allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity
277 Commits 5 Branches 6 Tags
baf9504875477b9c920b15434593dd50954f6e1c
Commit Graph

277 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
David Butler
8356a664d8 Added linux policy file 2016-02-10 12:25:45 -06:00
Fabio Napoleoni
ba7b925a9f Using a different volume name for otp test, should allow tests to run 2016-02-10 17:12:49 +01:00
Fabio Napoleoni
517ad6aeb2 Implemented tests for 2 factor authentication 2016-02-10 16:59:15 +01:00
Fabio Napoleoni
9c6f3311a1 Fix for Dockerfile, trailing slash is needed. 2016-02-07 14:45:28 +01:00
Fabio Napoleoni
dc4656ef48 OTP documentation 2016-02-07 14:30:56 +01:00
Fabio Napoleoni
e8d93ea4fa Use $USER@$OVPN_CN for OTP label. 2016-02-07 13:22:20 +01:00
Fabio Napoleoni
10dd404159 Fixes pam authentication when dealing with virtual users 2016-02-07 03:48:44 +01:00
Fabio Napoleoni
607063b358 Do not cache user credentials 2016-02-07 02:53:43 +01:00
Fabio Napoleoni
bb3d1add3c Export user pass option in client when OTP is enabled 2016-02-06 21:40:11 +01:00
Fabio Napoleoni
c24a22deea Allow interactive usage 2016-02-06 21:38:26 +01:00
Fabio Napoleoni
6084261943 Improved script for user OTP generation, tested with pamtester 2016-02-06 21:31:08 +01:00
Fabio Napoleoni
5ca92a2c5e Fixed configuration for pam module to allow login of non existing user accounts, i.e. VPN only users. 2016-02-06 21:20:34 +01:00
Fabio Napoleoni
dd719c1f11 Save OTP variable in server env 2016-02-06 20:25:03 +01:00
Fabio Napoleoni
6fcebf9adb Server side configuration for OTP 2016-02-06 20:23:59 +01:00
Fabio Napoleoni
86d2a52f85 Install google authenticator in jessie 2016-02-06 19:45:42 +01:00
Fabio Napoleoni
1623afe651 Reverted to debian jessie 2016-02-06 19:40:54 +01:00
Kyle Manna
e7d0d4ea0e ovpn_run: Fix sysctl IPv6 forwarding write 
* I'm not sure if this ever worked without the `-w` flag.  Perhaps in an
  old version of sysctl?
 2015-12-29 13:33:55 -08:00
Kyle Manna
e50f4dcc23 Merge pull request #90 from ypid/added-badges 
Added badges showing a few key facts next to the CI status.
 2015-12-21 16:05:35 -08:00
Robin Schneider
96d17bb5a7 Added badges showing a few key facts next to the CI status. 
* Updated Docker Hub URL to new schema.
 2015-12-21 22:19:22 +01:00
Kyle Manna
f2111006ad Merge pull request #82 from vielmetti/patch-1 
Split tunnels, as documented in #51
 2015-11-30 13:43:22 -08:00
Edward Vielmetti
d520a58ec4 Split tunnels, as documented in #51 
Taking text from #51 and putting in into the FAQ to make it that much easier to find.
 2015-11-30 16:27:46 -05:00
Kyle Manna
1c290e60db Merge branch 'compression' 
Closes #81
 2015-11-29 10:16:13 -08:00
unknown
2fa3abe064 fixed getopts argument typo. removed ":" before "z" 2015-11-29 10:15:15 -08:00
Christian Tawfik
2650d4a286 COMP-lzo param is set in client config, if defined in server. 2015-11-29 10:15:15 -08:00
Christian Tawfik
2abbcf1999 added config param to enable COMP-LZO compression 2015-11-29 10:14:07 -08:00
Kyle Manna
818e8682d1 Dockerfile: EasyRSA is in community now 
* No longer in testing.
 2015-11-28 09:10:55 -08:00
Kyle Manna
3edc12a6b7 Merge pull request #78 from gdb/gdb/master 
Respect the -D flag
 2015-11-01 10:38:26 -08:00
Greg Brockman
ded4414ef4 Respect the -D flag 
It looks like edfbffb85f caused the
OVPN_DNS variable to start being ignored, meaning the -D flag was a
no-op.
 2015-10-31 19:39:32 -07:00
Kyle Manna
f277449569 Merge pull request #76 from discordianfish/push-custom-dns-servers 
Support pushing custom DNS servers
 2015-10-16 07:44:53 -07:00
Johannes 'fish' Ziemke
edfbffb85f Support pushing custom DNS servers 2015-10-16 15:41:22 +02:00
Kyle Manna
98cf2128c7 Merge pull request #70 from kylemanna/alpine 
Switch to Alpine for Base
 2015-10-04 08:24:18 -07:00
Kyle Manna
c3d526fd67 Merge branch 'master' into alpine 2015-09-29 11:43:08 -07:00
Kyle Manna
1498795de2 ovpn_copy_server_files: Use short flags with rm 
* The busybox tool in the alpine distro doesn't support long flags.
v1.1.0 		2015-09-29 11:42:17 -07:00
Kyle Manna
f00de363c7 ovpn_copy_server_files: Copy files without rsync 
* Hack around the missing rsync by using tar to preserve the directory
  structure.
* Fixes #73
 2015-09-29 11:28:04 -07:00
Kyle Manna
7f58926aa2 tests: Add test for paranoid ovpn_copy_server_files 
* Make sure this works
* Related to #73
 2015-09-29 10:44:53 -07:00
Kyle Manna
ba7860cced Merge branch 'travis-ci' into alpine 2015-09-22 15:03:20 -07:00
Kyle Manna
98340d7602 Merge pull request #71 from kylemanna/travis-ci 
Add Travis CI Testing
 2015-09-22 15:02:50 -07:00
Kyle Manna
9459804a1d README: Add Travis CI build status 
* Keeps people honest
 2015-09-22 14:36:19 -07:00
Kyle Manna
b298eb16bc travis-ci: Extend test to actually do a connection 
* Start the server
* Start the client
* Connect
* Profit
 2015-09-22 14:32:55 -07:00
Kyle Manna
2c3284acd6 travis-ci: Initial build test 
* Build and reports package version.
 2015-09-22 08:59:15 -07:00
Kyle Manna
23f66094ff alpine: Use easy-rsa in testing branch of alpine 
* Simplifes the Dockerfile significantly.
* No need for curl.
 2015-09-10 10:33:05 -07:00
Kyle Manna
3da0efa5bc alpine: Use alpine as base image instead of Debian 
* Debian Jessie -> Alpine 3.2: 150MB -> 15MB
 2015-09-08 10:07:16 -07:00
Kyle Manna
314eb15507 Merge pull request #69 from ypid/docker_no_network_paranoid_doc 
Only setup networking for containers which need it.
 2015-09-08 06:54:42 -07:00
Robin Schneider
ee9f4531ad Only setup networking for containers which need it. 
This should mitigate a hypothetical compromise of the scripts used to
manage the CA and other sensitive material.

