Setting Linux clients to use a proxy server

Assuming proxy server is, port 3128…

Most user-land applications, such as Curl

These use the http_proxy and https_proxy environment variables.  To set these on BASH:

export http_proxy=
export https_proxy=

For wget:

edit /etc/wgetrc and uncomment out the these lines:

https_proxy =
http_proxy =

For Git:

git config --global http.proxy

printf "[http]\n\tproxy =\n" >> ~/.gitconfig


Package installations/updates in Debian & Ubuntu:

Create the file /etc/apt/apt.conf.d/99http-proxy with this line:

Acquire::http::Proxy "";

Package installations/updates in RHEL & CentOS

Add this line to /etc/yum.conf under the [main] section:


PIP on the fly

sudo pip install --proxy= somepackage

To install a squid proxy server:

Debian & Ubuntu

sudo apt-get install squid
/etc/init.d/squid stop
/etc/init.d/squid start


sudo yum install squid
systemctl stop squid.service
systemctl start squid.service

In both cases the configuration file is /etc/squid/squid.conf

I’d recommend setting these for better performance and improved stability:

# Allocate 2 GB of disk space to disk caching
cache_dir ufs /var/spool/squid 2048 16 256
# Cache files smaller than MB in size, up from default of 4 MB
maximum_object_size 256 MB
# Up max file descriptors from default of 1024 to 4096
max_filedesc 4096

OpenVPN Server in AWS

Licensing costs start at just under $100 per user per year.  For compute costs, these are common supported instance sizes in a typical region:

  • t2.micro 1 vCPU, 1 GB RAM, ~75 Mpbs = ~$100/yr
  • t2.small 1 vCPU, 2 GB RAM, ~125 Mbps = ~$200/yr
  • t2.medium 2 vCPU, 2 GB RAM, ~250 Mbps = ~ $400/yr
  • t2.large 2 vCPU, 8 GB RAM, ~500 Mbps = ~$800/yr

SSH to the IP address using the correct private SSH key and ‘openvpnas’ as the username

The setup wizard should start automatically.  To run it again:

sudo su
/usr/bin/ovpn-init –ec2

To use the second (eth1) interface as the internal interface, get the IP address from AWS console and then edit /etc/netplan/50-cloud-init.yaml to add these lines ( (i.e.

            dhcp4: no
            addresses: [, ]

After saving the file, restart netplan and verify eth1 has the new IP address

sudo netplan apply
ifconfig eth1

To add internal static routes (for example, the RFC-1918 blocks) add these lines too:

            - to:
            - to:
            - to:

Then another restart netplan and verify the routes are working as entered

sudo netplan apply
netstat -rn

Set an initial password for the openvpn admin account via this command:

sudo passwd openvpn

Access the web gui at https://ip.address/admin/ logging in as openvpn with the password that was just set