David Butler
7a9abf4c14
Update README.md
2016-02-10 12:37:56 -06:00
David Butler
44055aa687
added docs for SELinux policy file
2016-02-10 12:34:35 -06:00
David Butler
8356a664d8
Added linux policy file
2016-02-10 12:25:45 -06:00
Fabio Napoleoni
ba7b925a9f
Using a different volume name for otp test, should allow tests to run
2016-02-10 17:12:49 +01:00
Fabio Napoleoni
517ad6aeb2
Implemented tests for 2 factor authentication
2016-02-10 16:59:15 +01:00
Fabio Napoleoni
9c6f3311a1
Fix for Dockerfile, trailing slash is needed.
2016-02-07 14:45:28 +01:00
Fabio Napoleoni
dc4656ef48
OTP documentation
2016-02-07 14:30:56 +01:00
Fabio Napoleoni
e8d93ea4fa
Use $USER@$OVPN_CN for OTP label.
2016-02-07 13:22:20 +01:00
Fabio Napoleoni
10dd404159
Fixes pam authentication when dealing with virtual users
2016-02-07 03:48:44 +01:00
Fabio Napoleoni
607063b358
Do not cache user credentials
2016-02-07 02:53:43 +01:00
Fabio Napoleoni
bb3d1add3c
Export user pass option in client when OTP is enabled
2016-02-06 21:40:11 +01:00
Fabio Napoleoni
c24a22deea
Allow interactive usage
2016-02-06 21:38:26 +01:00
Fabio Napoleoni
6084261943
Improved script for user OTP generation, tested with pamtester
2016-02-06 21:31:08 +01:00
Fabio Napoleoni
5ca92a2c5e
Fixed configuration for pam module to allow login of non existing user accounts, i.e. VPN only users.
2016-02-06 21:20:34 +01:00
Fabio Napoleoni
dd719c1f11
Save OTP variable in server env
2016-02-06 20:25:03 +01:00
Fabio Napoleoni
6fcebf9adb
Server side configuration for OTP
2016-02-06 20:23:59 +01:00
Fabio Napoleoni
86d2a52f85
Install google authenticator in jessie
2016-02-06 19:45:42 +01:00
Fabio Napoleoni
1623afe651
Reverted to debian jessie
2016-02-06 19:40:54 +01:00
Kyle Manna
e7d0d4ea0e
ovpn_run: Fix sysctl IPv6 forwarding write
...
* I'm not sure if this ever worked without the `-w` flag. Perhaps in an
old version of sysctl?
2015-12-29 13:33:55 -08:00
Kyle Manna
e50f4dcc23
Merge pull request #90 from ypid/added-badges
...
Added badges showing a few key facts next to the CI status.
2015-12-21 16:05:35 -08:00
Robin Schneider
96d17bb5a7
Added badges showing a few key facts next to the CI status.
...
* Updated Docker Hub URL to new schema.
2015-12-21 22:19:22 +01:00
Kyle Manna
f2111006ad
Merge pull request #82 from vielmetti/patch-1
...
Split tunnels, as documented in #51
2015-11-30 13:43:22 -08:00
Edward Vielmetti
d520a58ec4
Split tunnels, as documented in #51
...
Taking text from #51 and putting in into the FAQ to make it that much easier to find.
2015-11-30 16:27:46 -05:00
Kyle Manna
1c290e60db
Merge branch 'compression'
...
Closes #81
2015-11-29 10:16:13 -08:00
unknown
2fa3abe064
fixed getopts argument typo. removed ":" before "z"
2015-11-29 10:15:15 -08:00
Christian Tawfik
2650d4a286
COMP-lzo param is set in client config, if defined in server.
2015-11-29 10:15:15 -08:00
Christian Tawfik
2abbcf1999
added config param to enable COMP-LZO compression
2015-11-29 10:14:07 -08:00
Kyle Manna
818e8682d1
Dockerfile: EasyRSA is in community now
...
* No longer in testing.
2015-11-28 09:10:55 -08:00
Kyle Manna
3edc12a6b7
Merge pull request #78 from gdb/gdb/master
...
Respect the -D flag
2015-11-01 10:38:26 -08:00
Greg Brockman
ded4414ef4
Respect the -D flag
...
