Set Up an OpenVPN Server Instantly with DigitalOcean Droplet User Data

OpenVPN is a full-featured open source Secure Socket Layer (SSL) VPN solution that accommodates a wide range of configurations. In this tutorial, we’ll set up an OpenVPN server on a Droplet and then configure access to it from Windows, OS X, iOS and Android. This tutorial will keep the installation and configuration steps as simple as possible for these setups.

Note: OpenVPN can be installed automatically on your Droplet by adding this script to its User Data when launching it. Check out this tutorial to learn more about Droplet User Data.

Setup VPS instance

First thing first, you need to create a Digitalocean account by clicking this link. Complete the registration by providing your payment method, either with credit card or Paypal account.

After you see the green button “Create Droplet”, click on it to proceed to the next step. Type in your preferred Droplet hostname, whatever you want. Then select size of droplet, in this case you’ll choose the pricing which fit you. In my case, I choose the lowest one, $5 /month droplet with 20GB storage and 512MB RAM. It’s kind of enough for me.

Then select the region you want the droplet located. This time, you may want to choose the nearest region from your country. Then select Image, it is the operating system for your VPS. Choose the Ubuntu 14.04 x64.

And finally, tick the “User Data” in the Available Settings section. When the text input appears, enter the script for creating the VPN server. Get the script by referring to the link at the bottom of this post. Find the “Note” section like above quotation. There you’ll find the link to the script. Just copy and paste it.

DO User data
DigitalOcean User data. This is just illustration, and that’s not the script you want.

And in the last section, you may skip that “Add SSH Keys”. Then you will receive the password required to login to the VPS in your email inbox. Check it later.

via How To Set Up an OpenVPN Server on Ubuntu 14.04 | DigitalOcean.

Auto build Launchpad Project on Commit

If you have a project hosted on Canonical’s Launchpad, then you have a choice to build it as soon as you push its Bazaar commit. The automatic build process is conducted by a “recipe”. Cited from official explanation, there are two options for when recipes get built:

Built daily
A build will be scheduled automatically once a change in any of the branches used in the recipe is detected.
Built on request
Builds of the recipe have to be manually requested using the “Request build” action.

You can create a recipe from project page, and look for “Create packaging recipe”. Then you need to choose the “Built daily” option to automatically build the DEB binary from source when you push the commit.

Build recipe Launchpad Canonical Ubuntu
Build recipe Launchpad Canonical Ubuntu

Then you can compose the packaging recipe by refering to the official documentation here: https://help.launchpad.net/Packaging/SourceBuilds/Recipes

Avoiding ‘Hidden’ Bills of AWS Free Tier

I’ve got an AWS free tier account for a year recently. The free should mean free of charge, but even before a month, suddenly I got an unpaid bill notification from Amazon.

AWS Free Tier charge
AWS Free Tier bill

By looking at above image, I saw that the bill comes from EC2 service, which I use it for setting up a VPS. After deep looking at the bill information, I got the culprit. It was the Elastic IP address that got me to pay the charge.

Briefly, I requested a static IP address to be associated to my VPS. I didn’t aware that the IP has to be bound to any instances. Once it is disassociated, we will be charged at per-hour rate. And unfortunately, I disassociated it for a few hours by unknown reason. As the result, I had to pay Amazon for $0.36.

So, instead of disassociate the ellastic IP address, we just have to release it. Perhaps it will be useful for other people.

How to use SOCKS 5 proxy in Ubuntu command line

This post is originally posted in Indonesian on my other blog: http://blog.badwi.my.id/internet/tips-bagi-pengguna-ubuntu-pengguna-internet-tri-122. Here I wrap up it in English.

Sometimes, we need a proxy to bypass internet filtering. When we work in command line environment, it may not as simple as in graphical environment. But thanks to proxychains, it becomes so simple that we just need to put proxychains command before the commands we want to execute. Proxychains is available in Ubuntu repository. So, we just have to run sudo apt-get install proxychains to install it.

Proxychains can handle several proxy types, including SOCKS5 proxy. It is an SSH tunneling proxy. So we need a remote machine which allows us to login and access internet. That’s usually a VPS. So, we need to connect to SSH and make a tunnel before using proxychains.

ssh -vfCND1080 -l login_name -p port remote_machine_address
  • v argument makes verbose output, so you may ommit it
  • f argument makes ssh session run in the background
  • C argument enables compression for all data
  • N argument disables remote command to the machine we connect
  • D1080 means to make local dynamic listening poxy at port 1080
  • login_name is the username of our remote machine
  • port is the SSH port of remote machine, usually 22
  • remote_machine_address is the address of our remote machine, either IP number or domain

Once connected, we can now use proxychains to bypass internet blocking. But first, we need to configure the proxychains in order to use our tunnel proxy. Edit the /etc/proxychains.conf file. Make sure you have these lines uncommented.

strict_chain
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
socks5 127.0.0.1 1080

We can also make a per-user config file at $HOME/.proxychains/proxychains.conf. Then we can make use of proxychains in every command we execute which needs internet. For instance:

sudo proxychains apt-get update

How To Set Up Automatic Deployment with Git with a VPS | DigitalOcean

Introduction

For an introduction to Git and how to install, please refer to the introduction tutorial.

This article will teach you how to use Git when you want to deploy your application. While there are many ways to use Git to deploy our application,

melalui How To Set Up Automatic Deployment with Git with a VPS | DigitalOcean.

Ghost blog

I don’t write about a blog written by a ghost. But, I want to tell you about a blogging platform, called Ghost1.

Ghost was created to simplify the process of online publishing for individual bloggers as well as online publications, Wikipedia says2.

The project was initiated due to the complexity of WordPress. That said, WordPress is growing yet becoming more than a blogging platform. So, Ghost try to bring back how blogging should be: simple.

ghost blog admin page
Simple, eh?

Blogging with Ghost needs a knowlegde of Markdown3 syntax. As you can see at above image, you type your post in the left pane with Markdown, and the right pane will show you the live preview.

To run your blog using Ghost, you need at least a VPS, as it runs on Node.js which most of traditional shared hosting don’t offer the service.

How to Block Device on OpenWRT Based on MAC Address

If you have an OpenWRT router, sometimes you need to block particular devices from accessing internet yet still can connect to its Wi-fi network. We can do that easily from the LUCI web-UI control panel.

Head for menu Network > Firewall.
openwrt1

There you can make a new firewall rule. Give it a name in New forward rule section. Then click Add and edit.
openwrt2

Then you have to choose the device’s MAC address to block.
openwrt3

Then choose option Reject in the Action dropdown list.
openwrt4

Then click Save and apply. Make sure you have the new rule is listed in the rules list.
openwrt5