Install Outline VPN server to hide your internet activity.
I will use management port 42905 (TCP) and access key port 9817 (both TCP and UDP), but not specifing these ports during installation process will result in random ports which is a good solution.
Install server application
Check operating system version.
$ lsb_release -a
No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 22.04.2 LTS Release: 22.04 Codename: jammy
Update package index.
$ sudo apt update
Upgrade system packages.
$ sudo apt upgrade
Install dynamically managed firewall.
$ sudo apt install firewalld
Open access key port.
$ sudo firewall-cmd --add-port=9817/tcp --zone=public
$ sudo firewall-cmd --add-port=9817/udp --zone=public
Open management port.
$ sudo firewall-cmd --add-port=42905/tcp --zone=public
Display current configuration.
$ sudo firewall-cmd --list-all --zone public
public target: default icmp-block-inversion: no interfaces: sources: services: dhcpv6-client ssh ports: 9817/tcp 9817/udp 42905/tcp protocols: forward: yes masquerade: no forward-ports: source-ports: icmp-blocks: rich rules:
Store current configuration.
$ sudo firewall-cmd --runtime-to-permanent
Install docker.
$ sudo apt install docker.io
Execute Outline VPN installation script.
$ sudo bash -c "$(wget -qO- https://raw.githubusercontent.com/Jigsaw-Code/outline-server/master/src/server_manager/install_scripts/install_server.sh) --api-port=42905 --keys-port=9817"
> Verifying that Docker is installed .......... OK
> Verifying that Docker daemon is running ..... OK
> Setting PUBLIC_HOSTNAME to external IP ...... OK
> Creating persistent state dir ............... OK
> Generating secret key ....................... OK
> Generating TLS certificate .................. OK
> Generating SHA-256 certificate fingerprint .. OK
> Writing config .............................. OK
> Starting Shadowbox .......................... OK
> Starting Watchtower ......................... OK
> Waiting for Outline server to be healthy .... OK
> Creating first user ......................... OK
> Adding API URL to config .................... OK
> Checking host firewall ...................... OK
CONGRATULATIONS! Your Outline server is up and running.
To manage your Outline server, please copy the following line (including curly
brackets) into Step 2 of the Outline Manager interface:
{"apiUrl":"https://46.101.244.51:42905/kO_0ZyU_LBjH2flrWUKPOA","certSha256":"E01A955F9FE8EADAD05C44F3597FB481E0019A41943E0A9A81288B23567A4975"}
If you have connection problems, it may be that your router or cloud provider
blocks inbound connections, even though your machine seems to allow them.
Make sure to open the following ports on your firewall, router or cloud provider:
- Management port 42905, for TCP
- Access key port 9817, for TCP and UDP
Server is ready.
Install manager application
Download manager application on desktop.
$ wget https://s3.amazonaws.com/outline-releases/manager/linux/stable/Outline-Manager.AppImage
Ensure that AppImage is executable.
$ chmod +x Outline-Manager.AppImage
Ensure that application is inside the PATH.
$ sudo mv Outline-Manager.AppImage /usr/local/bin/
Start application and open set up Outline anywhere.
Provide connection data.
Inspect server settings.
Inspect dashboard.
Generate and share key to the client.
Install client application
Download client application on desktop.
$ wget https://s3.amazonaws.com/outline-releases/client/linux/stable/Outline-Client.AppImage
Ensure that AppImage is executable.
$ chmod +x Outline-Client.AppImage
Ensure that application is inside the PATH.
$ sudo mv Outline-Client.AppImage /usr/local/bin/
Start application, add access key.
Connect to the server.
Additional notes
The only issue I have experienced with this solution is the hardcoded DNS see DNS & Pi-Hole? #486 and Pls stop hardcoding DNS resolver in client #568.