Update the whole project

2024-07-14 21:58:06 +02:00
parent 767cd2d512
commit cb6e867483
2 changed files with 41 additions and 23 deletions
--- a/containerfiles/Containerfile
+++ b/containerfiles/Containerfile
@ -16,7 +16,7 @@ RUN dudo -l "https://swupdate.openvpn.org/community/releases/openvpn-{{ version
 RUN tar -xf /tmp/openvpn.tar.gz  -C /tmp && rm -f /tmp/openvpn.tar.gz
 RUN mv /tmp/openvpn-${OPENVPN_VERSION} /output/openvpn

-FROM ubuntu as builder
+FROM ubuntu:24.04 as builder
 # ------------------------------------------------------
 # -- TODO: Define it only once
 # ------------------------------------------------------
@ -31,36 +31,34 @@ WORKDIR /src/openvpn
 RUN ./configure --disable-systemd --enable-async-push --enable-iproute2
 RUN make && make install
 RUN mkdir /output
-RUN cp $(which openvpn) /output/
+RUN cp $(which openvpn) /output
+RUN cp /src/openvpn/sample/sample-config-files/server.conf /output

 # ------------------------------------------------------
 # -- Final container
 # ------------------------------------------------------
 FROM ubuntu:24.04
-LABEL maintainer="allanger <allanger@zohomail.com>"
-COPY --from=builder /output /src
+LABEL maintainer="allanger <allanger@badhouseplants.net>"
+VOLUME /opt/data/openvpn
+WORKDIR /opt/data/openvpn
+
+ENV EASYRSA_BATCH=yes
+ENV EASYRSA_REQ_CN=openvpn-server
+
+COPY --from=builder /output/openvpn /src/openvpn
+COPY --from=builder /output/server.conf /opt/config/server.conf
+
 # -------------------------------------------------------
 # -- Prepare system deps
+# -- It's also installing the openvpn package but 
+# -- it's required for getting dependencies, later
+# -- it's rewritten by the binary that from the builder
 # -------------------------------------------------------
-RUN apt update && apt install openvpn easy-rsa iptables -y && \
-  mv /src/openvpn $(which openvpn)
-
-# Needed by scripts
-ENV OPENVPN /etc/openvpn
-
-# Prevents refused client connection because of an expired CRL
-ENV EASYRSA_CRL_DAYS 3650
-
-VOLUME ["/etc/openvpn"]
-
-# Internally uses port 1194, remap if needed using `docker run -p 443:1194/tcp`
-EXPOSE 1194
+RUN apt update &&\
+      apt upgrade -y && \
+      apt install openvpn easy-rsa -y && \
+      mv /src/openvpn $(which openvpn)

 CMD ["ovpn_run"]

-COPY --chmod='755' ./bin /usr/local/bin
-# -----------------------------------------------------------
-# -- Add support for OTP authentication using a PAM module
-# -- I have no idea how it works yet
-# -----------------------------------------------------------
-WORKDIR /etc/openvpn
+COPY --chmod='755' ./bin /usr/local/bin