- ::: INSTALLATION :::
curl -L https://install.pivpn.io | bash
SIMPLE ::: Yes, that's it! It is *almost* that simple. To elaborate a little more, you will want to install Raspbian on a Raspberry pi. Strongly recommend using the latest Jessie Lite image but the normal Jessie image will work as well. Preferrably enable ssh access and then begin.
There is a (now slightly outdated) guided walkthrough of the install available here.
More information is also available on the PiVPN GitHub
FLEXIBLE ::: Think if you can figure out how to do this yourself you'll have more options? This installer is no slouch! It'll allow you to customize your VPN port, certificate details, key encryption strength, client DNS server, and more! Even if you are an expert, the options presented within are a perfect foundation for any openvpn server installation. Although this is geared toward running on a $35 Raspberry Pi, the installer will work just as well on an Ubuntu Server running Trusty Tahr 14.04.
MANAGEABLE ::: Installation is finished, now what do you do? No worries, we've got you covered! Provided free of charge on your server is a new 'pivpn' command. Simply run pivpn and you are presented with all of the available options. Easily add client profiles (OVPN), revoke them, list the ones you created, etc. There is also an option to completely remove everything the installer did with the 'pivpn uninstall' command. So you can experiment with pivpn with no fear of irreversible changes to your server.
SECURE ::: Even though this installer makes everything so trivial, it doesn't mean it gives you trivial security settings. Everything has been upgraded right out of the box beyond the default settings to harden the security of the server and client. Starting with offering you the ability to enable unattended-upgrades which will automatically patch your server with security updates. Next the server configuration will only use the latest TLS 1.2 protocol. Both the data and control channels use upgraded AES and SHA256 encryption and hash algorithms. Options are pre-configured to verify your server certificate to battle MITM attack vectors. All this and more are configured out of the box by the pivpn installer. This is a detailed level of hardening you'll have a difficult time finding elsewhere.