How to Deploy Pritunl VPN with Ansible and Docker: A Step-by-Step Guide

Serhii Shypylov

3 min read

Setting up a secure VPN is like building a private tunnel for your data, keeping it safe from prying eyes. With Pritunl VPN, Ansible, and Docker, you can automate the deployment of a robust VPN server in minutes, ensuring secure remote access for your team. This guide walks you through the process, from server setup to VPN configuration, using a streamlined playbook. Let’s get your VPN up and running effortlessly!

Why Use Pritunl VPN with Ansible and Docker?

Pritunl is an open-source VPN server that supports protocols like OpenVPN and WireGuard, offering a user-friendly interface for managing connections. Running it in Docker ensures a lightweight, portable setup, while Ansible automates the deployment, eliminating manual configuration errors. Think of it as setting up a secure digital highway with an automated construction crew. This approach is perfect for businesses needing secure, scalable remote access solutions.

Prerequisites for a Smooth Deployment

Before you begin, ensure you have:

  • Ansible 2.9+ installed on your control node.
  • SSH access to a Linux server (e.g., Ubuntu, CentOS) with internet access.
  • A public IP or domain name for accessing the Pritunl web interface.
  • A basic understanding of Docker and YAML configuration.

Quick Tip: Test SSH connectivity to your server before running playbooks to avoid interruptions.

Step-by-Step Guide to Deploy Pritunl VPN

Follow these steps to automate your Pritunl VPN setup using the Pritunl Ansible repository.

1. Clone the Ansible Repository

Start by downloading the playbook from GitHub:

git clone https://github.com/Shipssv83/Ansible-Pritunl-Docker-Install.git
cd Ansible-Pritunl-Docker-Install

This repository includes all the playbooks and roles needed for a complete VPN setup.

2. Install Ansible Galaxy Roles

Install the required roles to support your playbooks:

ansible-galaxy install -r roles/requirements.yml

To update existing roles, run:

ansible-galaxy install -g -f -r roles/requirements.yml

These roles handle server setup, Docker installation, and Pritunl configuration.

3. Configure the Inventory File

Create an inventory file to specify your target server:

vim inventory

Add your server details, for example:

[servers]
192.168.1.100 ansible_user=root

Replace 192.168.1.100 with your server’s IP and root with your SSH user.

4. Customize Playbook Variables

Tailor the deployment by editing key variables in your playbook:

vars:
  timezone: "Europe/Warsaw"
  pritunl_docker_version: "latest"
  pritunl_vpn_port: "14830"
  wg_vpn_port: "51820"
  pritunl_web: "443"

What do these do?

  • timezone: Sets the server’s timezone (e.g., Europe/Warsaw).
  • pritunl_docker_version: Specifies the Pritunl Docker image version (e.g., latest).
  • pritunl_vpn_port: Defines the OpenVPN port (default: 14830).
  • wg_vpn_port: Sets the WireGuard port (default: 51820).
  • pritunl_web: Configures the web interface port (default: 443).

5. Configure the Server Environment

Run the server setup playbook to prepare the environment:

ansible-playbook -i inventory --user root --extra-vars "host=servers" playbooks/server-install.yml

This playbook installs essential packages and sets the server’s timezone.

6. Install Docker and Docker Compose

Deploy Docker with this playbook:

ansible-playbook -i inventory --user root --extra-vars "host=servers" playbooks/docker-install.yml

This sets up Docker and Docker Compose, creating a foundation for running containers.

7. Deploy Pritunl VPN in Docker

Launch Pritunl VPN with the final playbook:

ansible-playbook -i inventory --user root --extra-vars "host=servers" playbooks/pritunl-docker-install.yml

This playbook:

  • Pulls the Pritunl VPN Docker image.
  • Configures VPN ports (OpenVPN and WireGuard).
  • Sets up UFW firewall rules for secure access.

Accessing Pritunl VPN

Once deployed, access the Pritunl web interface at:

https://<your-server-ip>

Log in using the default credentials provided in the Pritunl setup (displayed in the logs or set manually). Then, configure VPN servers, users, and profiles.

Important: Secure your Pritunl instance by setting a strong admin password and enabling HTTPS with an SSL certificate (e.g., via Let’s Encrypt).

Configuring VPN Connections

To set up VPN access:

  1. Log in to the Pritunl web interface.
  2. Add a new VPN server under the “Servers” tab, specifying protocols (OpenVPN or WireGuard).
  3. Create user profiles under the “Users” tab and download their VPN configuration files.
  4. Share configuration files with users for secure connections.

Benefits of This Setup

This deployment offers:

  • Automation: Ansible streamlines setup, reducing manual effort.
  • Security: UFW and Docker isolation protect your VPN server.
  • Flexibility: Support for OpenVPN and WireGuard suits diverse needs.
  • Scalability: Docker makes it easy to scale or replicate your setup.

It’s like building a secure, private network tunnel that’s ready to grow with your team.

Troubleshooting Tips

If issues arise:

  • Check Playbook Logs: Review Ansible output for errors.
  • Verify Docker Containers: Use docker ps to confirm Pritunl is running.
  • Inspect Firewall Rules: Ensure UFW allows ports 443, 14830, and 51820.
  • Test Connectivity: Confirm your server’s IP is accessible via HTTPS.

Conclusion: Secure Your Network with Pritunl VPN

With Pritunl VPN, Ansible, and Docker, you’ve created a secure, automated VPN solution for remote access and data protection. Your team can now connect safely from anywhere, with minimal setup hassle. Want more IT automation insights? Visit blog.1it.pro or share your VPN setup on 1it.pro to inspire others!

🚀 Explore more guides on our blog 👉 blog.1it.pro
📧 Contact us: admin@1it.pro for expert IT guidance.
🌐 Explore more: Visit 1it.pro for top-tier IT solutions.

GitHub
Home
UA EN RU

Зв'язатися з нами

Telegram Email