allanger/container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Activity
355 Commits 5 Branches 6 Tags
d454a20e80aaf26fa46934a846b857f9d22329c5
Commit Graph

60 Commits

Author SHA1 Message Date
Nate Jones
c8ba567333 only block external dns when default route is pushed 2017-03-07 23:21:17 +00:00
Ryan Schlesinger
fbb97918cf Only load config from temp file if not empty 2017-02-18 14:09:19 -08:00
Ryan Schlesinger
e282e1eed0 Add -E flag for adding extra client config 2017-02-18 13:53:35 -08:00
Tilo Spannagel
1d2a2e8b29 Added IPv6 support 
Signed-off-by: Tilo Spannagel <development@tilosp.de>
 2017-02-08 09:29:47 +01:00
Kyle Manna
be165e209e Merge pull request #208 from lhopki01/master 
Fix issue with connection resetting every hour when using otp.
 2017-01-26 22:42:04 -08:00
Jan Kunzmann
8f304ea3fe bugfix: custom route definition didn't override default 2017-01-25 01:25:08 +01:00
Luke
fbdc8e32c6 remove debugging extra 2017-01-24 14:40:48 +00:00
Luke
3ebc4903d8 automatically add reneg-sec 0 to client and server configs when otp is being used to avoid connection resetting every hour. Edit docs to make clear that a more secure cipher needs to be selected to use with otp to avoid the connection being reset every 64 MB of data 2017-01-24 14:37:48 +00:00
Sylvain Lamontagne
72a3c8a001 Fix for regression 
As I reworked the push options, a bug got introduced where a duplication
of push in the config for the DNS dhcp-options would make it to fail.
There was no tests covering this, so I did not catch it earlier.

I've add the missing tests and fix the bug
 2016-09-22 18:12:45 -04:00
Sylvain Lamontagne
2e943378d1 Too many arguments while pushing route 
So I was trying to push a route to my client and the script failed with
'too many arguments', I reworked this part and took the opportunity to
rework a little bit the way push and routes were handled.

