Install OpenVPN with IPv6 on Ubuntu

This article gives out the process of install OpenVPN with IPv6, and to be more specific, it will foucus on the difference with the Ubuntu official document about OpenVPN installation [1]. Before start, You need to check whether your server has IPv6 address. And if you are looking for tips about OpenVPN both with IPv4 and IPv6, you are supposed to read another post about 《OpenVPN both with IPv4 and IPv6》.

Currently the lastest stable version of OpenVPN is 2.2.2 and for Ubuntu repo is still 2.2.1, both of them are only IPv4 supported. But thankfully the 2.3 version which supports IPv6 is already in RC stage and there is an official apt repo [2] so that we can achieve it easily.

Most of commands need superuser privilege, so just use root to make everything easy.

1) Install OpenVPN 2.3_rc1 (Both on server and client)

Note that we install easy-rsa more than openvpn only because easy-rsa examples used to be in OpenVPN doc directory never exist in OpenVPN 2.3_rc1.

2) Generate Certificate Authority

Note that the location of easy-rsa directory has changed.

Edit the “vars” file by vim or nano or something else (I will use vim for following examples), be sure to change following variables:

Note that there are two duplicate KEY_EMAIL, feel free to delete one. All these variables are required when building all crts and keys, make sure to change it which will make them as default value so that you can press Enter all the way.

3) Generate Server Certificates

4) Generate tls auth key (Add more security to OpenVPN port)

5) Server Configuration

Following is the change list by the default configure file. “A -> B # C” meaning change A to B, while C is the comment for more easy reading and you can just ignore it.

6) iptables Configuration

This will be a new file and you should press following in it.

After saving the file you need to make it executeable.

All following listings are commented in default configure file, just uncomment them.

Note that the important difference is here. which make IP forward also work for IPv6. the parameter is different from IPv4, but fortunately it has been already listed in default configure file. At last, just make all related restart.

Now the server side should be working, a simple confirmation is to check whether tun0 or tun1 exists in ifconfig, then let’s go for clients.

7) Generate Client Certificates

8) Client Configuration
Following are needed files for client, be careful to download them by scp or something else from server. And this is the last thing you need to do on the server. all things left should be done on the cliet besides step 1). Make sure to copy all needed files under the /etc/openvpn/ so that you can run it as daemon easily.

Copy the default client configure file to /etc/openvpn/

Following is the change list by the default configure file. Just the same with Server Configuration in step 5)

9) Confirmation
Now you can just start the openvpn by

if you can ping 10.8.0.1 successfully then everything should be ok. after that you can make it working as daemon by

10) Reference:
[1] https://help.ubuntu.com/12.04/serverguide/openvpn.html
[2] https://community.openvpn.net/openvpn/wiki/OpenvpnSoftwareRepos
[3] http://www.vpser.net/build/linode-install-openvpn.html

安装 Ubuntu 12.04 (Precise) 之后

本文会不定期更新,最后更新时间 2012/06/02


Changelog

20120516: 优化最大化页面: gnome-shell-extension-window-buttons
20120602: 安装Calibre: sudo apt-get install calibre


曾经心血来潮写过一个Ubuntu的配置教程,还美其名曰《邂逅Ubuntu》系列,后来Ubuntu更新了,GNOME也变成了gnome shell,但是教程再也没更新过(惭愧不已)。适逢Ubuntu 12.04刚更新不久,简单记录下配置的流程。

本文主要记录了安装Ubuntu 12.04 (Precise) 之后的配置美化过程,主要包含:
1、配置软件源;2、安装配置gnome shell取代unity;3、安装相关软件;4、配置杂项。


配置软件源
我的策略是教育网一组,公网一组,官网一组,其次主要考虑地理位置和具体连接的速度。
教育网推荐是使用清华、北交、上交的(其一即可),公网推荐sohu(中国官方源)、163的(同样选择其一)。

配置好之后记得更新升级


安装配置gnome shell
之前折腾过Arch、Gentoo、Mint、Deepin都是因为Ubuntu换了unity,也算因祸得福,学到了很多东西,现在可以兼容了,当然果断上之。

安装基本桌面

安装图标和GTK主题

我选择的Icon theme是Faience,Window theme和GTK+ theme都是Evolve

安装gnome shell extension
可以通过PPA和网站两种方式安装,主要还是个人喜好和需要,通过gnome-tweak-tool进行设置即可,这里只列出作者使用的部分
通过PPA安装

通过GNOME Extensions网站安装
个人感觉PPA提供的已经基本够用了,而且很方便更新,你也可以在网站里淘一淘

需要注意 user-themes 插件可能有问题,导致gnome-tweak-tool无法打开或者打开报错,通过以下两条命令可以解决

安装gnome shell theme
我有点洁癖,不喜欢下载安装,因为不方便更新,但暂时还未发现包含很合意的gnome shell theme的PPA,可以关注一下Satya的PPA(之前安装GTK主题时已经添加了)。我已经邮件和作者联系过了,确定还会维护更新的,就是需要等等。我现在安装的是London Smoke Gnome-Shell,作为暂时的选择。


安装相关软件
此部分列举了本人会用到的软件包,因根据个人需要选择

此外还有MongoDB数据库指纹识别fprint的安装,可以进入对应页面查看详情


配置杂项
安装更新语言包
“System Settings” -> “Language Support”
在”Install / Remove Languages…” 中选择安装 “Chinese (simplified)” 和 “English”
最下方的输入法选择中选择ibus

配置字体
安装中文语言包之后会安装相应中文字体,通过gnome-tweak-tool即可配置
我一直比较喜欢使用文泉驿的微黑(WenQuanYi Micro Hei),等宽字体也使用WenQuanYi Micro Hei Mono

修改Chromium标题栏按钮位置问题
由于Unity的缘故,Chromium标题栏按钮会显示在左边,通过以下命令(其一)可以解决

在Startup Applications Preferences中显示开启启动项
默认情况下很多启动项都没有显示,通过以下命令即可实现

优化最大化页面
主要是来自 ppa:webupd8team/gnome3 (前面已经配置)的新插件 window-buttons

1)在 gconf-editor 中,进入 apps > maximus
1.1)启用 ‘no_maximus’
2)在 dconf-editor 中,进入 org > gnome > shell > extensions > window-buttons,
2.1)启用 “onlymax” 和 “hideonnomax” 窗口(如桌面和gnomw-tweak-tool)不支持最大化时隐藏标题栏中的按钮
2.2)其他 theme 、 order 之类的可以根据自己的喜好修改


其他主要是根据个人喜好修改系统和相应软件的设置
至此,基本配置完毕,欢迎交流和提出改进意见

在Ubuntu上安装MongoDB

由于Ubuntu版本发行的规则,版本库里往往不是最新的组建,所以有时候需要使用官方的PPA进行补充,例如MongoDB,版本库里的版本连UTF-8都不支持。官方已经有很详细的解释说明,这里主要是复述记录一下。

废话不多说,上代码:

这里也有一个简单的脚本实现自动安装,拷贝到单独的文件中,运行”sudo sh 文件名”即可。