Commit Graph

197 Commits

Author SHA1 Message Date
Kyle Manna
e6f7904344 run: Add IPv6 forwarding if default route
* Enable IPv6 forwarding if docker daemon provided a default route
* For now this requires the --privileged flag, but this could be hacked
  around using `ip netns` madness.
2015-07-05 21:07:06 -07:00
Kyle Manna
6aca273d89 getclient: Use openssl to prune comments
* The EasyRSA tools create a certificate file with all the metadata
  readable.  This makes the config file larger then it needs to be, so
  prune it.
* Retrieve text files with `openssl x509 -in <crt> -noout -text`
2015-07-05 21:07:04 -07:00
Kyle Manna
e3655b5115 init: Move upstart file to init directory
* No functional changes.
2015-07-05 21:07:00 -07:00
Kyle Manna
1078267db5 Dockerfile: Clarify port mapping
* Extend comment about port mapping since everyone seems to want to run
  on port 443/tcp.
* Accept that nobody (except the already competent) will read the
  comment and ask anyway.
2015-06-21 22:55:16 -07:00
Kyle Manna
27bb8c7149 README: Add example service
* Example service to demo the container.
2015-06-21 22:35:46 -07:00
Kyle Manna
868da2ddac Merge pull request #49 from ypid/copy-server-create-ccd
Create ccd directory to prevent error if /etc is mounted read-only.
2015-05-31 16:00:39 -07:00
Robin Schneider
7399ff7bbd
Create ccd directory to prevent error if /etc is mounted read-only.
* mkdir: cannot create directory '/etc/openvpn/ccd': Read-only file system
2015-05-31 22:10:54 +02:00
Kyle Manna
e0f7856e6f Merge pull request #48 from ypid/optimized-copy-server-script
Optimized ovpn_copy_server_files script. No need to copy the config files.
2015-05-30 16:09:50 -07:00
Kyle Manna
a52a9cdc8d Merge pull request #47 from ypid/added-raw-client-config
Added variable OVPN_ADDITIONAL_CLIENT_CONFIG use arbitrary openvpn configuration options.
2015-05-30 16:09:25 -07:00
Kyle Manna
d1ae4dd305 Merge pull request #46 from ypid/fixed-docs
Using better example in docs.
2015-05-30 16:08:54 -07:00
Robin Schneider
e361e757da
Optimized ovpn_copy_server_files script. No need to copy the config files.
* rsync can copy the actual files.
* This change makes it easier to modifier the configuration and sync it
  to the server. You only have to execute the ovpn_copy_server_files
  once.
2015-05-31 00:52:33 +02:00
Robin Schneider
ca78b46723
Added variable OVPN_ADDITIONAL_CLIENT_CONFIG use arbitrary openvpn configuration options. 2015-05-30 23:03:17 +02:00
Robin Schneider
2e2c66b978
Using better example in docs. 2015-05-30 23:00:53 +02:00
Kyle Manna
5e4bad7bc4 license: Migrate from AGPLv3 -> MIT
* More liberal license
* Closes #43
2015-05-12 12:52:25 -07:00
Robin Schneider
debf45ae46
Changed license of scripts I wrote to MIT. Related to #43. 2015-05-12 21:24:59 +02:00
Kyle Manna
e53492850f crl: Pass crl-verify if found
* Empty CRLs don't work.
* Avoids confusing easyrsa during the init step where it thinks an
  existing PKI configuration exists.
* Add to ovpn_run to help users that are upgrading and ran genconfig
  which now depends on the file being present.
* Use a hardlink to tip toe around permissions issues.
2015-05-12 02:10:43 -07:00
Kyle Manna
978e072d29 docs: Fix typo to CRL steps
* Copy paste error. Oops.
2015-05-11 10:48:09 -07:00
Kyle Manna
5021bad597 ovpn: Add support for revoking certificates (CRL)
* Add this much needed missing feature.  Easy RSA makes it... easy.
2015-05-11 10:41:25 -07:00
Kyle Manna
bcb55f6255 docs: Tweak case and arguments
* Makes the reading more uniform with the rest of the documentation.
2015-05-11 10:32:58 -07:00
Kyle Manna
c3024ce335 genconfig: Remove duplicate-cn mention
* Remove the commented out duplicate-cn configuration option
* Leads to confusion
* Related #42
2015-05-09 15:19:24 -07:00
Kyle Manna
2f9947c8e4 run: Pass cmd line arguments to openvpn
* Pass command line arguments to openvpn if passed in.  Enables users to
  easily override or add settings.
