Clouds are even cheaper
Surely you've heard about Amazon EC2, Rackspace, and the like. Maybe even enjoyed. Personally, I sometimes need a personal VPN server. For these purposes, I have long kept a micro-instance on Amazon, provided for free during the first year. Plus, I used Amazon Glacier archives, which, with its price of “1 cent per gigabyte per month,” can also be considered almost free. But the year ended and it became necessary to pay for EC2. My archives also grew decently and the costs of Glacier likewise ceased to please.Randomly ran past review of the service DigitalOcean in the beginning left me indifferent. Well, cloud service, well, virtuals. Well, yes, a bit cheaper (but not so very much), something similar to the Glacier seems to be gone, and indeed it’s not worth it.
I was very wrong. Below we will explain how to make a VPN server on the basis of DigitalOcean a couple of dozen times cheaper than the same on Amazon and the archive storage service, infinitely cheaper than Glacier.
')
VPN server
How to raise a VPN server on the Internet in Linux is a dime a dozen. Here again , here are two , but the script is guaranteed to work on the image of Ubuntu 12.04 x64 Server, which is provided by DigitalOcean.
Installing and configuring the VPN server
#!/bin/bash echo "Select on option:" echo "1) Set up new PoPToP server AND create one user" echo "2) Create additional users" read x if test $x -eq 1; then echo "Enter username that you want to create (eg. client1 or john):" read u echo "Specify password that you want the server to use:" read p # get the VPS IP ip=`ifconfig eth0 | grep 'inet addr' | awk {'print $2'} | sed s/.*://` echo echo "Downloading and Installing PoPToP" apt-get update apt-get install pptpd echo echo "Creating Server Config" cat > /etc/ppp/pptpd-options <<END name pptpd refuse-pap refuse-chap refuse-mschap require-mschap-v2 require-mppe-128 ms-dns 8.8.8.8 ms-dns 8.8.4.4 proxyarp nodefaultroute lock nobsdcomp END # setting up pptpd.conf echo "option /etc/ppp/pptpd-options" > /etc/pptpd.conf echo "logwtmp" >> /etc/pptpd.conf echo "localip $ip" >> /etc/pptpd.conf echo "remoteip 10.1.0.1-100" >> /etc/pptpd.conf # adding new user echo "$u * $p *" >> /etc/ppp/chap-secrets echo echo "Forwarding IPv4 and Enabling it on boot" cat >> /etc/sysctl.conf <<END net.ipv4.ip_forward=1 END sysctl -p echo echo "Updating IPtables Routing and Enabling it on boot" iptables -t nat -A POSTROUTING -j SNAT --to $ip # saves iptables routing rules and enables them on-boot iptables-save > /etc/iptables.conf cat > /etc/network/if-pre-up.d/iptables <<END #!/bin/sh iptables-restore < /etc/iptables.conf END chmod +x /etc/network/if-pre-up.d/iptables cat >> /etc/ppp/ip-up <<END ifconfig ppp0 mtu 1400 END echo echo "Restarting PoPToP" /etc/init.d/pptpd restart echo echo "Server setup complete!" echo "Connect to your VPS at $ip with these credentials:" echo "Username:$u ##### Password: $p" # runs this if option 2 is selected elif test $x -eq 2; then echo "Enter username that you want to create (eg. client1 or john):" read u echo "Specify password that you want the server to use:" read p # get the VPS IP ip=`ifconfig venet0:0 | grep 'inet addr' | awk {'print $2'} | sed s/.*://` # adding new user echo "$u * $p *" >> /etc/ppp/chap-secrets echo echo "Addtional user added!" echo "Connect to your VPS at $ip with these credentials:" echo "Username:$u ##### Password: $p" else echo "Invalid selection, quitting." exit fi Just run it, it will ask for the username / password for the VPN user - and that's it.
