Convert Figma logo to code with AI

StreisandEffect logostreisand

Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.

23,178
1,992
23,178
238

Top Related Projects

28,868

Set up a personal VPN in the cloud

OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

Quick Overview

Streisand is an open-source project that sets up a new server running multiple VPN services and protocols, including OpenConnect, OpenVPN, WireGuard, and Shadowsocks. It's designed to create a personal VPN server quickly and securely, with the goal of bypassing censorship and ensuring privacy.

Pros

  • Easy to set up, with automated installation scripts
  • Supports multiple VPN protocols, offering flexibility and redundancy
  • Includes built-in security features and best practices
  • Provides detailed instructions for connecting to each service

Cons

  • Requires some technical knowledge to set up and maintain
  • May be overkill for users who only need a single VPN protocol
  • Regular updates needed to maintain security and functionality
  • Potential legal issues in countries with strict internet censorship

Getting Started

  1. Ensure you have a supported operating system (Ubuntu 20.04 or 22.04).
  2. Clone the Streisand repository:
    git clone https://github.com/StreisandEffect/streisand.git && cd streisand
    
  3. Run the installation script:
    ./streisand
    
  4. Follow the prompts to configure your server and choose which services to install.
  5. Once complete, access the generated instructions to connect to your new VPN services.

Note: Always ensure you comply with local laws and regulations when setting up and using VPN services.

Competitor Comparisons

28,868

Set up a personal VPN in the cloud

Pros of Algo

  • Simpler setup process with fewer dependencies
  • Focuses on WireGuard, offering better performance and security
  • More actively maintained with regular updates

Cons of Algo

  • Supports fewer VPN protocols compared to Streisand
  • Less flexible in terms of server options and customization
  • Smaller community and fewer available resources

Code Comparison

Algo (setup.sh):

#!/usr/bin/env bash

set -e
set -u

SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

Streisand (streisand):

#!/usr/bin/env bash
# Streisand provisioning script

set -e

if [ "${EUID}" -eq 0 ]; then
  echo "Please do not run this script as root."

Both projects use bash scripts for setup, but Algo's approach is more streamlined and focused on essential components. Streisand's script includes additional checks and a broader scope, reflecting its more comprehensive feature set.

Algo is designed for simplicity and ease of use, prioritizing modern protocols like WireGuard. Streisand offers a wider range of VPN options and server configurations but may be more complex to set up and maintain. Choose Algo for a straightforward, performance-focused solution, or Streisand for greater flexibility and protocol variety.

OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora

Pros of openvpn-install

  • Simpler and more focused, designed specifically for OpenVPN setup
  • Faster installation process due to its streamlined nature
  • Easier to understand and modify for users familiar with OpenVPN

Cons of openvpn-install

  • Limited to OpenVPN only, while Streisand offers multiple VPN protocols
  • Lacks the extensive security features and additional services provided by Streisand
  • May require more manual configuration for advanced setups

Code Comparison

Streisand (playbook example):

- name: Install OpenVPN
  apt:
    name: openvpn
    state: present

- name: Configure OpenVPN
  template:
    src: openvpn-server.conf.j2
    dest: /etc/openvpn/server.conf

openvpn-install (script excerpt):

apt-get update
apt-get install openvpn easy-rsa -y
cp -r /usr/share/easy-rsa/ /etc/openvpn
cd /etc/openvpn/easy-rsa

The Streisand project uses Ansible playbooks for configuration management, while openvpn-install relies on a bash script for direct installation and setup. Streisand's approach allows for more complex and modular configurations, while openvpn-install offers a more straightforward, single-purpose solution.

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

Pros of setup-ipsec-vpn

  • Simpler setup process, focusing solely on IPsec/L2TP and IKEv2 VPN protocols
  • Lighter weight and faster to deploy
  • More frequent updates and active maintenance

Cons of setup-ipsec-vpn

  • Limited to IPsec/L2TP and IKEv2 protocols, less versatile than Streisand
  • Fewer additional features and services compared to Streisand's comprehensive suite
  • Less extensive documentation and user guides

Code Comparison

setup-ipsec-vpn:

wget https://git.io/vpnsetup -O vpnsetup.sh
sudo sh vpnsetup.sh

Streisand:

git clone https://github.com/StreisandEffect/streisand.git
cd streisand
./streisand

setup-ipsec-vpn offers a more straightforward installation process with a single script, while Streisand requires cloning the repository and running a dedicated setup script. This reflects the difference in complexity and scope between the two projects.

setup-ipsec-vpn is ideal for users seeking a quick and simple IPsec VPN setup, while Streisand caters to those who need a more comprehensive suite of privacy tools and protocols. The choice between them depends on the user's specific requirements and technical expertise.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

Streisand

Automate the effect


English, Français, 简体中文, Русский | Mirror


Build Status Twitter

Streisand

Silence censorship. Automate the effect.

The Internet can be a little unfair. It's way too easy for ISPs, telecoms, politicians, and corporations to block access to the sites and information that you care about. But breaking through these restrictions is tough. Or is it?

If you have an account with a cloud computing provider, Streisand can set up a new node with many censorship-resistant VPN services nearly automatically. You'll need a little experience with a Unix command-line. (But without Streisand, it could take days for a skilled Unix administrator to configure these services securely!) At the end, you'll have a private website with software and instructions.

Here's what a sample Streisand server looks like.

There's a list of supported cloud providers; experts may be able to use Streisand to install on many other cloud providers.

VPN services

One type of tool that people use to avoid network censorship is a Virtual Private Network (VPN). There are many kinds of VPNs.

Not all network censorship is alike; in some places, it changes from day to day. Streisand provides many different VPN services to try. (You don't have to install them all, though.)

Some Streisand services include add-ons for further censorship and throttling resistance:

See also:

Cloud providers

  • Amazon Web Services (AWS)
  • Microsoft Azure
  • Digital Ocean
  • Google Compute Engine (GCE)
  • Linode
  • Rackspace

Other providers

We recommend using one of the above providers. If you are an expert and can set up a fresh Ubuntu 16.04 server elsewhere, there are "localhost" and "existing remote server" installation methods. For more information, see the advanced installation instructions.

Installation

You need command-line access to a Unix system. You can use Linux, BSD, or macOS; on Windows 10, the Windows Subsystem for Linux (WSL) counts as Linux.

Once you're ready, see the full installation instructions.

Things we want to do better

Aside from a good deal of cleanup, we could really use:

  • Easier setup.
  • Faster adoption of new censorship-avoidance tools

We're looking for help with both.

If there is something that you think Streisand should do, or if you find a bug in its documentation or execution, please file a report on the Issue Tracker.

Core Contributors

  • Jay Carlson (@nopdotcom)
  • Nick Clarke (@nickolasclarke)
  • Joshua Lund (@jlund)
  • Ali Makki (@alimakki)
  • Daniel McCarney (@cpu)
  • Corban Raun (@CorbanR)

Acknowledgements

Jason A. Donenfeld deserves a lot of credit for being brave enough to reimagine what a modern VPN should look like and for coming up with something as good as WireGuard. He has our sincere thanks for all of his patient help and high-quality feedback.

We are grateful to Trevor Smith for his massive contributions. He suggested the Gateway approach, provided tons of invaluable feedback, made everything look better, and developed the HTML template that served as the inspiration to take things to the next level before Streisand's public release.

Huge thanks to Paul Wouters of The Libreswan Project for his generous help troubleshooting the L2TP/IPsec setup.

Starcadian's 'Sunset Blood' album was played on repeat approximately 300 times during the first few months of work on the project in early 2014.