allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

Merge branch 'docs'

Browse Source
This commit is contained in:
Kyle Manna 2014-07-09 12:24:30 -07:00
commit 76a230b3be
5 changed files with 36 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -10,8 +10,8 @@ OpenVPN server in a Docker container complete with an EasyRSA PKI CA.
* Initalize the `$OVPN_DATA` container that will hold the configuration files and certificates * Initalize the `$OVPN_DATA` container that will hold the configuration files and certificates
docker run --volumes-from $OVPN_DATA kylemanna/openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM:1194 docker run --volumes-from $OVPN_DATA --rm kylemanna/openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM:1194
docker run --volumes-from $OVPN_DATA -it kylemanna/openvpn ovpn_initpki docker run --volumes-from $OVPN_DATA --rm -it kylemanna/openvpn ovpn_initpki
* Start OpenVPN server process * Start OpenVPN server process

21
docs/advanced.md Normal file
View File

@ -0,0 +1,21 @@
# Advanced Configurations
The ovpn_genconfig script is intended for simple configurations that apply to the majority of the users. If your use case isn't general, it likely won't be supported. This document aims to explain how to work around that.
## Create host volume mounts rather then data volumes
* Refer to the Quick Start document, and substitute `--volumes-from $OVPN_DATA` with `-v /path/on/host/openvpn0:/etc/openvpn`
* Quick example that is likely to be out of date, but here's how to get started:
mkdir openvpn0
cd openvpn0
docker run --rm -v $PWD:/etc/openvpn kylemanna/openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM:1194
docker run --rm -v $PWD:/etc/openvpn -it kylemanna/openvpn ovpn_initpki
vim openvpn.conf
docker run --rm -v $PWD:/etc/openvpn -it kylemanna/openvpn easyrsa build-client-full CLIENTNAME nopass
docker run --rm -v $PWD:/etc/openvpn kylemanna/openvpn ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn
* Start the server with:
docker run -v $PWD:/etc/openvpn -d -p 1194:1194/udp --privileged kylemanna/openvpn

4
docs/backup.md
View File

@ -11,8 +11,8 @@ TL;DR Protect the resulting archive file, by ensure there is very limited access
## Backup to Archive ## Backup to Archive
docker run --volumes-from openvpn-data --rm busybox tar -cvf - -C /etc openvpn | xz > openvpn-backup.tar.xz docker run --volumes-from $OVPN_DATA --rm busybox tar -cvf - -C /etc openvpn | xz > openvpn-backup.tar.xz
## Retore to New Image ## Retore to New Image
xzcat openvpn-backup.tar.xz | docker run --name openvpn-data -v /etc/openvpn -i busybox tar -xvf - -C /etc xzcat openvpn-backup.tar.xz | docker run --name $OVPN_DATA -v /etc/openvpn -i busybox tar -xvf - -C /etc

7
docs/debug.md
View File

@ -2,6 +2,13 @@
Random things I do to debug the containers. Random things I do to debug the containers.
## Login Shells
* Create a shell in the running docker container (aka namespace) with [nsenter](https://github.com/jpetazzo/nsenter)
* If you don't have nsenter/docker-enter, you can mount the data container and modify it with
docker run --rm -it --volumes-from $OVPN_DATA kylemanna/openvpn bash -l
## Stream OpenVPN Logs ## Stream OpenVPN Logs
1. Get the container's name or container ID: 1. Get the container's name or container ID:

8
docs/static-ips.md
View File

@ -6,19 +6,19 @@ The docker image is setup for static client configuration on the 192.168.254.0/2
1. Create a client specific configuration: 1. Create a client specific configuration:
$ echo "ifconfig-push 192.168.254.1 192.168.254.2" | docker run --volumes-from openvpn-data -i --rm kylemanna/openvpn tee /etc/openvpn/ccd/CERT_COMMON_NAME $ echo "ifconfig-push 192.168.254.1 192.168.254.2" | docker run --volumes-from $OVPN_DATA -i --rm kylemanna/openvpn tee /etc/openvpn/ccd/CERT_COMMON_NAME
ifconfig-push 192.168.254.1 192.168.254.2 ifconfig-push 192.168.254.1 192.168.254.2
2. Wait for client to reconnect if necessary 2. Wait for client to reconnect if necessary
## Advanced Admin ## Advanced Admin
Login to the openvpn-data volume with a `bash` container, note only changes in /etc/openvpn will persist: Login to the data volume with a `bash` container, note only changes in /etc/openvpn will persist:
docker run --volumes-from openvpn-data -it --rm kylemanna/openvpn bash -l docker run --volumes-from $OVPN_DATA -it --rm kylemanna/openvpn bash -l
## Upgrading from Old OpenVPN Configurations ## Upgrading from Old OpenVPN Configurations
If you're running an old configuration and need to upgrade it to pull in the ccd directory run the following: If you're running an old configuration and need to upgrade it to pull in the ccd directory run the following:
docker run --volumes-from openvpn-data --rm kylemanna/openvpn ovpn_genconfig docker run --volumes-from $OVPN_DATA --rm kylemanna/openvpn ovpn_genconfig