It looks like edfbffb85f
caused the
OVPN_DNS variable to start being ignored, meaning the -D flag was a
no-op.
2015-10-31 19:39:32 -07:00
Kyle Manna
f277449569
Merge pull request #76 from discordianfish/push-custom-dns-servers
...
Support pushing custom DNS servers
2015-10-16 07:44:53 -07:00
Johannes 'fish' Ziemke
edfbffb85f
Support pushing custom DNS servers
2015-10-16 15:41:22 +02:00
Kyle Manna
98cf2128c7
Merge pull request #70 from kylemanna/alpine
...
Switch to Alpine for Base
2015-10-04 08:24:18 -07:00
Kyle Manna
c3d526fd67
Merge branch 'master' into alpine
2015-09-29 11:43:08 -07:00
Kyle Manna
1498795de2
ovpn_copy_server_files: Use short flags with rm
...
* The busybox tool in the alpine distro doesn't support long flags.
2015-09-29 11:42:17 -07:00
Kyle Manna
f00de363c7
ovpn_copy_server_files: Copy files without rsync
...
* Hack around the missing rsync by using tar to preserve the directory
structure.
* Fixes #73
2015-09-29 11:28:04 -07:00
Kyle Manna
7f58926aa2
tests: Add test for paranoid ovpn_copy_server_files
...
* Make sure this works
* Related to #73
2015-09-29 10:44:53 -07:00
Kyle Manna
ba7860cced
Merge branch 'travis-ci' into alpine
2015-09-22 15:03:20 -07:00
Kyle Manna
98340d7602
Merge pull request #71 from kylemanna/travis-ci
...
Add Travis CI Testing
2015-09-22 15:02:50 -07:00
Kyle Manna
9459804a1d
README: Add Travis CI build status
...
* Keeps people honest
2015-09-22 14:36:19 -07:00
Kyle Manna
b298eb16bc
travis-ci: Extend test to actually do a connection
...
* Start the server
* Start the client
* Connect
* Profit
2015-09-22 14:32:55 -07:00
Kyle Manna
2c3284acd6
travis-ci: Initial build test
...
* Build and reports package version.
2015-09-22 08:59:15 -07:00
Kyle Manna
23f66094ff
alpine: Use easy-rsa in testing branch of alpine
...
* Simplifes the Dockerfile significantly.
* No need for curl.
2015-09-10 10:33:05 -07:00
Kyle Manna
3da0efa5bc
alpine: Use alpine as base image instead of Debian
...
* Debian Jessie -> Alpine 3.2: 150MB -> 15MB
2015-09-08 10:07:16 -07:00
Kyle Manna
314eb15507
Merge pull request #69 from ypid/docker_no_network_paranoid_doc
...
Only setup networking for containers which need it.
2015-09-08 06:54:42 -07:00
Robin Schneider
ee9f4531ad
Only setup networking for containers which need it.
...
This should mitigate a hypothetical compromise of the scripts used to
manage the CA and other sensitive material.
The examples should still work and make sense although I have not tried
all of them with this change applied.
Note that I did not append the --net=none to all examples because in
some cases network is probably wanted.
* Changing this for all docs was not accepted by @kylemanna.
https://github.com/kylemanna/docker-openvpn/pull/65#issuecomment-138559257
2015-09-08 15:34:58 +02:00
Kyle Manna
41f7fd22ad
Merge pull request #66 from ypid/copy_server_not_symlink
...
ovpn_copy_server_files: Copy openvpn.conf instead of symlinking locally.
2015-09-07 20:03:09 -07:00
Kyle Manna
d08df0189b
Dockerfile: Chmod everything in /usr/local/bin
...
* Keep it simple.
* Nothing should ever be put in bin that isn't excutable.
2015-09-07 19:21:55 -07:00
Kyle Manna
d96378a391
Dockerfile: Streamline tarball extraction
...
* No point in writing it to the disk and then deleting it
* Extract it in place
2015-09-07 19:21:07 -07:00
Julian Vassev
32029c98c8
Update to easyrsa 3.0
...
virtual size 60mb smaller, git replaced by curl
2015-09-08 01:11:32 +03:00