openvpn+frp实现无固定IP的vpn搭建

linux

openVPN

生成配置文件

docker run -v /data/OpenVPN/:/etc/openvpn –rm kylemanna/openvpn:2.4 ovpn_genconfig -u tcp://192.168.10.114

生成秘钥文件

docker run -v /data/OpenVPN/:/etc/openvpn –rm -it kylemanna/openvpn:2.4 ovpn_initpki

生成客户端证书,hehuvpntest为自定义的用户名证书,nopass 创建无密码用户

docker run -v /data/OpenVPN/:/etc/openvpn –rm -it kylemanna/openvpn:2.4 easyrsa build-client-full hehuvpntest nopass

导出证书

docker run -v /data/OpenVPN/:/etc/openvpn –rm kylemanna/openvpn:2.4 ovpn_getclient hehuvpntest > /tmp/conf/hehuvpntest.ovpn

启动OpenVPN服务

docker run –name openvpn –restart=always -v /data/OpenVPN/:/etc/openvpn -d -p 1194:1194 –cap-add=NET_ADMIN kylemanna/openvpn:2.4

添加用户

1
2
3
4
5
#!/bin/bash
read -p "please your username: " NAME
docker run -v /data/OpenVPN/:/etc/openvpn --rm -it kylemanna/openvpn:2.4 easyrsa build-client-full $NAME nopass
docker run -v /data/OpenVPN/:/etc/openvpn --rm kylemanna/openvpn:2.4 ovpn_getclient $NAME > /tmp/conf/"$NAME".ovpn
docker restart openvpn

删除用户

1
2
3
4
5
6
7
8
#!/bin/bash
read -p "Delete username: " DNAME
docker run -v /data/OpenVPN/:/etc/openvpn --rm -it kylemanna/openvpn:2.4 easyrsa revoke $DNAME
docker run -v /data/OpenVPN/:/etc/openvpn --rm -it kylemanna/openvpn:2.4 easyrsa gen-crl
docker run -v /data/OpenVPN/:/etc/openvpn --rm -it kylemanna/openvpn:2.4 rm -f /etc/openvpn/pki/reqs/"$DNAME".req
docker run -v /data/OpenVPN/:/etc/openvpn --rm -it kylemanna/openvpn:2.4 rm -f /etc/openvpn/pki/private/"$DNAME".key
docker run -v /data/OpenVPN/:/etc/openvpn --rm -it kylemanna/openvpn:2.4 rm -f /etc/openvpn/pki/issued/"$DNAME".crt
docker restart openvpn

frp server端配置

1
2
[common]
bind_port = 7000

配置systemd

1
2
3
4
5
6
7
8
9
10
11
12
[Unit]
Description = frp server
After = network.target syslog.target
Wants = network.target

[Service]
Type = simple
# 启动frps的命令,需修改为您的frps的安装路径
ExecStart = /usr/local/frp/frps -c /usr/local/frp/frps.ini

[Install]
WantedBy = multi-user.target

frp client配置

1
2
3
4
5
6
7
8
9
[common]
server_addr = 121.37.216.82
server_port = 7000

[OpenVPN]
type = tcp
local_ip = 192.168.10.114
local_port = 1194
remote_port = 6000

配置systemd

1
2
3
4
5
6
7
8
9
10
11
12
[Unit]
Description = frp server
After = network.target syslog.target
Wants = network.target

[Service]
Type = simple
# 启动frpc的命令,需修改为您的frpc的安装路径
ExecStart = /usr/local/frp/frpc -c /usr/local/frp/frpc.ini

[Install]
WantedBy = multi-user.target

测试连接