I am doing a research project related to affordable security. This is irrelevant when it comes to the issue, but I think it is important for the society as a whole. Nowadays privacy is under attack, hacking and social hacking is commonplace, phishing attacks are constant. The existing VPN providers can barely be trusted, especially when it comes to high-value targets (e.g. political dissidents, celebrities, finance and business actors). My goal is having a fully hosted VPN service at a minimal cost. Most of the SBC’s are ARM based and can run the latest LTS Ubuntu releases.
I have been experimenting with deploying Pritunl Server and, since there is no existing package for ARM64, I tried using 2 guides to build the stack. First guide is an old one: https://opensource.com/article/19/1/pritunl-vpn-raspberry-pi
Second one is from the github readme about installing Pritunl from source.
Unfortunately whatever approach I take, the build fails with errors. Some errors are related to the Go package, some are related to the newest Python versions and some fail due to dependency conflicts. I tried both Ubuntu 20.04 and Ubuntu 22.04, Python 2.7 and Python 3.10, etc. After spending a day on this issue I understand that I need your guidance.
I was wondering if it would be possible to create a guide for Installing From Source on Ubuntu. I will try helping as much as possible when it comes to documentation and testing.
Please let me know if you have experience with something similar!
It’s unlikely a Raspberry Pi will have enough resources to run the MongoDB server and the Pritunl server. The ARM servers available from cloud providers will be slower than x86 due to AES-NI being available in x86 and the improved single thread performance of x86.
There shouldn’t be anything preventing building pritunl-web and pritunl-dns with Golang. Golang is available on ARM and there are no CGO modules used.
For security reasons the hashes of all Python PyPI requirements are set in requirements.txt, these hashes will likely need to be removed when building on other platforms.
The build files for Pritunl are available in the pritunl/pritunl-pacur repository. There are some platform specific patches such as the removal of dataclasses on Ubuntu from the PyPI requirements with the line sed -i -e '/^dataclasses==0.8/,+2d' requirements.txt.
I am actually using the latest OrangePi5 for testing and the performance does seem promising. I will come back with a more detailed feedback after a thorough testing.
Installing Go from the Ubuntu repositories will likely not work, the release is incompatible with newer codebases. The parameter --require-hashes may need to be removed from the PyPI command.
@zach
Just to be clear - the app is perfectly functional, from what I’ve tested so far.
The only thing missing is “pritunl” cli shortcut.
Would --require-hashes help with this?
Reporting after a thorough testing for the past 2 months. I am so deeply impressed by the performance of Pritunl on the Orange Pi 5. Initially I expected it to be a backup gateway to accessing the datacenter.
But I’ve been stress-testing it with 5 users heavily streaming YouTube over VPN. The traffic has been steady, there were no lags, the CPU load is always below 7-10% with the average around 2-3%.
It is incredible how the system performs overall! Thank you for all the help in making this possible!
Hello Bulgaru, I’ve been breaking my head for some time trying to find a way to install Pritunl on my OrangePI 5 but without success. Would it be possible to have access to your binaries so that I could install on my OPI5?
Depending on the OS you use, simply pasting the instructions from above should install Pritunl (if your OS is Debian based). Let me know if you want to jump on a call - I’d be glad to help out!
hello bulgaru
Thanks for the feedback, I’ll follow your guidance and try to create the installer to run on mine (Orange PI5 16GB).
Any questions I come back here to ask for some help.