* Resolves #42
2015-05-09 15:18:53 -07:00
Kyle Manna
35c5d7bf70 license: Add AGPLv3 license
* Not sure how I missed this for so long.
2015-03-20 22:32:48 -07:00
Kyle Manna
bf34f341fc Merge remote-tracking branch 'ypid/getclient' into dev 2015-03-20 16:54:22 -07:00
Kyle Manna
a42a42885e Merge pull request #37 from ypid/fix-docs-paranoid
Fix paranoid doc.
2015-03-20 11:49:26 -07:00
Robin Schneider
47cc0e3ae6
Fixed based on the review by @kylemanna. Thanks. 2015-03-14 13:22:28 +01:00
Robin Schneider
06c005a449
Fixed up Markdown. 2015-03-14 13:00:11 +01:00
Robin Schneider
190ab9ae51
Fixed typos. 2015-03-14 12:59:07 +01:00
Kyle Manna
f208847f54 Merge pull request #34 from ypid/master
Wrote script to copy only the needed files to the docker host which runs the docker openvpn server.
2015-03-12 21:03:28 -07:00
Robin Schneider
f431d179aa
Fixed spelling. 2015-03-13 02:00:04 +01:00
Robin Schneider
fd4a5dc38e
EASYRSA_PKI might not be defined. 2015-03-13 00:43:50 +01:00
Robin Schneider
e6e2221d8b
Allow to export separated client config and wrote ovpn_getclient_all. 2015-03-13 00:32:40 +01:00
Robin Schneider
3c64367583
Removed the --dry-run from rsync. Make it actually do something. 2015-03-12 23:49:49 +01:00
Robin Schneider
5e514721ff
Added documentation for ovpn_copy_server_files. 2015-03-12 23:11:33 +01:00
Kyle Manna
88c76c787e genconfig: Turn off exit on error at end
* Need to check return status of diff, but don't want a false return
  code to exit the script.
* Fixes #35
2015-03-09 09:19:38 -07:00
Robin Schneider
3d2d839d0b
Wrote script to copy only the needed files to the docker host which runs the docker openvpn server.
* For the truly paranoid users, never keep any keys (i.e. client and
  certificate authority) in the docker container to begin with :).
2015-03-08 22:40:08 +01:00
Kyle Manna
8d8f19d951 genconfig: Describe backup conf deletion
* Handle back-up configuration deletion better by informing the user
  why the back-up vanished and why.
* Closes #33
2015-03-07 16:35:08 -08:00
Kyle Manna
96ffed0984 Merge pull request #32 from omriiluz/master
Disable default bash xtrace and fix but in variables
2015-03-01 22:50:35 -08:00
omriiluz
43ae3eb61d properly clone arrays 2015-02-28 03:22:08 -08:00
omriiluz
6b23cf8d88 do not accumulate routes and push directives from default if new directives were defined 2015-02-28 03:01:00 -08:00
omriiluz
e9d1022eb4 Disable bash debug (xtrace) by default, re-enable with -e DEBUG=1 2015-02-28 02:45:31 -08:00
Kyle Manna
42d95bd77a Merge pull request #31 from nuimk/master
Return correct exit status in ovpn_getclient script
2015-02-23 16:52:38 -08:00
Nui Narongwet
e959dca048 Return correct exit status 2015-02-21 02:46:50 +07:00
Kyle Manna
862aa19017 README: Add missing newline
* Fixes rendering issue on Docker Hub.
* If only all the Markdown renders worked the same...
2015-02-10 08:48:28 -08:00
Kyle Manna
5eb8c4b054 docs: Add FAQs document
* Place to put questions rather then the README
2015-02-07 15:10:24 -08:00
Kyle Manna
1940434447 README: Add links to upstream
* Link back to upstream to make it simpler to hop around.
2015-02-07 15:00:19 -08:00
Kyle Manna
4cd6f89a5a README: Add Benefits section
* Write-up the benefits from a comment on the DO tutorial.
2015-02-07 15:00:19 -08:00
Kyle Manna
7f2ae880d5 README: Add link to DO Tutorial
* Add a link to the Digital Ocean tutorial I wrote up some time ago.
2015-02-07 15:00:19 -08:00
Kyle Manna
06aee5bc37 Merge pull request #28 from omriiluz/master
Include optional configuration options
2015-01-17 18:14:35 -08:00
omriiluz
1cb38ce146 Support client mtu push 2015-01-17 01:07:52 -08:00
Omri Iluz
3eeee022fd Create NAT if OVPN_NAT is set (flag -N) 2015-01-17 01:00:18 -08:00