All this can be raised on the cheapest DigitalOcean instance (for $ 5 per month) - one active VPN connection loads the processor by 4-6% and leaves 60% of the virtual virtual RAM free. We are already seeing savings, since even a micro instance on Amazon costs about $ 15 a month, and here it's only $ 5. But that's not all. If you, like me, do not need a VPN server that works 24 hours a day (I use it at most a couple of times a week for a couple of hours - to see something that is inaccessible from our Slavic edges), then you can turn off the virtual machine. At this point, an attentive reader will exclaim “Aha! And the author of the article, it turns out, is a fool-fool, and does not know that DigitalOcean takes money even for the virtual machine turned off! ” No, I know. For off - takes. But for the remote - no, it does not take. Therefore, immediately after setting up, we turn off our machine, take a snapshot from it - it will cost us about 4 cents and remove the virtual machine. Everything, now we pay nothing.
The beauty is that the VPN server does not contain any changing data, and every time we need a VPN, we simply restore the snapshot and virtual machine launches. Do not need more - kill. The most convenient way to do this is through the API Digital Ocean. Here are some links that you can add to your browser bookmarks and use to quickly create and delete virtuals.
All images
https://api.digitalocean.com/images/?client_id=[client_id[&api_key=[api_key]
All running virtuals
https://api.digitalocean.com/droplets/?client_id=[client_id[&api_key=[api_key]
Start VPN server
https://api.digitalocean.com/droplets/new?client_id=[client_id]&api_key=[api_key]&name=VPN&size_id=66&image_id=[image_id]®ion_id=1 Get link to delete VPN server
javascript: void(function(){var response = JSON.parse(document.body.innerText); var el = document.createElement('a');el.href='https://api.digitalocean.com/droplets/'+ response.droplet.id+ '/destroy/?client_id=[client_id]&api_key=[api_key]';el.innerText = 'Destroy VPN server';document.body.appendChild(el)})(); A couple of nuances of use:
- Do not forget to enter your [client_id] and [api_key] - they can be taken from the page www.digitalocean.com/api_access
- In the link "Start VPN server" you need to enter the correct image number instead of [image_id] - it can be taken from the data on the first link ("All images").
- The tab “Get a link to delete the VPN server” should be clicked with the tab open with the results of the start of the VPN server - this is needed in order to get the id of the created virtual machine from there. The resulting link can be added to bookmarks (well, or just not to close the page in the browser).
From a click on a bookmark to a working VPN server it takes less than a minute. As a result, my VPN costs for using it 10-15 hours a week are $ 0.2 - $ 0.4 a month .
Archive storage
There is no direct analogue to Glacier, as I have already said, in DigitalOcean. But remember, I wrote above that it would cost us 4 cents to take a picture of a virtual machine? Where does this figure come from? Everything is simple - 2 cents for each gigabyte of data stored in the snapshot. And pay attention - only saving is paid. Nowhere on the site or forum is it indicated that some money is taken for storage. People on the forum even offered to pay for data storage, but the answer from DigitalOcean was unequivocal - the payment was only at the time of the snapshot . Thus, if the 100 GB archive on Amazon will cost us $ 1 every month, then we will pay $ 2 for a one-time payment at DigitalOcean (well, plus payment for the virtual time while we load data - but these are just a few cents) and nothing more. I haven’t found any restrictions on the storage periods of images or plans to change tariffs. Plus, speed is added here (take data from Glacier oh, how not fast, but everything will be available within a couple of minutes) and convenience (Glacier sometimes annoys its protocol, but we can upload data to DigitalOcean virtual machine even via HTTP , even though torrents, even Dropbox - whatever we want, then we will install this virtual machine).
Morality
If you pay dozens of times more to everyone there "the best VPN-servers of the Internet" and "the most reliable file storage" - drop this thing. Take the scripts \ links in the article and use.
PS Many people wrote to me that they have questions about the installation. Some people did not even believe that it was so simple and fast. Especially for them, I made a video where a virtual machine is created in 2 minutes, a VPN server rises on it, and in Windows a VPN connection is created and connected. Look better in high quality, but otherwise the font is too small.
Source: https://habr.com/ru/post/183628/
All Articles