create an Elastic IP, attach it with our EC2 instance. SSH into it, and then, configure a VPN server, copy the client VPN connection pack to our machine and then try to connect to it.

Sign in to your AWS console and go to the EC2 dashboard.

Go to Elastic IPs. And, Allocate Elastic IP Address

Once you have an IP address, go to Instances.
Click on Launch Instance and search for alpine in the Community AMIs tab.

launch_instance

The one we will use is: alpine-ami-edge-x86_64-20200205024005 - ami-002a48030440e00da

Once you've selected it, the instance type of t2.micro will work for us.

instance_type

Then, keep hitting next until you reach Configure Security Group section.
There, you will need to add a new rule.

Type: Custom UDP Rule
Port Range: 1194 (The port that you will be using for the VPN connection)
Source: My IP (You can change it as per your needs)
Description: OpenVPN

security_group

Now, hit Review and Launch and Launch it.

Also, create a key pair and download it if you don't have one already.
I already have one and will be using it.

Now, go back to Elastic IPs and select the IP address. Click on Associate Elastic IP address and select your instance and its private IP. You don't really need to configure it for reassociation, but that's up to you. Once you're done with that, hit Associate.

Now, go back to Instances and you should see that it has your new Elastic IP. Nice.

Now, we will need to ssh into the box and configure it.

To ssh into the box:

ssh -i "abhizerawseducate.pem" alpine@<yourip>

Now, switch to root and follow along:

sudo su
setup-alpine

Now, keep hitting return until it asks for your DNS domain name, there enter your public DNS name, you should find this in your console. It looks something like this:
ec2-??-??-??-??.compute-1.amazonaws.com

Now, keep hitting return until you're done.

Once the initial setup is done:

modprobe tun
echo "tun" >> /etc/modules-load.d/tun.conf
wget https://raw.githubusercontent.com/captainwasabi/openvpn-install/master/openvpn-install.sh
apk add bash
bash openvpn-install.sh

Now, again, keep hitting enter until you are prompted for Public IP address / hostname. There, enter your public IP address.
Now, select the protocol, we'll go with UDP; port, we will go with 1194; DNS, you can use the current system resolvers; client name, I'm gonna enter abhizerprivatevpn, you can enter whatever you want; hit enter and you should have a vpn connection pack at /root/, in my case it is abhizerprivatevpn.ovpn.

cd /root
ls

And, it should be there. Now, to download this, I'm gonna use scp you can use whatever you want. So, to do that, as our root user isn't allowed a direct ssh login, let's change the owner of the file to alpine that way, we can fetch it.

chown alpine:alpine abhizerprivatevpn.ovpn
mv abhizerprivatevpn.ovpn /home/alpine

Now, change the password of alpine user, for the sake of security.

passwd alpine

Once you are done with that, you can exit the ssh session.

exit
exit

Now, to copy it over:

scp -i abhizerawseducate.pem alpine@<yourip>:/home/alpine/abhizerprivatevpn.ovpn .

Now, to connect to it:

sudo openvpn abhizerprivatevpn.ovpn

Or, you can use something like TunnelBlick.

And, now you should be connected.

To test it out:

curl https://api.myip.com

Have fun!