Connecting Yunohost TO an OpenVpn server or, how to convert a .ovpn into a .cube file?

Hi there,

Fisrt of all, thanks very much in advance for your kind help and for this great tool that is yunohost :slight_smile:

My YunoHost server

Hardware: Olimex LIME 1
YunoHost version: 3.5.2.2 (stable)
I have access to my server : Through SSH and through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

So, Iā€™ve got an OpenVpn server that is running somewhere and I would like my Yunohost to establish a VPN connection to this server.

Usually when I need to connect a device to my OpenVpn server, I give the device an .ovpn file that contains everything needed in order to establish the connection (settings, cettificates, keys, etc.) and it works smoothly.

With Yunohost, I understand that the app vpnclient_ynh needs a different kind of file in order to do this : The .cube file.

I also understand that this file can be provided by some alternative VPN providersā€¦ But itā€™s important to me to keep using my own OpenVpn server.

And the problem is that I didnā€™t find a way to :
-Create a VPN client .cube file (based on an existing .ovpn file that I have)
-Enter manually all the settings in the vpnclient_ynh web interface
-Get the vpnclient_ynh app to use directly my .ovpn file

I didnā€™t find an other Vpn Client app / program that could tun on yunohost.
Maybe there are some ?

Well, thatā€™s pretty much it.
Any help would be appreciated.

And thanks again for your help, your time, and for yunohost.

Cheers !

2 Likes

Hellow,

you are indeed right that itā€™s a bit puzzling to have this .cube thing if you are used to .ovpn. In fact in some discussions we were thinking that we should be able to convert .ovpn to .cube somehow (or transparently accept .ovpn).

Anyway :

Did you check the ā€˜Manualā€™ tab in which you can supposedly enter the settings manually ?

1 Like

Thanks for your answer.

I did check the manual tab but I didnā€™t really understand :

  • if I could just copy-paste the settings, or some of the settings, from my .ovpn to the ā€œadvancesā€ section
  • if Iā€™d have to fill the ā€œadvancedā€ section and the regular fields as well
  • ā€¦

Well, to make it short, I tried and failed :slight_smile:
So if you have some advice, let me know

Thanks,
Have a great day

Itā€™s dependent of your vpn server configuration. vpnclient is built to work with a ā€œip public vpnā€. So you shouldnā€™t use a vpn with a simple NAT. In a perfect world you have several public ip, if no, you can try to share ports of your unique ip between your vpn server and your yunohost or you can use a reverse proxyā€¦

we were thinking that we should be able to convert .ovpn to .cube somehow (or transparently accept .ovpn).

That would be great.

Did you check the ā€˜Manualā€™ tab in which you can supposedly enter the settings manually ?

Does someone knows how this part woks, how the vpnclient_ynh is using this field ?
Any help on how to set the vpnclient_ynh ā€˜Manualā€™ tab would be great.

Thanks a lot in advance for your kind help :slight_smile:

1 Like

Hi there,

I finally found a solution that suits me.

So, I observed that running the openvpn works greatly by simply using the command :
openvpn --config my-client-conf-file.ovpn

So I wrote a short script openvpn-client-launcher.sh that contains the very same command : openvpn --config my-client-conf-file.ovpn

Then I set up the script in order to turn it into a service, using system.d
The service is set up to start as soon as the server gets its network settings up + the connection to internet.
It (the service) restarts in case of problem.

The only thing is that it cannot be managed from the yunohost web interface.
Plus, as it is not a standard setting, in case of changing the hardware or re-installing everything, Iā€™ll have to set up the script + service again (which doesnā€™t take more than 30 minutes even for an amateur like me)

But, as long as it works for me Iā€™m cool with it.
If anybody needs some help on this, feel free to contact me.

I could also write a documentation page about it, if some of you think it would be useful.

Thanks again to the team for this great stuff that is Yunohost :slight_smile:

See ya

+1 for supporting .ovpn out of the box, that would be awesome!
And a questionmark with all the requirements for a VPN provider, e.g. dedicated IP.

1 Like

I am running my whole Yunohost installation behind my OpenVPN Access Server on Digital ocean right now.

I did this using openvpn3. I setup the DMZ option in the Web Admin so all services go through the VPN.

Not sure if that is helpful for you, but itā€™s an option.

vpnclient_ynh looks interesting, but this .cube file format is another hurdle. Iā€™m wondering why the devs tried to reinvent the wheel instead of sticking with the industry standard ovpn format?

1 Like