Fabio Napoleoni
bb3d1add3c
Export user pass option in client when OTP is enabled
2016-02-06 21:40:11 +01:00
Fabio Napoleoni
c24a22deea
Allow interactive usage
2016-02-06 21:38:26 +01:00
Fabio Napoleoni
6084261943
Improved script for user OTP generation, tested with pamtester
2016-02-06 21:31:08 +01:00
Fabio Napoleoni
5ca92a2c5e
Fixed configuration for pam module to allow login of non existing user accounts, i.e. VPN only users.
2016-02-06 21:20:34 +01:00
Fabio Napoleoni
dd719c1f11
Save OTP variable in server env
2016-02-06 20:25:03 +01:00
Fabio Napoleoni
6fcebf9adb
Server side configuration for OTP
2016-02-06 20:23:59 +01:00
Fabio Napoleoni
86d2a52f85
Install google authenticator in jessie
2016-02-06 19:45:42 +01:00
Fabio Napoleoni
1623afe651
Reverted to debian jessie
2016-02-06 19:40:54 +01:00
Kyle Manna
e7d0d4ea0e
ovpn_run: Fix sysctl IPv6 forwarding write
...
* I'm not sure if this ever worked without the `-w` flag. Perhaps in an
old version of sysctl?
2015-12-29 13:33:55 -08:00
Kyle Manna
e50f4dcc23
Merge pull request #90 from ypid/added-badges
...
Added badges showing a few key facts next to the CI status.
2015-12-21 16:05:35 -08:00
Robin Schneider
96d17bb5a7
Added badges showing a few key facts next to the CI status.
...
* Updated Docker Hub URL to new schema.
2015-12-21 22:19:22 +01:00
Kyle Manna
f2111006ad
Merge pull request #82 from vielmetti/patch-1
...
Split tunnels, as documented in #51
2015-11-30 13:43:22 -08:00
Edward Vielmetti
d520a58ec4
Split tunnels, as documented in #51
...
Taking text from #51 and putting in into the FAQ to make it that much easier to find.
2015-11-30 16:27:46 -05:00
Kyle Manna
1c290e60db
Merge branch 'compression'
...
Closes #81
2015-11-29 10:16:13 -08:00
unknown
2fa3abe064
fixed getopts argument typo. removed ":" before "z"
2015-11-29 10:15:15 -08:00
Christian Tawfik
2650d4a286
COMP-lzo param is set in client config, if defined in server.
2015-11-29 10:15:15 -08:00
Christian Tawfik
2abbcf1999
added config param to enable COMP-LZO compression
2015-11-29 10:14:07 -08:00
Kyle Manna
818e8682d1
Dockerfile: EasyRSA is in community now
...
* No longer in testing.
2015-11-28 09:10:55 -08:00
Kyle Manna
3edc12a6b7
Merge pull request #78 from gdb/gdb/master
...
Respect the -D flag
2015-11-01 10:38:26 -08:00
Greg Brockman
ded4414ef4
Respect the -D flag
...
It looks like edfbffb85f
caused the
OVPN_DNS variable to start being ignored, meaning the -D flag was a
no-op.
2015-10-31 19:39:32 -07:00
Kyle Manna
f277449569
Merge pull request #76 from discordianfish/push-custom-dns-servers
...
Support pushing custom DNS servers
2015-10-16 07:44:53 -07:00
Johannes 'fish' Ziemke
edfbffb85f
Support pushing custom DNS servers
2015-10-16 15:41:22 +02:00
Kyle Manna
98cf2128c7
Merge pull request #70 from kylemanna/alpine
...
Switch to Alpine for Base
2015-10-04 08:24:18 -07:00
Kyle Manna
c3d526fd67
Merge branch 'master' into alpine
2015-09-29 11:43:08 -07:00
Kyle Manna
1498795de2
ovpn_copy_server_files: Use short flags with rm
...
* The busybox tool in the alpine distro doesn't support long flags.
2015-09-29 11:42:17 -07:00
Kyle Manna
f00de363c7
ovpn_copy_server_files: Copy files without rsync
...
* Hack around the missing rsync by using tar to preserve the directory
structure.
* Fixes #73
2015-09-29 11:28:04 -07:00
Kyle Manna
7f58926aa2
tests: Add test for paranoid ovpn_copy_server_files
...
* Make sure this works
* Related to #73
2015-09-29 10:44:53 -07:00
Kyle Manna
ba7860cced
Merge branch 'travis-ci' into alpine
2015-09-22 15:03:20 -07:00
Kyle Manna
98340d7602
Merge pull request #71 from kylemanna/travis-ci
...
Add Travis CI Testing
2015-09-22 15:02:50 -07:00
Kyle Manna
9459804a1d
README: Add Travis CI build status
...
