Project 002 - Setup Tiny VPN Island

Setting Up the Tiny VPN Island (TVI)

Goal

A VPN shall be configured at our "Tiny vServer".

The VPN shall be compliant to following requirements:

• VPN should be restricted to members of The Society
• VPN should protect members from each other, while allowing multicast IP
• IP Traffic shall not be forwarded/NATed to/from the Internet
• VPN should be intercepted at vServer in a senseful way (to allow prosecution of abuse)
• VPN shall be compliant to applicable laws
• VPN should be easily installable for all OS that are supported by TeamSpeak and FreeWRL - use ownCloud for the easy installation of VPN

Use Cases

This project shall establish following use case(s) of the TVI

1. TVI-TS: Voice Group Chat (TeamSpeak)

Responsible

Christoph VALENTIN

Start Date

2023-07-01

End Date

It's done, when it's done.

TODO List (Prioritized)

• DON: Brush up TODO Lists (Status Marker)
• DON: Common Resources: Tiny VPN -> Tiny VPN Island
• ONG: Cleanup / update of the vServer
  • DON: Analyse Cacheing / Authentication (preparation for "Blackboard")
  • ONG: Undo FTP authentication for ownCloud
    • DON: replace external users by internal ones
    • TODO: uninstall FTP server
    • TODO: uninstall ownCloud External User Support
  • DON: Rethink JavaScript on our homepage
  • TODO: Rethink passwords and authentication at vServer (RA, HPSSL, ownCloud)
    • TODO: RA+HPSSL (e.g. Blackboard)
    • TODO: ownCloud: is our calendar approach with "Dummy Users" OK?
  • DON: Do we need teamspeak, glassfish etc.
    Result: teamspeak needed, glassfish currently not needed
  • DON: Ensure H14 Infrastructure (mainly ownCloud)
    • DON: Backup for the Puchberg group
    • DON: Backup for the CoSuCo group
  • TODO: Rethink backup at vServer
  • DON: Update server logbook. Store it in ownCloud
  • TODO: Update documentation at christoph\h14
• DON: Installation of "Blackboard" (with private section(s))
  • DON: Definition of Nick Names
  • DON: Configure Blackboard at https://lc-soc-lc.at/blackboard
• ONG: Installing and Configuring the VPN at the vServer, according to above mentioned requirements
  • ONG: Implementing and Testing the VPN without "easy installation"
    • DON: basic implementation of OpenVPN
    • TODO: support latest version of OpenVPN client, rethink passwords and authentication at vServer (Easy-RSA/VPN)
    • TODO: learn about applicable laws / adapt
  • ONG: Implementing and Testing the TS3 Server
    • DON: basic implementation of Voice Chat
    • TODO: how can we do chat?
    • TODO: how can we do file sharing?
  • ONG: Implementing the "easy installation"
    • DON: "easy installation" for Windows
    • ONG: "easy installation" for Mac
  • TODO: Implementing "statistics / reports"
  • DON: First test session (Wolfgang G. + Christoph V.)
    • DON: Test the "guest" account
      Result: guest account has to be abandoned
    • SKP: Ping Test
    • DON: TeamSpeak Test
      Result: OK, but echo cancellation must be turned on
  • TODO: Second test session (with whom? when? what?)

Steps (Chronologically)

Preparations

1. 2023-07-01: Started to look up information
   • About the openVPN software
     • how to ensure security for my users?
     • how to make easy install for my users?
   • About FreeWrl
     • which OS are supported?
     • how to embed into client application for SIP?
2. 2023-07-08: did some brush up of the TODO list (introduced status markers)
3. 2023-07-09: renamed "Tiny VPN" -> "Tiny VPN Island"; updated the description of the Tiny VPN Island at the Common Resources Web Site
4. 2023-07-29: deleted the external ownCloud users (FTP) and created new internal users (native ownCloud passwords), moved their data manually
5. 2023-07-30: analysed the apache authentication/authorization and cacheing (this is a preparation for the configuration of our "Blackboard")
6. 2023-08-01: configured the blackboard at https://lc-soc-lc.at/blackboard. At the time being, the blackboard is empty.
7. 2023-08-12: small editorial update of the homepage
8. 2023-08-14: bridge day: updated JS/HTML - better flexibility of our web pages
9. 2023-08-14: started the configuration of the Tiny VPN Island (TVI)
10. 2023-08-20: first ideas/implementations for the "easy installation" of the VPN via ownCloud. Some README files for SOMA. First ideas for the "guest" account of ownCloud
11. 2023-08-26: TeamSpeak3 Server installed, firewall settings for TVI-TS
12. 2023-08-27: Update of the Home Page
13. 2023-09-02: Create Installation Manuals (SOMA) for TVI-TS, updated other Installation Manuals (SOMA)
14. 2023-09-10: First Test Session (see TODO List above for details)