allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity
40 Commits 5 Branches 6 Tags
9a7ccd45aee1091edca476e94d1b2db59951aa77
Commit Graph

40 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kyle Manna
9a7ccd45ae docs: Add static IP documentation 
* Add the documentation while it's fresh.
 2014-06-30 00:35:52 -07:00
Kyle Manna
26a14d2f4b clients: Add support for static subnet 
* Allow static clients to be placed on 192.168.254.0/24 subnet.
 2014-06-30 00:13:55 -07:00
Kyle Manna
5e3c9719c8 run: Always ensure client dir exists 
* OpenVPN will fail to start if this directory doesn't exist.
 2014-06-29 23:26:23 -07:00
Kyle Manna
7b9d82630d genconfig: Backup old config file 
* Backup previous config file before overwriting.
 2014-06-29 23:26:23 -07:00
Kyle Manna
1aaf6a4359 genconfig: Use servername if $1 not specified 
* Set the common name to servername set during last ovpn_init if $1 is
  not passed in.
* Simplies re-running ovpn_genconfig when features are added.
 2014-06-29 23:26:23 -07:00
Kyle Manna
20dc3d6ea0 genconfig: Expand the subnet 
* Use a larger subnet (2x the size) to allow for more hard-coded
  configurations.
 2014-06-29 23:26:23 -07:00
Kyle Manna
353019b0e9 genconfig: Add client-config-dir 
* Add client config directory for client specific configuration options
  such as IP addresses.
 2014-06-29 23:26:23 -07:00
Kyle Manna
024fa95f19 README: Update to describe current implementation 
* Update to describe the current implementation as changed following the
  fork.
 2014-06-05 09:02:49 -07:00
Kyle Manna
126f3a4557 ovpn_init: Protect the CA key by default 
* Protect the CA key with a passphrase by default to protect it from a
  filsystem compromise.  An attacker could still steal the other keys
  stored (ie the server's cert key), but not issue new keys.
* This is a good compromise for now.
 2014-06-04 17:07:07 -07:00
Kyle Manna
e1902bc2cd ovpn_genconfig: Add generate config script 
* Create a generate config script so that the new docker containers can
  regenerate the OpenVPN configuration without clobbering the PKI setup.
 2014-06-04 16:50:53 -07:00
Kyle Manna
d180cce5d0 README: Update with quick blurb on how to use 
* Brain dump of an example until I get time to properly update.
 2014-06-04 15:42:35 -07:00
Kyle Manna
4728990da3 ovpn_getclient: Verify server certificate 
* Verify the server's certificate to avoid MITM attacks
 2014-06-04 15:38:49 -07:00
Kyle Manna
bc4165e587 tls-auth: Enable tls-auth for security 
* Enabling tls-auth improves security and helps protect against DDoS.
 2014-06-04 15:35:18 -07:00
Kyle Manna
1751d00fc9 Dockerfile: Switch to leaner Debian image 
* Debian testing/Jessie is approximately 30% smaller the Ubuntu, use
  that instead.
 2014-06-04 11:42:37 -07:00
Kyle Manna
939cf7ab67 ovpen_init: Remove external IP resolution 
* Disable auto guessing the external IP in favor of the user explicitly
  specifying the server name.  Save the servername for client cert
  generation later.
* Remove dnsutils from build since dig is no longer necessary.  Favor
  learn and mean images.
 2014-06-04 11:15:43 -07:00
Kyle Manna
1869cd85d0 openvpn.sh: Split in to smaller scripts 
* Split soon to be massive wrapper into smaller managable scripts.
* Re-organized Dockerfile to exploit cache when rebuilding
 2014-06-04 11:13:59 -07:00
Kyle Manna
035ff64200 Dockerfile: Add ENV configuration 
* Add ENV configuration options to Dockerfile as opposed to keeping in
  the wrapper script.
* First step to splitting up openvpn.sh in to smaller scripts.
