This is a docker image forked out of the kylemanna/docker-openvpn repo to be used in Enonic Cloud. Feel free to use it on your own server too as this is made to be compatible with a generic docker-compose setup too.
- Create a
docker-compose.ymlfile in your repo and add the following content:
openvpn:
image: enoniccloud/openvpn
restart: always
ports:
- "1194:1194/tcp"
volumes_from:
- "storage"
cap_add:
- NET_ADMIN
labels:
io.enonic.backup.data: '/etc/openvpn'
storage:
image: busybox
volumes:
- '/etc/openvpn'
- Commit it to your projects repo and build it.
- Verify that your docker installation is connected to the right host, and run the following commands to configure Openvpn:
docker-compose run --rm openvpn ovpn_genconfig -u udp://your.servers.name.comdocker-compose run --rm openvpn ovpn_initpki- set mssfix if default mtu is not 1500 in your network by adding
mssfix 1410to the end of /etc/openvpn/openvpn.conf
- Now start up your Openvpn project:
docker-compose up -d openvpn
- Connect to your docker host.
- Create a passwordless certificate for the user:
docker-compose run --rm openvpn easyrsa build-client-full CLIENTNAME nopass - Download the client configuration with embedded certificates:
docker-compose run --rm openvpn ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn
- Revoke the client certificate:
docker-compose run --rm openvpn easyrsa revoke CLIENTNAME - Generate crl:
docker-compose run --rm openvpn easyrsa gen-crl
- Run the following commands to list certificates:
docker-compose run --rm openvpn ovpn_listclients