I also added some tests and validated that what I changed would not
break what was there before.
 2016-09-22 16:02:59 -04:00
Sylvain Lamontagne
e8eb1dda0c Added extra config doc in faqs and fixed an unlikely unbound variable 2016-09-20 12:53:29 -04:00
Sylvain Lamontagne
39996ed568 Fix Unbound Variables 2016-09-16 18:50:48 -04:00
Sylvain Lamontagne
1807bc6dc4 Add multiple extra config option 
Add bash traceback in case an error occured
 2016-09-16 18:42:45 -04:00
Kyle Manna
9e7b363758 genconfig: Clean-up usage() display 
* Semi-sorted order.
* Move arguments with flags up.
 2016-09-03 15:45:55 -07:00
Achint Sandhu
bcedc8d6d6 Fix for Windows 10 DNS Leak 
The patch includes an update to the OpenVPN server config to
address a DNS leak when using Windows 10, as documented at:
https://community.openvpn.net/openvpn/ticket/605
 2016-07-05 13:29:45 -04:00
Emmanuel Frecon
c12fdcd83f Automatically creating CCD directory 2016-06-08 09:14:08 +02:00
Nate Jones
191cb45106 allow specifying extra config 2016-05-16 09:56:27 -07:00
Rudi Starcevic
74bfad0aac Add openvpn.conf gerneration -f fragment directive option 2016-04-06 15:06:02 +08:00
Fabio Napoleoni
d481313311 Back to Alpine Linux using packaged version of google-authenticator 2016-02-11 18:10:51 +01:00
Fabio Napoleoni
dd719c1f11 Save OTP variable in server env 2016-02-06 20:25:03 +01:00
Fabio Napoleoni
6fcebf9adb Server side configuration for OTP 2016-02-06 20:23:59 +01:00
unknown
2fa3abe064 fixed getopts argument typo. removed ":" before "z" 2015-11-29 10:15:15 -08:00
Christian Tawfik
2abbcf1999 added config param to enable COMP-LZO compression 2015-11-29 10:14:07 -08:00
Greg Brockman
ded4414ef4 Respect the -D flag 
It looks like edfbffb85f caused the
OVPN_DNS variable to start being ignored, meaning the -D flag was a
no-op.
 2015-10-31 19:39:32 -07:00
Johannes 'fish' Ziemke
edfbffb85f Support pushing custom DNS servers 2015-10-16 15:41:22 +02:00
Robin Schneider
d6209eebc2 Allow to change security related options tls-cipher, cipher and auth. 2015-08-26 12:56:40 +02:00
Thomas Emmerling
3703d3afc3 Add a parameter to use TAP instead of TUN device. 2015-08-19 00:46:07 +02:00
Kyle Manna
34d9601e6e ovpn_run: Assume /etc/openvpn is read-only 
* Systemd service currently marks the mount as read-only, and this is
  regarded as good practice for server/daemon only operation.
* Don't create /etc/openvpn/ccd as the mount may be read-only.
* Append the client-config-dir command line argument if it is found to
  avoid mkdir operation.
* Mount can easily be modified using a different docker run line with
  ":ro" on the volume mount.
 2015-07-27 20:26:43 -07:00
Kyle Manna
e53492850f crl: Pass crl-verify if found 
* Empty CRLs don't work.
* Avoids confusing easyrsa during the init step where it thinks an
  existing PKI configuration exists.
* Add to ovpn_run to help users that are upgrading and ran genconfig
  which now depends on the file being present.
* Use a hardlink to tip toe around permissions issues.
 2015-05-12 02:10:43 -07:00
Kyle Manna
5021bad597 ovpn: Add support for revoking certificates (CRL) 
* Add this much needed missing feature.  Easy RSA makes it... easy.
 2015-05-11 10:41:25 -07:00
Kyle Manna
c3024ce335 genconfig: Remove duplicate-cn mention 
* Remove the commented out duplicate-cn configuration option
* Leads to confusion
* Related #42
 2015-05-09 15:19:24 -07:00
Kyle Manna
88c76c787e genconfig: Turn off exit on error at end 
* Need to check return status of diff, but don't want a false return
  code to exit the script.
* Fixes #35
 2015-03-09 09:19:38 -07:00
Kyle Manna
8d8f19d951 genconfig: Describe backup conf deletion 
* Handle back-up configuration deletion better by informing the user
  why the back-up vanished and why.
* Closes #33
 2015-03-07 16:35:08 -08:00
omriiluz
43ae3eb61d properly clone arrays 2015-02-28 03:22:08 -08:00
omriiluz
6b23cf8d88 do not accumulate routes and push directives from default if new directives were defined 2015-02-28 03:01:00 -08:00
omriiluz
e9d1022eb4 Disable bash debug (xtrace) by default, re-enable with -e DEBUG=1 2015-02-28 02:45:31 -08:00
omriiluz
1cb38ce146 Support client mtu push 2015-01-17 01:07:52 -08:00
Omri Iluz
1e2418ae37 Control external NAT creation 2015-01-17 00:56:46 -08:00
Omri Iluz
97f231b4e7 Control default DNS push with -D flag 2015-01-17 00:56:21 -08:00
Omri Iluz
bf50da4ee2 Remove hard coded DNS push. 
TODO: control with cmdline option
 2015-01-16 03:36:47 -08:00
Jimmy Wong
31a8584685 Run daemon as nobody 2015-01-01 22:57:28 -08:00
Samuel Leathers
f1616f7196 fixing regexp to allow dashes in OVPN_SERVER_URL 2014-08-16 22:32:16 -04:00
Kyle Manna
b9cc5b347a genconfig: Convert OVPN_ROUTES to array 
* Convert to an array to simplify the code.
* This breaks running `ovpn_genconfig` multiple times with the same
  route argument as the array will just grow.  This needs to be fixed in
  the future.
* Recommended way to work around this is to remove ovpn_env.sh.
 2014-07-09 11:06:02 -07:00
Kyle Manna
20be0f90a5 genconfig: Add push support 
* Add ability to specify push commands with `-p` argument.
 2014-07-09 10:55:02 -07:00
Kyle Manna
0c873ab4cf genconfig: Print success 
* Print success message to console. Provides positive feedback.
 2014-07-09 10:53:41 -07:00
Kyle Manna
f263eb9a61 genconfig: Add client-to-client support 2014-07-09 10:53:25 -07:00
Kyle Manna
e933fbe923 genconfig: Handle "-r 0" to disable extra routes 
* Disable extra routes for minimal VPNs.
 2014-07-06 10:52:39 -07:00
Kyle Manna
f1e85c959e genconfig: Fix typo, use Docker for port mapping 
* Use docker run ... -p 1337:1194/udp kylemanna/openvpn
 2014-07-06 10:51:44 -07:00
Kyle Manna
f221b0f0d0 genconfig: Handle route default env 
* Handle re-inheriting previous routes if not overriden
* Handle leading whitespace
 2014-07-05 22:27:30 -07:00
Kyle Manna
6fe867c52b genconfig: Add getopts parsing 
* Pass public server URL via -u argument instead of $1
* Add ability to specify multiple alternative routes
* Add ability to specify override default server internal subnet
* Add ability to write configs without a default route out, not
  implemented in other configs yet
 2014-07-05 22:27:04 -07:00