A very user-friendly VPN Tunnel for connecting multiple locations as it's ONE
- Overview
- Installing on a Rasperry Pi (method1)
- Installing on a Rasperry/Odroid or other device (method2)
- Installing on Hyper-V/VMWare/VirtualBox or Proxmox
- Installing manually
- Installing on Docker (for development purposes)
- Eplanation about the files
- Contributing
- License
Use it for connecting your House to your vacation House and don't worry about networking: Use printers, Sonos devices, KNX or other Multicast protocols like it's ONE network.
The T1 is not limited to two locations. You can even connect several houses, boats and cars (with networking) as if it's ONE network. Simple and very private and secure! No need to buy expensive firewalls and struggle with complex configurations!
This Github project is the Web Interface. You can enroll it yourself or buy a ready-to-go T1 device. The T1 device works out of the box, comes with lifetime support and you support the project by buying it.
When you want to enroll it yourself, you can use a physical device like a Raspberry Pi or a virtual device, for example on Hyper-V.
- Download the latest version for Raspberry Pi from the Releases page.
- Unpack the .zip file and use balenaEtcher to put the .iso on a microSD card.
- Put the microSD card in the Pi, connect the Pi to your network using an ethernet cable and start the Pi. It might be convenient to attach a monitor and keyboard but it's not required.
- After the whole unattended installation process finished, you can login to http://:8080 using password: tunnel1. You can also login using SSH. Username: dietpi, Password: tunnel1
We recommend setting up the Tunnel GUI on a Raspberry Pi 2/3/4. Running it on an Odroid or other devices which can run the DietPi image is possible and even devices with non-DietPi images might be possible but we still recommend the Raspberry Pi because of stability and because our developpers also use it.
- Download the DietPi image for your device (eg. for Raspberry Pi 2/3/4 or Odroid)
- Install the DietPi image to a MicroSD card using balenaEtcher.
- Copy the modified dietpi.txt to /boot/dietpi.txt on the microSD card. It will use it on first boot.
- Startup your device with the microSD card with the the DietPi image.
- When you startup your device, it will automatically obtain an IP address from DHCP and install the tunnel-gui. If it didn't got an address from DHCP, the tunnel-gui couldn't be installed and you have to do it manually by typing the following at the prompt:
wget -q -O - https://github.com/roelbroersma/tunnel-gui/raw/main/install.txt | bash
- The tunnel-gui will automatically start at system boot. If you want to start/stop it manually, type
service t1service start
orservice t1service stop
which effectively starts or stops apython3 app.py
- Navigate with your browser to: http://:8080, the default password is tunnel1. If you change the password via the web interface, it will also change the password of the dietpi and root user.
- Download the DietPi image for Hyper-V/VMWare/Virtualbox or Proxmox (yes, they supply separate images for this at dietpi.com
- Create a new VM and supply the downloaded file.
- Start the VM and login to the command prompt, then run the following:
wget -q -O - https://github.com/roelbroersma/tunnel-gui/raw/main/install.txt | bash
This will download the latest repository and install all Python and Flask requiments. It will also create a default .env file, logfile and default password: tunnel1
- Run
wget -q -O - https://github.com/roelbroersma/tunnel-gui/raw/main/install.txt | bash
. - Navigate to: http:///:8080, the default password is
tunnel1
(or login with the password from the web_password.txt file). If you change the password via the web interface, it will also change the password of the dietpi and root user.
You can download this repo to your own computer and run web-server locally in Docker container:
- You need to have installed Docker Desktop (https://www.docker.com/products/docker-desktop/)
- Run Docker Desktop
- Go to project's directory
- Create .env file (like in the paragraph above)
- Run
make -f Makefile run
- You will be logged into container
- Run
make -f Makefile start
The following files need to be modified when checking out the project but they are automatically set for newly installed devices using the install script.
- A new file web_password.txt in project's directory with admin's password of RaspberryPI.
- An .env file with the following important values (See or renamce the example in .env.template file)
- SECRET_KEY - Flask App Secret Key. It is used in the web gui for cross-site protection. You can change it as you wish.
- DEBUG - True or False.
- SUPER_PASSWORD - A super secret (backup) password so you can always login to the web gui. You can only change this password in this file.
- PORT - The port the web application is running on, e.g. 8080. We use an alternative port because you probably want to run the tunnel itself at port 443.
All script files which interface with the backend (openvpn, pimd, mdns, bridge-tools, ip address changes, etc.) are located in the /scripts/ folder. These files are developped and tested for the DietPi image, however they may work on other Debian-based Linux installations and other Linux installations as well because we try to keep the backend very flexible.
Run the application with this command:
make -f Makefile start_flask
You can contribute to this project by buying a T1 device. 100% of the money is used to support this project. Want to help coding or have a good idea? Use the issue tracker or send me an email at: [email protected]
This project is open-source. You may use/distribute/change it for personal use. It is not allowed to sell your own device with this software, if you want to do this, please contact me at: [email protected]