allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

init: Update init file to be a template

Browse Source 
* Useful for systems with several OpenVPN docker containers running.
This commit is contained in:
Kyle Manna 2015-07-11 08:31:58 -07:00
parent 08d8116e31
commit 313d1e756c
2 changed files with 43 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
init/docker-openvpn.service
View File

@ -1,30 +0,0 @@
[Unit]
Description=OpenVPN Docker Container
Documentation=https://github.com/kylemanna/docker-openvpn
After=network.target docker.socket
Requires=docker.socket
[Service]
# Modify IP6_PREFIX to match network config
Environment="IP6_PREFIX=2001:db8::/64"
Environment="OVPN_NAME=openvpn0"
Environment="OVPN_DATA=ovpn-data"
# Clean-up previous bad states
ExecStartPre=-/usr/bin/docker rm -f openvpn0
# Ensure forwarding is enabled on host's networking stack (hacky)
ExecStartPre=/sbin/sysctl net.ipv6.conf.default.forwarding=1
ExecStartPre=/sbin/sysctl net.ipv6.conf.all.forwarding=1
# Main process
ExecStart=/usr/bin/docker run --rm --privileged --volumes-from $OVPN_DATA --name $OVPN_NAME -p 1194:1194/udp kylemanna/openvpn:dev ovpn_run --config openvpn.conf --server-ipv6 $IP6_PREFIX
# Add static route for IPv6 after it starts up
ExecStartPost=/bin/sh -c "sleep 1; ip route replace $IP6_PREFIX via $(docker inspect -f '{{ .NetworkSettings.GlobalIPv6Address }}' $OVPN_NAME ) dev docker0"
# Clean-up
ExecStopPost=-/sbin/ip route del $IP6_PREFIX dev docker0
[Install]
WantedBy=multi-user.target

43
init/docker-openvpn@.service Normal file
View File

@ -0,0 +1,43 @@
[Unit]
Description=OpenVPN Docker Container
Documentation=https://github.com/kylemanna/docker-openvpn
After=network.target docker.socket
Requires=docker.socket
[Service]
RestartSec=10
Restart=always
# Modify IP6_PREFIX to match network config
#Environment="IP6_PREFIX=2001:db8::/64"
#Environment="ARGS=--config openvpn.conf --server-ipv6 2001:db8::/64"
Environment="NAME=ovpn-%i"
Environment="DATA_VOL=ovpn-data-%i"
Environment="IMG=kylemanna/openvpn:dev"
Environment="PORT=1194:1194/udp"
# Override defaults in env file
EnvironmentFile=-/etc/default/docker-openvpn-%i
# Clean-up bad state if still hanging around
ExecStartPre=-/usr/bin/docker rm -f $NAME
# Attempt to pull new image for security updates
ExecStartPre=-/usr/bin/docker pull $IMG
# IPv6: Ensure forwarding is enabled on host's networking stack (hacky)
# Would be nice to use systemd-network on the host, but this doens't work
# http://lists.freedesktop.org/archives/systemd-devel/2015-June/032762.html
ExecStartPre=/bin/sh -c 'test -z "$IP6_PREFIX" && exit 0; sysctl net.ipv6.conf.all.forwarding=1'
# Main process
ExecStart=/usr/bin/docker run --rm --privileged --volumes-from ${DATA_VOL}:ro --name ${NAME} -p ${PORT} ${IMG} ovpn_run $ARGS
# IPv6: Add static route for IPv6 after it starts up
ExecStartPost=/bin/sh -c 'test -z "${IP6_PREFIX}" && exit 0; sleep 1; ip route replace ${IP6_PREFIX} via $(docker inspect -f "{{ .NetworkSettings.GlobalIPv6Address }}" $NAME ) dev docker0'
# IPv6: Clean-up
ExecStopPost=/bin/sh -c 'test -z "$IP6_PREFIX" && exit 0; ip route del $IP6_PREFIX dev docker0'
[Install]
WantedBy=multi-user.target