In my last post, I came up with a plan to fix 2 technical hurdles that I ran into while testing my original solution.

In this post, I show how I turned the pseudocode that I wrote in the last post into actual Python.

Cloudflare/DNS Fix

To solve the problem with Cloudflare not being able to proxy VPN traffic, I set TTL to 120 seconds on the DNS records instead.

During testing, the DNS failover worked really well with this method.

The code implementation was very simple, I just had to add the TTL setting to the API request when creating/updating the DNS record for the VPS:

cf_payload = {‘type’: ‘A’, ‘name’: self.server_name, ‘content’: self.server_ip, ‘ttl’: 120}

Vultr Snapshots Fix

To solve the problem with Vultr Snapshots being slow and unreliable, I decided to use DigitalOcean Spaces and backup files instead. I would backup the OpenVPN configurations there, and when rebuilding a server I would create a new VPS, install OpenVPN, then restore the configurations to it from DigitalOcean.

To accomplish that, I had to write some new functions:

_tar_dir() — SSHs into the newly created VPS server after OpenVPN is installed, and makes an archive of /etc/openvpn configuration

_save_to_do_spaces() —Uploads that archive to GhostiFi’s private DigitalOcean Spaces bucket

_download_from_do_spaces() —Retrieves the archive to restore it to a new VPS when it is being rebuilt

_untar_dir() — Unzips the archive, restoring the previous OpenVPN configurations onto the newly rebuilt VPS

_delete_from_do_spaces() — This removes the archive from DigitalOcean Spaces when a customer cancels their VPS

Here is where these fit into the overall script.

I refactored the code a bit also by moving the global variables (API Keys, passwords, static stuff) to their own config.py file and importing that into the main script.

That way I didn’t have to worry about accidentally exposing my passwords while I was livestreaming GhostiFi development on Twitch this week.

Here is what the code looks like now.

https://gist.githubusercontent.com/reillychase/9f611585889d73d65db9f1f3131ef1fe/raw/80baab0202b6bd54ec04e33a559ffab466f3476d/server.py

Problems during testing this week

For some reason I got stuck for hours trying to get DigitalOcean Spaces file upload to work. It ended up being a minor syntax issue.

Sometimes it helps to take a break and come back the next day.

Also, during testing I found that the OpenVPN client I was testing on Windows 10 wouldn’t failover and reconnect properly on its own when the server changed IP addresses. But when manually reconnecting it worked instantly. I spent a few hours on that and decided to file it as a bug and to look into it more later.

It’s easy to get caught up on stuff like that. I hate that it doesn’t work automatically like I want it to, but for people to have to make 2 clicks to reconnect after switching VPS locations, how much of my time is it worth spending trying to fix right now? Is it worth abandoning the project over?

I’m probably going to launch the MVP with that bug. I’ll make a note in the email that gets sent out when a VPS rebuild completes — “Your devices should reconnect to the VPN server automatically, but if you have any problems, try manually reconnecting.”

What’s next?

I am 95% done with the backend code!

Server create, rebuild, and delete are done.

All I have left to do is write a few scripts for daily/weekly/monthly rebuilds (for the Rebuild Scheduler), and reset monthly bandwidth use on the first of each month.

That will be pretty easy.

After that I can finally move on to build the frontend dashboard — PHP/WordPress/HTML/CSS/Javascript and a PHP API that will send updates to the database from user input.

Closing thoughts

If you have any feedback on how I could improve this please let me know in the comments section!

I am also looking for feedback on the concept itself, as well as beta testers. Please sign up for the newsletter at https://ghostifi.net if you are interested.