Add OpenVPN and cloudflared setup documentation and configs

Co-Authored-By: Oz <oz-agent@warp.dev>
2026-04-15 02:28:47 +05:30
commit c37af441a9
7 changed files with 346 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,35 @@
+# OpenVPN via Cloudflare Tunnel (`vpn.bhatfamily.in`)
+
+This repository documents the VPN setup hosted on this machine.
+
+## What this provides
+- OpenVPN server on this host
+- Cloudflare Tunnel exposure via `vpn.bhatfamily.in`
+- Client access using `cloudflared access tcp` + OpenVPN
+
+## Quick client connect
+1. Ensure `cloudflared` and `openvpn` are installed on the client machine.
+2. Use the provided client profile (`rbhat-client-cloudflared.ovpn`).
+3. Update the profile remote to local forwarder:
+   - `remote 127.0.0.1 21194`
+4. Start local forwarder:
+   ```bash
+   cloudflared access tcp --hostname vpn.bhatfamily.in --url localhost:21194
+   ```
+5. In another terminal, start OpenVPN:
+   ```bash
+   sudo openvpn --config rbhat-client-cloudflared.ovpn
+   ```
+6. Confirm success via:
+   - `Initialization Sequence Completed`
+
+## Important
+- `21194` is a **local client-side** port, not a public internet port on `vpn.bhatfamily.in`.
+- If `cloudflared access tcp` fails with `address already in use`, choose another free local port and match it in the `.ovpn` `remote` line.
+
+## Full operational runbook
+See `docs/operations.md` for:
+- Service configuration details
+- Firewall/NAT settings
+- File paths and artifacts
+- Verification and troubleshooting commands