Head over to VULTR and spin up a cloud server with Ubuntu 16.04 using the $5/Month server option with 1000GB of bandwidth.  Choose the region you want your IP to be in.

Use this code and get $20 credit after your first month (4 months free VPN service!): http://www.vultr.com/?ref=6949897-3B

Here’s a quick how to with copy and paste instructions: https://www.cyberciti.biz/faq/ubuntu-linux-install-pi-hole-with-a-openvpn/

Use Termux on your phone to scp the *.ovpn file from your server.

Once your OpenVPN is up and running, be sure to secure it:

Allow SSH (Highly recommended to change the default SSH port and use SSH keys for security):

# ufw allow ssh

Allow UDP traffic over port 1194.

# ufw allow 1194/udp

Allow all from your private network.

ufw allow from 10.8.0.0/24

The ufw forwarding policy needs to be set.

# vi /etc/default/ufw

Look for DEFAULT_FORWARD_POLICY="DROP". This must be changed from DROP to ACCEPT. It should look like this when done:

DEFAULT_FORWARD_POLICY="ACCEPT"

Next we will add additional ufw rules for network address translation and IP masquerading of connected clients.

# vi /etc/ufw/before.rules

Make the top of your before.rules file look like below. The area in red for OPENVPN RULES must be added:

#
# rules.before
#
# Rules that should be run before the ufw command line added rules. Custom
# rules should be added to one of these chains:
#   ufw-before-input
#   ufw-before-output
#   ufw-before-forward
#

# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0] 
# Allow traffic from OpenVPN client to eth0
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES

# Don't delete these required lines, otherwise there will be errors
*filter

Enable UFW.

# ufw enable

Enabling ufw will return the following prompt:

Command may disrupt existing ssh connections. Proceed with operation (y|n)?

Answer y. The result will be this output:

Firewall is active and enabled on system startup

To check ufw’s primary firewall rules:

# ufw status