# Simple DIY VPN

## Features

* Starts automatically on demand and shuts down automatically when not used
  (Using systemd socket activation)
* Works on any VPS or home server with just ssh suppport.
  Distro/architecture/size does not matter. Only working ssh support required.
  No other software setup required on the server
* Easy to setup multiple different VPNs to different server. No need to change
  whole system network settings.
* Simple interactive cli utility to setup. No need to create/edit config files
* Simple bash script with no dependencies - (ssh and systemd are usually
  preinstalled)
* Once setup with browser extension, easy to use for non-technical users - Just
  right-click and choose a container

## Requirements

* Linux system with Systemd and ssh client
* Server with ssh support. [ssh keys][3] setup for passwordless login
* Browser or any app with SOCKS proxy support. [Librewolf][2] with [Container
  Proxy][1] extension allows to setup different VPN for each container

## Installation

* Archlinux [AUR][0]
* Manual install: (run as root)

```
make install
```

## Usage

```
❯ diyvpnctl add
Server name [e.g. vps1] [required] : homets
Listen address [e.g. 127.0.0.1:9090] [required] : 127.0.0.1:8071
Idle Timeout [e.g. 5min] [5min] :
Remote server Ip [e.g. 1.2.3.4] [required] : 100.64.0.2
Remote server ssh port [e.g. 2222] [22] :
Remote server username [e.g. dave] [required] : balki
SSH private key [e.g. ~/.ssh/id_ed25519] [required] : ~/.ssh/id_ed25519
Diyvpn config for homets added. Edit below configs for further changes
==> /home/balki/.config/diyvpn/servers/homets/config.rc <==
LISTEN_ADDRESS=127.0.0.1:8071
IDLE_TIMEOUT=5min

==> /home/balki/.config/diyvpn/servers/homets/ssh_config <==
Hostname 100.64.0.2
Port 22
User balki
IdentityFile ~/.ssh/id_ed25519

# vim: set filetype=sshconfig:

❯ diyvpnctl list
config path: /home/balki/.config/diyvpn/servers

Server               ListenAddress
can1                 127.0.0.1:8072
homets               127.0.0.1:8071
us1                  127.0.0.1:8070

```

## Internals

TODO: Explain

## Future Ideas

* Automatically fire up a VPS instance in a cloud provider on demand. Since
  most VPS are charged pre hour, for those using rarely, don't have to pay for
  entire month. A new VPS every time improves privacy.

[0]: https://aur.archlinux.org/packages/diyvpn-git
[1]: https://github.com/bekh6ex/firefox-container-proxy
[2]: https://librewolf.net/
[3]: https://wiki.archlinux.org/index.php?title=SSH_keys#Copying_the_public_key_to_the_remote_server