 2014-06-04 10:52:59 -07:00
Kyle Manna
f6474d06f9 Dockerfile: Remove unused ports 
* These ports are unused, remove them to reduce confusion.
 2014-06-04 09:30:04 -07:00
Kyle Manna
2d26b87343 run: Remove run script 
* Replaced by openvpn.sh
 2014-06-04 09:29:45 -07:00
Kyle Manna
161acca6a2 openvpn.sh: Add log tail function 
* Add ability to tail log file as original repo did.
 2014-06-04 09:29:17 -07:00
Kyle Manna
7944bcd9fe serveconfig: Remove 
* Use the openvpn.sh wrapper script instead
 2014-06-04 09:26:53 -07:00
Kyle Manna
422c2a302d openvpn.sh: Add getclientconfig 
* Add mechanism to generate and return a client configuration
* Seemlessly Generates certificate if necessary
 2014-06-04 09:18:25 -07:00
Kyle Manna
f673ee83ce openvpn.sh: Save servername used during init 
* Save the DNS domain name or IP address the server was configured with
* Useful for generating client configurations
 2014-06-04 09:08:09 -07:00
Kyle Manna
a1c174f6f5 openvpn.sh: Implement init step and cert gen 
* Initialize and configure the OpenVPN server
* Generate PKI keys, CA, and certs when needed
 2014-06-04 01:39:38 -07:00
Kyle Manna
9e4de074d0 openvpn.sh: Add easyrsa to wrapper 
* Provide a way to invoke easyrsa form the wrapper
* Add ability to set the EasyRSA vars file which manages the default
  settings for the EasyRSA PKI CA.
 2014-06-04 00:21:14 -07:00
Kyle Manna
f6873cf5bd Dockerfile: Add EasyRSA-3 support 
* EasyRSA v3 is preferred over v2 because it includes support for
  elliptic curves.
 2014-06-04 00:21:14 -07:00
Kyle Manna
023cfe6596 openvpn.sh: Add wrapper script 
* Add the beginning of a wrapper script that will handle cert generation
  and OpenVPN invocation.
 2014-06-03 20:58:13 -07:00
Kyle Manna
47bc4e4865 Dockerfile: Add MAINTAINER line 
* Add maintrainer line and credit jpetazzo
 2014-06-03 20:42:19 -07:00
Kyle Manna
c19b01e005 Dockerfile: Update to Ubuntu 14.04 
* Upgrade to latest Ubuntu LTS release
 2014-06-03 20:31:53 -07:00
Jérôme Petazzoni
a002a7cbec Merge pull request #4 from ReAzem/patch-1 
readme updates
 2014-05-23 17:13:09 -07:00
Alexandre Viau
93d12716c5 commands were deprecated 2014-05-23 18:31:46 -04:00
Alexandre Viau
7be3bf2cd9 more comprehensible 2014-05-23 17:49:33 -04:00
Jérôme Petazzoni
048539fdcd Merge pull request #3 from paimpozhil/master 
adding google nameservers into the DHCP push
 2014-05-02 14:36:56 -07:00
Paimpozhil
83e47bb3be adding google nameservers into the DHCP push 2014-04-29 16:05:53 -04:00
Jérôme Petazzoni
71136d9ba3 Merge pull request #1 from Tuinslak/patch-1 
forgot .log
 2013-09-10 15:37:01 -07:00
Yeri Tiete
b3a5a89ab3 forgot .log 
It's not that important but it's cleaner.
 2013-09-11 00:33:55 +02:00
Jérôme Petazzoni
c6b94b5726 Add mention of SSL for configuration download. 2013-09-04 14:22:24 -07:00
Jérôme Petazzoni
be9e6b65c9 Add mention of SSL for configuration download. 2013-09-02 18:48:51 -07:00
Jérôme Petazzoni
df45b24a3b Documentation is always helpful! 2013-09-02 17:42:05 -07:00
Jerome Petazzoni
0f56065a90 Docker can haz VPN nao! 2013-09-02 23:46:19 +00:00