Terraform module for complete Pritunl setup
Pritunl is a hassle-free, easy to set up open source VPN server which is built with OpenVPN.
I started to use Pritunl to access AWS instances awhile ago and am so happy with it.
Pritunl comes with different subscription plans but if your goal is only to access to a site such as VPC like me you can use the free plan. It needs no registration or any other steps. If you need any advanced features such as Single Sign-on you need to use Enterprise plan which is $50/month. You can check the feature comparison list in here http://pritunl.com/#plans
It also comes with an easy to use free client. You don’t need to teach people in your team how to connect to the VPN server and makes easier to share profiles with new users by temporary URLs through the UI.
My motivation behind to use Pritunl was
- Easy to set up
- Multi factor authentication
- Less maintenance work
And Pritunl was the batteries included solution for me.
Of course, I wrote a Terraform module for setting up Pritunl on AWS.
What Terraform module does
- Creates credstash tables for secrets such as backup encryption key
- Installs Pritunl on an AWS Linux
- Creates an S3 bucket for backups
- Adds a cron script for automated backups
- Scheduled script will be monitored by Healthchecks.io
All you need to do is calling the Terraform module in your VPC template as below;
module "app_pritunl" {
source = "github.com/opsgang/terraform_pritunl?ref=1.0.0" aws_key_name = "org-eu-west-1"
vpc_id = "${module.vpc.vpc_id}"
public_subnet_id = "${module.vpc.public_subnets[1]}"
ami_id = "ami-01ccc867"
instance_type = "t2.small"
office_ip_cidrs = [
"8.8.8.8/32"
] tag_product = "vpn"
tag_env = "dev"
tag_purpose = "networking"
tag_role = "vpn"
}
Now, after terraform apply
, you can start to follow steps from “Database setup” part in here https://docs.pritunl.com/docs/configuration-5 and you need to complete “Connecting” part as well https://docs.pritunl.com/docs/connecting
Once you set up your instance, you can run the backup script manually and forget the VPN service. If you lost your instance by any chance, you only need to terraform apply
again and restore mongodb backup from the S3 bucket. All your setup and users will be restored to current instance.
You can find more details in the README file on the repo https://github.com/opsgang/terraform_pritunl
All PRs are welcome.