69 lines
1.4 KiB
Markdown
69 lines
1.4 KiB
Markdown
# Quick Start with docker-compose
|
|
|
|
* Add a new service in docker-compose.yml
|
|
|
|
```yaml
|
|
version: '2'
|
|
services:
|
|
openvpn:
|
|
cap_add:
|
|
- NET_ADMIN
|
|
image: kylemanna/openvpn
|
|
container_name: openvpn
|
|
ports:
|
|
- "1194:1194/udp"
|
|
restart: always
|
|
volumes:
|
|
- ./openvpn-data/conf:/etc/openvpn
|
|
```
|
|
|
|
|
|
* Initialize the configuration files and certificates
|
|
|
|
```bash
|
|
docker-compose run --rm openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM
|
|
docker-compose run --rm openvpn ovpn_initpki
|
|
```
|
|
|
|
* Fix ownership (depending on how to handle your backups, this may not be needed)
|
|
|
|
```bash
|
|
sudo chown -R $(whoami): ./openvpn-data
|
|
```
|
|
|
|
* Start OpenVPN server process
|
|
|
|
```bash
|
|
docker-compose up -d openvpn
|
|
```
|
|
|
|
* You can access the container logs with
|
|
|
|
```bash
|
|
docker-compose logs -f
|
|
```
|
|
|
|
* Generate a client certificate
|
|
|
|
```bash
|
|
export CLIENTNAME="your_client_name"
|
|
# with a passphrase (recommended)
|
|
docker-compose exec openvpn easyrsa build-client-full $CLIENTNAME
|
|
# without a passphrase (not recommended)
|
|
docker-compose exec openvpn easyrsa build-client-full $CLIENTNAME nopass
|
|
```
|
|
|
|
* Retrieve the client configuration with embedded certificates
|
|
|
|
```bash
|
|
docker-compose exec openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn
|
|
```
|
|
|
|
## Debugging Tips
|
|
|
|
* Create an environment variable with the name DEBUG and value of 1 to enable debug output (using "docker -e").
|
|
|
|
```bash
|
|
docker-compose run -e DEBUG=1 openvpn
|
|
```
|