1.9 KiB
Docker + OpenVPN systemd Service
The systemd service aims to make the update and invocation of the
docker-openvpn
container seamless. It automatically downloads the latest
docker-openvpn
image and instantiates a Docker container with that image. At
shutdown it cleans-up the old container.
In the event the service dies (crashes, or is killed) systemd will attempt to
restart the service every 10 seconds until the service is stopped with
systemctl stop docker-openvpn@NAME.service
.
A number of IPv6 hacks are incorporated to workaround Docker shortcomings and are harmless for those not using IPv6.
To use and enable automatic start by systemd:
-
Create a Docker volume container named
ovpn-data-NAME
whereNAME
is the user's choice to describe the use of the container. In this example configuration,NAME=example
.OVPN_DATA="ovpn-data-example" docker volume create --name $OVPN_DATA
-
Initialize the data container, but don't start the container :
docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki
-
Download the docker-openvpn@.service file to
/etc/systemd/system
:curl -L https://raw.githubusercontent.com/kylemanna/docker-openvpn/master/init/docker-openvpn%40.service | sudo tee /etc/systemd/system/docker-openvpn@.service
-
Enable and start the service with:
systemctl enable --now docker-openvpn@example.service
-
Verify service start-up with:
systemctl status docker-openvpn@example.service journalctl --unit docker-openvpn@example.service
For more information, see the systemd manual pages.