Welcome to FreeSoftwareServers Confluence Wiki

I chose https://github.com/kylemanna/docker-openvpn as DigitalOcean recommended that image.

I did make a few alterations, such as not using a "volume/container", but mapping "/etc/openvpn:/etc/openvpn". It is easy to see how I did it below vs guide. I also named the container "openvpn" or it showed up "mussing_mcclintock"? I like to have direct access to my files so I didn't use the container, and I'd like to think this would make re-deploying easier, but I've never used docker this way. You "use" the container to create the config/client files etc. like so.

#docker volume create --name $OVPN_DATA # I have directly mapped /etc/openvpn
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://$OVPN_URL
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki

Start OpenVPN server process: # Added --name="openvpn"

docker run --name="openvpn" -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn

Generate a client certificate without a passphrase:

docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full $USER nopass

Generate "ovpn client file" in $OVPN_DATA/:

docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient $USER> $OVPN_DATA/$USER.ovpn

Automate/Control via SystemD:

Note: A few changes, like the "name" and the "data" variables need to be updated in the init script

curl -L https://raw.githubusercontent.com/kylemanna/docker-openvpn/master/init/docker-openvpn%40.service >> /lib/systemd/system/openvpn.service
sed -i -e 's/NAME=ovpn-%i/NAME=openvpn/g' /lib/systemd/system/openvpn.service
sed -i -e 's|DATA_VOL=ovpn-data-%i|DATA_VOL=/etc/openvpn|g' /lib/systemd/system/openvpn.service
systemctl enable openvpn
systemctl start openvpn
systemctl status openvpn
  • No labels