* Keeps people honest
2015-09-22 14:36:19 -07:00
Kyle Manna
b298eb16bc
travis-ci: Extend test to actually do a connection
...
* Start the server
* Start the client
* Connect
* Profit
2015-09-22 14:32:55 -07:00
Kyle Manna
2c3284acd6
travis-ci: Initial build test
...
* Build and reports package version.
2015-09-22 08:59:15 -07:00
Kyle Manna
23f66094ff
alpine: Use easy-rsa in testing branch of alpine
...
* Simplifes the Dockerfile significantly.
* No need for curl.
2015-09-10 10:33:05 -07:00
Kyle Manna
3da0efa5bc
alpine: Use alpine as base image instead of Debian
...
* Debian Jessie -> Alpine 3.2: 150MB -> 15MB
2015-09-08 10:07:16 -07:00
Kyle Manna
314eb15507
Merge pull request #69 from ypid/docker_no_network_paranoid_doc
...
Only setup networking for containers which need it.
2015-09-08 06:54:42 -07:00
Robin Schneider
ee9f4531ad
Only setup networking for containers which need it.
...
This should mitigate a hypothetical compromise of the scripts used to
manage the CA and other sensitive material.
The examples should still work and make sense although I have not tried
all of them with this change applied.
Note that I did not append the --net=none to all examples because in
some cases network is probably wanted.
* Changing this for all docs was not accepted by @kylemanna.
https://github.com/kylemanna/docker-openvpn/pull/65#issuecomment-138559257
2015-09-08 15:34:58 +02:00
Kyle Manna
41f7fd22ad
Merge pull request #66 from ypid/copy_server_not_symlink
...
ovpn_copy_server_files: Copy openvpn.conf instead of symlinking locally.
2015-09-07 20:03:09 -07:00
Kyle Manna
d08df0189b
Dockerfile: Chmod everything in /usr/local/bin
...
* Keep it simple.
* Nothing should ever be put in bin that isn't excutable.
2015-09-07 19:21:55 -07:00
Kyle Manna
d96378a391
Dockerfile: Streamline tarball extraction
...
* No point in writing it to the disk and then deleting it
* Extract it in place
2015-09-07 19:21:07 -07:00
Julian Vassev
32029c98c8
Update to easyrsa 3.0
...
virtual size 60mb smaller, git replaced by curl
2015-09-08 01:11:32 +03:00
Robin Schneider
3df53012b6
ovpn_copy_server_files: Copy openvpn.conf instead of symlinking locally.
...
Symlinked files can be resolved by rsync when using the configuration on remote
servers but for local testing having the actual file is beneficial.
2015-08-27 21:19:27 +02:00
Kyle Manna
74c4ca94a7
Merge pull request #62 from ypid/docs-rework
...
Updated documentation.
2015-08-26 08:42:58 -07:00
Kyle Manna
b96a91e876
Merge pull request #63 from ypid/allow_ciper_setting
...
Allow to change security related options tls-cipher, cipher and auth.
2015-08-26 08:42:30 -07:00
Kyle Manna
407506392f
Merge pull request #64 from ypid/copy_server_files-ensure-rm
...
ovpn_copy_server_files: Ensure that no other keys then the one for the server is present.
2015-08-26 08:41:24 -07:00
Robin Schneider
bf9f58f8e1
Reverted Github flavored markdown Shell syntax highlighting.
...
Sorry again for the inconvenience.
2015-08-26 13:12:18 +02:00
Robin Schneider
050d4a1f82
ovpn_copy_server_files: Ensure that no other keys then the one for the server is present.
...
When creating a multi-server setup I used a partly copied, partly
symlinked directory structure for the different servers after creating a
certificate for each server with `easyrsa build-server-full`. In that
process I also copied the `server` directory.
The rsync command does not delete files which are not excluded so it
included the correct server key and the original one which can be a
security risk.
2015-08-26 13:00:17 +02:00
Robin Schneider
d6209eebc2
Allow to change security related options tls-cipher, cipher and auth.
2015-08-26 12:56:40 +02:00
Robin Schneider
2d16231c3c
Updated documentation.
...
* Related to https://github.com/kylemanna/docker-openvpn/pull/54
* Allow better syntax highlighting.
* Added/Fixed hyperlinks.
* Spelling.
2015-08-25 12:40:02 +02:00
Kyle Manna
15ac3c89b0
Merge pull request #60 from wernerb/master
...
Set custom OVPN_NATDEVICE when using --net=host to custom interface.
2015-08-24 09:04:51 -07:00
Werner Buck
0181bb93d6
Add ability to set OVPN_NATDEVICE to target specific interface when using net=host
2015-08-24 17:19:40 +02:00