Andrew Davidson amdavidson

## debian-strongswan.md

      
              2 files
            
          
              14 forks
            
          
              5 comments
            
          
              60 stars
            
          
                andrewlkho
                / debian-strongswan.md
            
            
              Last active
              January 3, 2024 03:39
            
              
                Setting up a secure VPN with strongSwan on debian
              
          
    With heightening concern regarding the state of internet privacy (fuelled in part by the passing of the Investigatory Powers Act in the UK), I have set up a VPN server on the virtual server I have hosted with Mythic Beasts.  This uses strongSwan and certificate-based IKEv2 authentication.
Assumptions:

Debian Jessie server already set up and accessible via debian.example.com, a public IPv4 of 203.0.113.1 and a public IPv6 of 2001:db8::1
Client username of me
Clients are running the latest versions of macOS and iOS (Sierra and 10 respectively at the time of writing)
No need to support any other operating systems (although the setup is easily translated)

For automated deployment of a similar setup, albeit Ubuntu-based and using ansible for deployment, I recommend you take a look at Algo VPN.  I used that project as a basis for my configuration.

  
## invite-tree.sh
curl -s -H "Authorization: Bearer $(curl -s --json '{"identifier": "yourusername", "password": "yourpassword"}' https://bsky.social/xrpc/com.atproto.server.createSession | jq -j ".accessJwt")" "https://bsky.social/xrpc/com.atproto.server.getAccountInviteCodes" | jq -r '.codes[].uses[].usedBy' | xargs -I{} -P10 curl -s 'https://plc.directory/{}' | jq -r '.alsoKnownAs[0]'