Konnect VPN Access Server

KUY.io Konnect™ is a cloud-first VPN access server built on top of the WireGuard® protocol. Built to securely connect your hybrid workforce up to 10x faster,

KUY.io Konnect™ takes care of the management of cryptographic keys, users, devices, as well as the tedious manual setup and configuration of network peers administrators face when deploying KUY.io Konnect™ via the command line.

The modern user interface offers an elegant, and intuitive solution that makes deploying and operating this next-gen VPN technology in your organization painless and quick. With integrations to your email services and synchronization of accounts with LDAP-compatible directories, KUY.io Konnect™ provides enterprise-grade features out-of-the-box.

KUY.io Konnect™ is the ideal solution to provide your employees secure, fast and uncomplicated access to applications and data in the DigitalOcean cloud.

Software Included

Package Version License
Docker 24.0.7, build afdd53b Apache License v2
Docker Compose 2.14.0 Apache License v2
Wireguard 1.0.20200513-1~20.04.2 GPLv2
Wireguard Tools 1.0.20200513-1~20.04.2 GPLv2
Wireguard DKMS 1.0.20201112-1~20.04.1 GPLv2

Creating an App using the Control Panel

Click the Deploy to DigitalOcean button to create a Droplet based on this 1-Click App. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.

Deploy to DO

Creating an App using the API

In addition to creating a Droplet from the Konnect VPN Access Server 1-Click App using the control panel, you can also use the DigitalOcean API. As an example, to create a 4GB Konnect VPN Access Server Droplet in the SFO2 region, you can use the following curl command. You need to either save your API access token) to an environment variable or substitute it in the command below.

curl -X POST -H 'Content-Type: application/json' \
         -H 'Authorization: Bearer '$TOKEN'' -d \
        '{"name":"choose_a_name","region":"sfo2","size":"s-2vcpu-4gb","image": "kuyio-konnectvpna"}' \

Getting Started After Deploying Konnect VPN Access Server

Getting Started

Getting started with KUY.io Konnect™ VPN Access Server is simple:

  1. After deploying your KUY.io Konnect™ 1-click instance, connect to the Droplet via SSH and start the application stack:
$ ssh root@your_droplet_public_ipv4

# cd /opt/konnect
# docker compose up
  1. When the container stack finishes deploying, the Initial Configuration Wizard will be available at https://your_droplet_public_ipv4. The initial setup is secured with a setup token. To obtain the setup token for your instance you can either grab it from the console logs:
docker compose logs | grep "setup token"

or directly from the instance with:

docker exec -it konnect_web_1 /app/bin/rails runner "puts SETUP_TOKEN"

Configuring Let’s Encrypt

To configure TLS/SSL access to your KUY.io Konnect™ access server (recommended for production deployments), first assign a DNS hostname to your Droplet via the DigitalOcean Network console.

Then, connect to your instance via SSH. Then, edit /opt/konnect/docker-compose.yml and uncomment the sections marked with “Let’s Encrypt”. In particular, make sure you correctly fill out the ‘Host’ and ‘Email’ sections as they are required by Let’s Encrypt to correctly issue your certificate.

Additional Documentation

Visit https://konnect.kuy.io/documentation/quickstart for the complete Quickstart guide.