allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity

Merge branch 'static-ips'

Browse Source 
Closes #2
This commit is contained in:
Kyle Manna 2014-06-30 00:39:11 -07:00
commit aeb1e255cf
3 changed files with 45 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
bin/ovpn_genconfig
View File

@ -6,15 +6,23 @@
set -ex
cn=$1
servername=$(cat "$OPENVPN/servername" 2> /dev/null)
cn=${1-$servername}
if [ -z "$cn" ]; then
echo "Common name not specified"
exit 1
fi
cat > "$OPENVPN/udp1194.conf" <<EOF
server 192.168.255.128 255.255.255.128
conf=$OPENVPN/udp1194.conf
if [ -f "$conf" ]; then
bak=$conf.$(date +%s).bak
echo "Backing up $conf -> $bak"
mv "$conf" "$bak"
fi
cat > "$conf" <<EOF
server 192.168.255.0 255.255.255.0
verb 3
#duplicate-cn
key $EASYRSA_PKI/private/$cn.key
@ -29,6 +37,9 @@ persist-tun
push "dhcp-option DNS 8.8.4.4"
push "dhcp-option DNS 8.8.8.8"
client-config-dir $OPENVPN/ccd
route 192.168.254.0 255.255.255.0
proto udp
port 1194
dev tun1194

7
bin/ovpn_run
View File

@ -11,6 +11,13 @@ if [ ! -c /dev/net/tun ]; then
mknod /dev/net/tun c 10 200
fi
if [ ! -d "$OPENVPN/ccd" ]; then
mkdir -p /etc/openvpn/ccd
fi
# Static subnet
iptables -t nat -A POSTROUTING -s 192.168.254.0/24 -o eth0 -j MASQUERADE
# Dynamic subnet
iptables -t nat -A POSTROUTING -s 192.168.255.0/24 -o eth0 -j MASQUERADE
openvpn --config "$OPENVPN/udp1194.conf"

24
docs/static-ips.md Normal file
View File

@ -0,0 +1,24 @@
# Static IP Addresses
The docker image is setup for static client configuration on the 192.168.254.0/24 subnet. To use it follow the Quick Start section below. Note that the IP addresses octects need to be picked special, see [OpenVPN Documentation](https://openvpn.net/index.php/open-source/documentation/howto.html#policy) for more details.
## Quick Start
1. Create a client specific configuration:
$ echo "ifconfig-push 192.168.254.1 192.168.254.2" | docker run --volumes-from openvpn-data -i --rm kylemanna/openvpn tee /etc/openvpn/ccd/CERT_COMMON_NAME
ifconfig-push 192.168.254.1 192.168.254.2
2. Wait for client to reconnect if necessary
## Advanced Admin
Login to the openvpn-data volume with a `bash` container, note only changes in /etc/openvpn will persist:
docker run --volumes-from openvpn-data -it --rm kylemanna/openvpn bash -l
## Upgrading from Old OpenVPN Configurations
If you're running an old configuration and need to upgrade it to pull in the ccd directory run the following:
docker run --volumes-from openvpn-data --rm kylemanna/openvpn ovpn_genconfig