So i've talked about
this for a little while, and i've decided that I will post another
short little guide about it today. I think one of the things I like
about Docker (yes, I said like, don't judge me!) is that you get an
almost apt-like experience with some cool applications. A great
example of this is deploying OpenVPN in next to no time at all.
So this is going to
be short and sweet, i'm going to take for granted you have Docker
installed on your box. If you don't then hop on to a search engine
(why not try Bing, I hear great things about it) and look for a guide
about installing Docker on your platform.
We're going to use
the excellent work of kylemanna
(https://github.com/kylemanna/docker-openvpn)
the commands below will automatically pull down the image, but as
usual feel free to clone and 'docker build' the image. Also, you're
going to need a public facing IP address or domain. If you're
planning on doing this at home, may I suggest running over to
https://nsupdate.info/ for
dynamic dns if you don't already have something.
Red, indicates your input!
# lets get a data-only container spun up, this will also place a folder in your working directory called openvpn.
$ docker run --name openvpn-data -v /srv/docker/openvpn:/etc/openvpn busybox
# lets get the config files and certificates set-up certificate
$ docker run --volumes-from openvpn-data --rm kylemanna/openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM
$ docker run --volumes-from openvpn-data --rm -it kylemanna/openvpn ovpn_initpki
# you'll be asked to set some passwords for your OpenVPN's certs. Whatever you like is cool with me.
# Let's get the OpenVPN up and running $ docker run --volumes-from openvpn-data -d -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn
So you've just
deployed OpenVPN in a container, with persistent storage in 4
commands. I know right, it's kinda cool to suddenly be able to have
a OpenVPN on any box you can run docker on without being a card
carrying member of the sandal brigade. However we're not finished
just yet. Lets generate some certificates for our end-users (this is
probably you). Remember that password stuff we did, you'll need the ca one.
# Generate some client config files, remember to change CLIENTNAME to the Name of your Client ;) $ docker run --volumes-from openvpn-data --rm -it kylemanna/openvpn easyrsa build-client-full CLIENTNAME nopass # and lets retrieve the files $ docker run --volumes-from openvpn-data --rm kylemanna/openvpn ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn
You'll find a .ovpn file in your working directory which should work with most OpenVPN client implementations, however inside that openvpn folder you'll find your client certificate files if you need them. I'd suggest you does
this for every device you want to connect to have connected to your
OpenVPN container. What I mean is for CLIENTNAME
you have PHONE
and LAPTOP
and OTHERLAPTOP,
so on and so forth. Trust me, in the end, makes life easier for you.
That's it, you're up
and running with OpenVPN. If you want to autostart your OpenVPN
container, so when your box reboots it starts again look into the
'--restart=always' switch ($
docker run --volumes-from openvpn-data -d -p 1194:1194/udp
--cap-add=NET_ADMIN –restart=always kylemanna/openvpn)
Now for the very
cool trick with this, Digital-Ocean. You basically can have OpenVPN
in the 'cloud' for 7 cents a day. You can then destroy it once
you're done, or have it as a OpenVPN deployment you use when you're
out an about. That's your choice. Do me a solid though, if you've
not signed for Digital-Ocean and want to try it signup with this link
please (http://tiny.cc/finuxdo)
its my referral link, and i'll get some credits on my DO account.
Also, go read the github page from Kylemanna. Its full of useful information, and its an example of how people who maintain docker-images should document them https://github.com/kylemanna/docker-openvpn
Finux Xx
Also, go read the github page from Kylemanna. Its full of useful information, and its an example of how people who maintain docker-images should document them https://github.com/kylemanna/docker-openvpn
Finux Xx