ovpn-admin 1.7 is released with more features & enhancements
ovpn-admin is a simple web interface for managing OpenVPN users’ certificates and routes. This tool was originally developed for internal Flant projects. However, this spring, we decided it could be beneficial for a wider community and made it Open Source by posting on GitHub.
You can use ovpn-admin to generate certificates for new users, revoke and reissue certificates, expose metrics to Prometheus, etc. It is written in Go and is licensed under the Apache 2.0 license. You can learn more about the ovpn-admin features in its initial announcement.
ovpn-admin got a pack of improvements that were accumulated in version 1.7.0. Its development continued leading to several more releases with new features since then, so the latest version is v1.7.4 at the time of writing.
Here are the most prominent features implemented in ovpn-admin 1.7.x:
- specifying a custom path to CCD templates (via the
--templates.ccd-pathoption) and a user configuration file (
- automatically defining the
remoteparameter (in the
client.conf.tpltemplate) when ovpn-admin is behind a load balancer in Kubernetes (the
--ovpn.server.behindLBoption enables it,
ovpn.servicespecifies the name of the Service having the
LoadBalancertype in K8s);
- specifying the network for the OpenVPN server via environment variables (
OVPN_SERVER_MASKvariables for OpenVPN,
OVPN_SERVER_NETWORKvariable for ovpn-admin);
- configuring other ovpn-admin parameters via env vars.
The following bugs were fixed:
- failing the first execution of the
iptables -Dcommand (particularly, it caused ovpn-admin to crash when trying to run in a Docker container on Ubuntu Server 20.04);
- disconnecting a user when a certificate is revoked;
- displaying the wrong username in pop-up notifications;
- non-unique custom user address in CCD (now ovpn-admin checks if it is unique).
In addition, the newly built ovpn-admin binaries are now automatically published via GitHub Actions for Linux systems based on amd64, i386, arm, and arm64 architectures.
A few sidenotes
The community members contributed to many of the features mentioned above — many thanks for their efforts!
We didn’t plan to develop ovpn-admin actively. However, this tool turned out to be useful and quite popular. The project currently boasts 300+ stars on GitHub, and the community is actively involved in its development. As always, we look forward to new users and features. Hint: GitHub stars are also much appreciated!