Commit Graph

198 Commits

Author SHA1 Message Date
Omri Iluz
3eeee022fd Create NAT if OVPN_NAT is set (flag -N) 2015-01-17 01:00:18 -08:00
Omri Iluz
1e2418ae37 Control external NAT creation 2015-01-17 00:56:46 -08:00
Omri Iluz
97f231b4e7 Control default DNS push with -D flag 2015-01-17 00:56:21 -08:00
Omri Iluz
bf50da4ee2 Remove hard coded DNS push.
TODO: control with cmdline option
2015-01-16 03:36:47 -08:00
Kyle Manna
f6b177df4e README: Update DO link to $5/mo page
* Update DO link to $5/mo pricing page.  Makes it easier to compare to
  standalone VPN providers.
2015-01-13 14:43:59 -08:00
Kyle Manna
b8de403958 README: Remove port on genconfig line
* The internal port is always 1194 in the container since f1e85c959
* Users wanting to operate on a different public port should change the
  `ovpn_run` line to do the the appropriate thing with `-p` argument.
2015-01-13 14:27:24 -08:00
Jimmy Wong
31a8584685 Run daemon as nobody 2015-01-01 22:57:28 -08:00
Kyle Manna
384beb888a README: Miscellaneous Fixes
* Fix typo and grammar
2015-01-01 22:57:19 -08:00
Kyle Manna
52725702e2 init: Add upstart init file
* Add an Upstart init file to reliably start and stop the container.
2014-12-15 16:01:07 -08:00
Kyle Manna
8cd45f1139 Merge pull request #22 from ZackAdams/master
Fixed SIGTERM handling
2014-12-10 08:22:37 -08:00
Zack Adams
73c206d14a Fixed SIGTERM handling 2014-12-10 10:36:00 -05:00
Kyle Manna
bfb896f716 Merge pull request #21 from flecno/master
no connection block in client config
2014-12-08 13:33:48 -08:00
Timo Zingel
f2148d99ae no connection block in client config 2014-12-08 21:07:46 +01:00
Kyle Manna
473671a4d0 Dockerfile: Shallow clone EasyRSA v3
* Do a shallow clone for a smaller checkout
* Condense multiple run lines to a single RUN line for a flatter image.
2014-12-05 14:07:00 -08:00
Kyle Manna
19f4c5cde4 Dockerfile: Clean-up after apt operations
* Delete old files to keep the image lean.
2014-12-05 13:55:53 -08:00
Kyle Manna
17ef8cebfc docs: advanced: Fix typo
* ... and feed the grammar Nazi
2014-11-16 10:06:04 -08:00
Kyle Manna
f07e4ad531 README: Remove mention of only UDP support
* This was fixed a while ago
  * 9951ca6ca2
* Closes #15
2014-11-16 10:01:59 -08:00
Kyle Manna
656be240b6 README: Add Digital Ocean reference
* Include promo code, because why not?
2014-10-29 08:06:31 -07:00
Kyle Manna
b06631099f Merge pull request #12 from compressed/dup_iptables
avoid dup iptables rules
2014-10-23 09:55:08 -07:00
Christopher Brickley
be22048a2b avoid dup iptables rules 2014-10-23 09:16:51 -04:00
Kyle Manna
f05de3eb84 README: Fix Markdown indent
* Indent to get pre-formatted code box.
2014-10-06 22:34:27 -07:00
Kyle Manna
543292e124 Merge pull request #10 from adrianolek/patch-1
Use --cap-add=NET_ADMIN instead of --privileged
2014-10-06 22:22:30 -07:00
Adrian Olek
8c7d020074 Use --cap-add=NET_ADMIN instead of --privileged
Ovpn doesn't need all the capabilities.
https://docs.docker.com/reference/run/#runtime-privilege-linux-capabilities-and-lxc-configuration says:
For interacting with the network stack, instead of using --privileged they should use --cap-add=NET_ADMIN to modify the network interfaces.
2014-10-06 20:09:23 +02:00
Kyle Manna
a69ca8d65e Merge pull request #8 from disassembler/master
fixing regexp to allow dashes in OVPN_SERVER_URL
2014-08-17 12:53:31 -07:00
Samuel Leathers
f1616f7196 fixing regexp to allow dashes in OVPN_SERVER_URL 2014-08-16 22:32:16 -04:00
Kyle Manna
d36bb7ecba getclient: Do not autogenerate key
* Do not autogenerate a key if it does not exist.  Instead fail.
* Requires users to explicitly generate keys and prevents generating
  erroneous keys in the event of a typo.
2014-07-10 09:55:06 -07:00
Kyle Manna
76a230b3be Merge branch 'docs' 2014-07-09 12:24:30 -07:00
Kyle Manna
5fd47763d7 README: Add --rm to init steps
* Don't need these containers to stick around polluting docker.
2014-07-09 12:23:48 -07:00
Kyle Manna
37f86037d8 advanced: Add advanced configs
* Copy paste stuff for using host mounted volumes
2014-07-09 12:21:50 -07:00
Kyle Manna
e9c5108a8f debug: Add mention of shells
* Very useful for getting in a running container or fix a data volume.
2014-07-09 12:21:38 -07:00
Kyle Manna
816eff9af6 docs: openvpn-data -> $OVPN_DATA
* Easier to work with.
2014-07-09 12:09:27 -07:00
Kyle Manna
c38b412dc6 Merge branch 'private_subnet'
Closes #5
2014-07-09 11:10:54 -07:00
Kyle Manna
b9cc5b347a genconfig: Convert OVPN_ROUTES to array
* Convert to an array to simplify the code.
* This breaks running `ovpn_genconfig` multiple times with the same
  route argument as the array will just grow.  This needs to be fixed in
  the future.
* Recommended way to work around this is to remove ovpn_env.sh.
2014-07-09 11:06:02 -07:00
Kyle Manna
20be0f90a5 genconfig: Add push support
* Add ability to specify push commands with `-p` argument.
2014-07-09 10:55:02 -07:00
Kyle Manna
0c873ab4cf genconfig: Print success
* Print success message to console. Provides positive feedback.
2014-07-09 10:53:41 -07:00
Kyle Manna
f263eb9a61 genconfig: Add client-to-client support 2014-07-09 10:53:25 -07:00
Kyle Manna
d5979915cf README: Use variable for volume container name
* Use a variable for the volume container name to simplify my life.
* I can set the variable and then copy/paste from the README.
2014-07-09 00:07:35 -07:00
Kyle Manna
201bab6f3d Dockerfile: Set WORKDIR to /etc/openvpn
* Set WORKDIR to simply admin when I run cmd `bash`
* Add comment on port
2014-07-06 10:55:17 -07:00
Kyle Manna
e933fbe923 genconfig: Handle "-r 0" to disable extra routes
* Disable extra routes for minimal VPNs.
2014-07-06 10:52:39 -07:00
Kyle Manna
f1e85c959e genconfig: Fix typo, use Docker for port mapping
* Use docker run ... -p 1337:1194/udp kylemanna/openvpn
2014-07-06 10:51:44 -07:00
Kyle Manna
d412ce9f7e getclient: Fix sourced env variables
* Update to use the sourced environemental variables.
* Add switch for not using default gateway.
2014-07-06 00:25:14 -07:00
Kyle Manna
c3321abce5 README: Minor typo
* Multiple steps now. Tweak.
2014-07-06 00:24:54 -07:00
Kyle Manna
ca8f41f341 backup: Add restore step
* Add restore step
* Use lzma compression since we're in the 2010's
2014-07-06 00:11:27 -07:00
Kyle Manna
31d631443f README: Update to reflect recent changes
* Change argument parameters.

