allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity
44 Commits 5 Branches 6 Tags 707 KiB
836b473d20
Commit Graph

6 Commits

Author SHA1 Message Date
Kyle Manna
34eca5b96f ovpn: Convert from servername -> server_url 
* Previously the server name cached the common name generated during
  init and assumed always 1194/udp.
* The new configuration allows for users to pass in a url in a new form
  that allows the protocol to be specified as well as the port.
* Example: udp://vpn.example.com:1194
* Try to be backwards compatible.
 2014-06-30 23:27:00 -07:00
Kyle Manna
126f3a4557 ovpn_init: Protect the CA key by default 
* Protect the CA key with a passphrase by default to protect it from a
  filsystem compromise.  An attacker could still steal the other keys
  stored (ie the server's cert key), but not issue new keys.
* This is a good compromise for now.
 2014-06-04 17:07:07 -07:00
Kyle Manna
e1902bc2cd ovpn_genconfig: Add generate config script 
* Create a generate config script so that the new docker containers can
  regenerate the OpenVPN configuration without clobbering the PKI setup.
 2014-06-04 16:50:53 -07:00
Kyle Manna
bc4165e587 tls-auth: Enable tls-auth for security 
* Enabling tls-auth improves security and helps protect against DDoS.
 2014-06-04 15:35:18 -07:00
Kyle Manna
939cf7ab67 ovpen_init: Remove external IP resolution 
* Disable auto guessing the external IP in favor of the user explicitly
  specifying the server name.  Save the servername for client cert
  generation later.
* Remove dnsutils from build since dig is no longer necessary.  Favor
  learn and mean images.
 2014-06-04 11:15:43 -07:00
Kyle Manna
1869cd85d0 openvpn.sh: Split in to smaller scripts 
* Split soon to be massive wrapper into smaller managable scripts.
* Re-organized Dockerfile to exploit cache when rebuilding
 2014-06-04 11:13:59 -07:00