Replace openvpn broken package


English version:

Hello everybody,
I run a personal yunohost instance at home on a raspberry pi 3 and it works well.
I was searching for an openvpn replacement package for yunohost when I discovered this script to turn my raspi in openvpn server easily.
I wonder if this script could be integrated in a “yunohost package” way?
It could be a solution to deploy easily an openvpn service on a yunohost instance.
What do you think about that?

Version française:
Salut tout le monde,
J’héberge à la maison ma propore instance yunohost sur un raspberry pi 3 et ça mache plutôt bien.
Je me suis mis à la recherche d’un package openvpn de remplacement pour yunohost lorsque j’ai découvert ce script pour transformer mon raspi en serveur openvpn facilement.
Je me demandais donc si ce scrip pouvait être intégré en tant que nouveau package openvpn pour yunohost?
ça pourrait être une solution de contournement pour déployer facilement un service openvpn sur une instance yunohost.
Qu’en pensez-vous?

This openvpn package is working for me :

It allows me to create public ipv4 vpn.

I have create some tickets about some common issues, that should be fixed :

Ce package openvpn fonctionne pour moi :

Il me permet de créer des vpn avec ipv4 publiques.

J’ai créé des tickets sur des problèmes communs qui devraient être fixé:

Ah bon? ça fonctionne?
Pourtant il est marqué comme “cassé” dans la liste des packages yunohost

Yes it is marked broken due to this issue
But you can assign the ip dynamically, or correct manually this file ip4_attribution.csv, it is located in /etc/openvpn/

I am going to fix this bug, next it could be marked as working (with a quality level of 7)

Oui cette app est marquée comme cassée à cause de cette issue
Mais il est possible d’assigner les ips dynamiquement (il y a une question pour ça à l’installation) ou de corriger manuellement le fichier ip4_attribution.csv, situé dans /etc/openvpn/

Je vais corrigé ce bug, ensuite je marquerais le package comme fonctionnel et avec un niveau de qualité de 7


Parfait ça!
J’attends ta correction et je me lance dans l’installation de ce paquet.
Je ferai un retour sur ce topic afin que tout le monde soit au courant.

Hi @ljf

Can you please provide the suitable Ip4 values for the ip4_attribute.csv ? As the issue you have opened don’t have any solution. Can you please give an example.

It is

SO the file should be something like this:

The ip address should be in the range you have specified.

Hi, not meaning to be pushy, but I was just wondering if this issue ever got resolved? I see that neither PiVPN nor OpenVPN currently exist in the YNH app catalogue, and the WireGuard app for YNH is still marked as broken. I can’t find any working, hostable VPN software for YNH. There is the VPN Client app, but it is similar to WireGuard, in that it allows a connection out to a cloud VPN service. What I’m after is a “reverse VPN” like PiVPN, which allows me to tunnel in to my YunoHost server from the Internet. Prior to discovering YNH, I had a perfectly working PiVPN installation running from Docker on my RasPi. I’d like to do something similar again for my YNH-based project in 2022, if at all possible. Thanks.

1 Like

Despite Wireguard being marked as broken, it does work. I’m using it right now.

I’m not sure the exact reason it is marked broken.

From what i can see in our automatic tests, the install fails because it tries to install some kernel headers which are not available for some reason … So pretty mystical/technical issue that may or may not happen on your system, maybe depending on the kernel version you’re running

Am I correct in my understanding that the WireGuard app, when installed under YunoHost, will only provide a one-way VPN tunnel outwards from the YunoHost machine to a cloud-based VPN, and will not allow for inbound VPN tunnel connections into the YunoHost machine? I am trying to achieve the latter, not the former, at this time.

Wireguard is not server based, so you can do both.

I have Wireguard running on Yunohost. I use it as a VPN sometimes. I set Yunohost to send out IP4 traffic. So, when I connect to Wireguard, all outside internet traffic is routed through the Yunohost Wireguard machine.

I also use it as a private network and connect to Wireguard to access other computers I have connected to the same wireguard network.

Probably somebody else will explain this better, or read about it a bit more. It is a bit different than OpenVPN.

1 Like

That sounds like what I am trying to achieve at first. Good to know that it is already being done by someone here in the community. I may pick your brains later about how you achieved this in your YunoHost install. I intend to start working on my VPN access on about 20-Feb-2022, according to my project calendar.

I’m no expert, but the experts are in here. You can read the thread and get a feel for what Wireguard can do.

1 Like