Closes #4
2014-07-05 23:35:47 -07:00
Kyle Manna
f221b0f0d0 genconfig: Handle route default env
* Handle re-inheriting previous routes if not overriden
* Handle leading whitespace
2014-07-05 22:27:30 -07:00
Kyle Manna
3b13cf9918 run: Handle NAT routes dynamically
* Handle the NAT routes dynamically
* Stop caring about backwards compatibility for now
2014-07-05 22:27:15 -07:00
Kyle Manna
6ca11162a5 init: Rename to initpki
* This function only initialize the EasyRSA PKI tools now.
* Decoupled from the init process.
2014-07-05 22:27:15 -07:00
Kyle Manna
6fe867c52b genconfig: Add getopts parsing
* Pass public server URL via -u argument instead of $1
* Add ability to specify multiple alternative routes
* Add ability to specify override default server internal subnet
* Add ability to write configs without a default route out, not
  implemented in other configs yet
2014-07-05 22:27:04 -07:00
Kyle Manna
852d404c12 env: Re-work environment code
* Instead of storing just a server_url which was necessary to
  regenerate the OpenVPN configs, instead store an env file.
* Move all the env parsing to `ovpn_genconfig` so that it can be re-run
  from genconfig instead of from `ovpn_init`.
* Remove all the parsing and env defaults except for genconfig.

NOTE: This breaks the older config method, uesrs will need to re-run
genconfig with an arg[1] as the previous server_url, this will create
the necessary env file the rest of the tools expect.

Example recovery for legacy users:

    host$ docker run --rm -it kylemanna/openvpn bash -l
    container# ovpn_genconfig $(cat /etc/openvpn/server_url)
2014-07-05 22:07:24 -07:00
Kyle Manna
60671e6819 genconfig: Delete backup if configs are identical
* Avoid accumulating noise.
2014-07-01 08:30:28 -07:00