Outline VPN is a new open source VPN created by Jigsaw. They promise an incredibly easy-to-install VPN experience, far easier than OpenVPN. That’s great news, as setting up a virtual private network (VPN) on a personal server has never been particularly easy.
Hold on a second. Outline is made by Google?
Well, made by Alphabet, to be exact. Alphabet is the parent company of Google and a handful of others, including Jigsaw, which operates as a tech “incubator.” Following along? For the visual learners, here’s a rough illustrated guide:
Alphabet
| -> Jigsaw
| -> Outline
| -> Google
| -> YouTube
| -> Android
| -> etc
| -> Waymo
| -> Google Fiber
| -> etcVia Outline, Jigsaw is trying to make VPNs not only secure but also incredibly easy to set up — especially for those who don’t happen to be sysadmins. The target demographic for the Outline VPN is journalists and news organizations, but anyone can take advantage of their hard work. Here’s what Jigsaw has to say about their goals:
Journalists need safe access to information to research issues, communicate with sources, and report the news. Outline makes it easy for news organizations to set up a virtual private network (VPN) on their own server. This gives news organizations the power to provide anyone in their organization safer access to the internet and keep their communications private.
What makes VPNs hard, exactly?
Our tutorial on installing OpenVPN is one of our most popular tutorials, but keyservers and a dozen configuration files can flummox even experienced sysadmins. Streisand is much more straightforward to install but forces you to dedicate your entire server to its VPN software — not great for flexibility or getting more value from your existing server.
Outline tries to do things a little differently:
- Uses Docker containers.
- Uses a single command for installation.
- Can be installed concurrently with other apps, web servers, and more.
Prerequisites
- A virtual machine running any supported OS option, I recommend to use Fedora or CentOS
- A working Docker installation
- A non-root,
sudo-enabled user - A local computer running Windows or Linux
Step 1. Installing Docker (if not installed already)
If you don’t have Docker installed on your server yet, take a moment to perform this one-command installation:
$ sudo curl -sS https://get.docker.com/ | shThe script will update your system as needed, add the appropriate Docker repositories, and install the correct Docker packages. You may then need to start the Docker service.
$ sudo systemctl start docker
$ sudo systemctl enable dockerFinally, verify that the Docker service is running:
$ sudo sudo systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
└─firewalld.conf
Active: active (running) since Mon 2018-03-26 14:36:26 EDT; 4s ago
Docs: https://docs.docker.com
Main PID: 31232 (dockerd)Step 2. Installing the Outline VPN server
With Docker installed, you can run the Outline server installation script:
$ sudo wget -qO- https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/src/server_manager/install_scripts/install_server.sh | bashYou will see lots of output from the script: first, it checks for the necessary programs (Docker), creates secret keys, and then downloads and starts two Docker containers: a shadowboxserver and a watchtower server to update shadowbox as needed.
When the server installation script finishes, you’ll see some output similar to the following:
{
"apiUrl": "https://123.456.78.9:12345/xxxxxxxxxxxxxxxxxxxxxxx",
"certSha256": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}Keep that information safe, as you’ll need it in the next step. For now, rejoice: You have successfully installed a VPN server!
Step 3. Managing your new Outline server
Jigsaw has created a desktop app called Outline Manager to help users configure their Outline servers. You can install this app on your local machine (where you’re reading this now, not where you just ran the above scripts), but, unfortunately, it’s currently only available for Windows and Linux. OS X users will have to wait patiently or find a different machine.
Download the appropriate version for you.
Once you open the Manager app, scroll down to Set up Outline anywhere and click on the Get started button.
You’ll see two steps to follow. You’ve already done the first one, and for the second step, all you need to do is copy the bracketed text from Step 3 into the field and click Done.
Tip: If you are running a firewall on your server, you will need to open TCP ports between 1024 and 65535. With any luck, Outline will be updated in the future to accept a user-specified range of ports.
Once you’re connected, you will see that you already have a key called My access key. Click on the Get connected button, which will give you a walkthrough on how to install and configure the appropriate VPN client for your platform.
Currently, the only official Outline clients are for Windows, Android, and Chrome OS, but Outline Manager will help walk you through both OS X and Linux clients as well. They require more manual configuration but are not particularly complicated.
Once you’ve finished connecting to the VPN, you can visit a website that shows you your IP and, hopefully, find that it matches the IP of your VPS. If so, congratulations again — you’re browsing the web through your very own VPN!
Step 4. Getting more from Outline
One of the great features of Outline is that you can easily give others — like friends, family, or colleagues — access to your VPN. To add a new user, you first need to create an additional key. Press the Add key button, and then name it accordingly. You can then click Share to generate a URL, which you can send to whomever you choose.
When they receive the URL, they will be directed to a webpage with client installation instructions. Be careful with that URL, as anyone who has the link will be able to connect to your server. Only give it to those you trust! The good news is that you can always delete a key if you need to.
You can also use the Outline Manager app to track data usage as well — useful if you have a friend who gets a little greedy with their bandwidth usage.
Outline is undergoing rapid development, so I’m excited to see how it can be improved and expanded shortly. With this first public release, it’s already proven itself to be the easiest way to set up a VPN on your personal VPS — yes, even simpler than Streisand. The fact you can install Outline alongside other Docker-packaged apps is another massive plus.
All in all, Outline is a big step in the right direction for VPNs. Here’s to even more options for browsing the web securely.