The examples should still work and make sense although I have not tried
all of them with this change applied.

Note that I did not append the --net=none to all examples because in
some cases network is probably wanted.

* Changing this for all docs was not accepted by @kylemanna.
  https://github.com/kylemanna/docker-openvpn/pull/65#issuecomment-138559257
 2015-09-08 15:34:58 +02:00
Kyle Manna
41f7fd22ad Merge pull request #66 from ypid/copy_server_not_symlink 
ovpn_copy_server_files: Copy openvpn.conf instead of symlinking locally.
 2015-09-07 20:03:09 -07:00
Kyle Manna
d08df0189b Dockerfile: Chmod everything in /usr/local/bin 
* Keep it simple.
* Nothing should ever be put in bin that isn't excutable.
 2015-09-07 19:21:55 -07:00
Kyle Manna
d96378a391 Dockerfile: Streamline tarball extraction 
* No point in writing it to the disk and then deleting it
* Extract it in place
 2015-09-07 19:21:07 -07:00
Julian Vassev
32029c98c8 Update to easyrsa 3.0 
virtual size 60mb smaller, git replaced by curl
 2015-09-08 01:11:32 +03:00
Robin Schneider
3df53012b6 ovpn_copy_server_files: Copy openvpn.conf instead of symlinking locally. 
Symlinked files can be resolved by rsync when using the configuration on remote
servers but for local testing having the actual file is beneficial.
 2015-08-27 21:19:27 +02:00
Kyle Manna
74c4ca94a7 Merge pull request #62 from ypid/docs-rework 
Updated documentation.
 2015-08-26 08:42:58 -07:00