You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

4.7 KiB

Alias Tag Date DocType Hierarchy location Performance Characteristics Disk CollapseMetaTable
VPN
Server
Privacy
Security
Web
2021-10-11 Server NonRoot
CPU RAM Bandwidth Speed
1Core 1GB 1T
OS Domiciliation IPv4 Hostname Host SubDomain
Ubuntu 20.04 FR 5.135.0.192 vpn.mfxm.fr HostNamaste vpn
Capa Type UsedSpace TimeStamp
30GB RAID-10 22% 2021-11-13
yea

Parent:: mfxm Website Scope, Privacy & Security


^Top

name Edit Server parameters
type command
action MetaEdit: Run MetaEdit
id EditMetaData

^button-ServerVPNEdit

name Save
type command
action Save current file
id Save

^button-ServerVPNSave

Server VPN

title: Summary
collapse: open
VPN server sitting in France for accessing French media as if at home.

style: number


Server parameters

#^Top

title: Dashboard access
[Login - HostNamaste](https://www.hostnamaste.com/clients/login)
[Control Panel](https://manage.hostnamaste.com/login.php)

title: Address
The service will be located under **[vpn.mfxm.fr](https://vpn.mfxm.fr)** .


Services

#^Top

title: Service description
The VPN server will host a single VPN service and dependencies bare metal.

Installed server dependencies

#^Top

Security
Program name Type Description
**[[Configuring Fail2ban fail2ban]]** Daemon
unattended-upgrades Program Enables automatic updates of installed programs and OS
logwatch Daemon Monitors activity on server and sends activity logs

Configuring Telegram bots are also being implemented to receive logs from logwatch & Configuring Monit.

fail2ban

Classic installation with a dedicated configuration:

~~~bash
sudo nano /etc/fail2ban/jail.d/sshd.local
~~~

With the following parameters:

~~~ini
[sshd]
enabled = true
port=2227
maxretry = 10
bantime = 1m
~~~

Postfix

#^Top Mail Transfer Agent. Configuration is standard to allow for emails to be sent by programs / deamons / Nextcloud or others. Such a Configuring Postfix is required for every server to work correctly.

UFW

Firewall management, see Configuring UFW for more details.


Dedicated Server parameters

#^Top

Service Used value
Port: SSH 2227
Port: WG 61242
Port: WG GUI 10086


VPN Service

#^Top

title: wireguard installer
[GitHub - angristan/wireguard-install: WireGuard VPN installer for Linux servers](https://github.com/angristan/wireguard-install)

File repository
title: Client Config files
/home/melchiorbv/wg0-client-(clientname).conf
title: Server Config file
/etc/wireguard/wg0.conf

VPN client parametrisation

#^Top

title: In `~` for `melchiorbv`
~~~bash
./wireguard-install.sh
~~~

VPN parameters
title: WireGuard config
~~~bash
IPv4 or IPv6 public address: 5.135.0.192
Public interface: eth0
WireGuard interface name: wg0
Server's WireGuard IPv4: 10.66.66.1
Server's WireGuard IPv6: fd42:42:42::1
Server's WireGuard port [1-65535]: 61242
First DNS resolver to use for the clients: 94.140.14.14
Second DNS resolver to use for the clients (optional): 94.140.15.15
~~~


User Interface

#^Top

title: Open WG's GUI
http://5.135.0.192:10086

Everything is rather self-explanatory.
[Dev Github with help](https://github.com/donaldzou/WGDashboard)


Pricing

#^Top

VPN Server One-off cost Recurring subscription p.a.

**Server hosting**

| | *$25* ^VPNServerCost


Tasks & Further steps

  • Server VPN: Backup server 🔁 every 6 months on the 1st Tuesday 📅 2022-04-05
  • Server VPN: Backup server 🔁 every 6 months on the 1st Tuesday 📅 2021-10-14 2022-01-08
  • Server VPN: Backup server 🔁 every 6 months on the 1st Tuesday 2021-10-13

#^Top