Code Monkey home page Code Monkey logo

docker-openvpn's Introduction

docker-openvpn

Join the Community Become a Sponsor One-time Donation
Docker Image Version Docker Pulls License Docker Cloud Build Status

Docker image for OpenVPN client/server.

This container can run as an OpenVPN server or as an OpenVPN client and provide a VPN tunnel for other containers to utilize via Docker's shared networking stack (i.e. --net container:[NAME]).

Running the Container

Place your OpenVPN client/server configuration file in a directory on your host file system (i.e. /srv/openvpn) with the name openvpn.conf. You should also place your client/server certs, keys and any additional files required in this directory.

Running as an OpenVPN server

Run the OpenVPN container and map your local config directory (/srv/openvpn) to the container config directory (/vol/config) and map ports to your host OS:

docker run -d -v /srv/openvpn:/vol/config -p 443:443 -p 943:943 -p 1194:1194/udp --privileged --name openvpn-server phlak/openvpn --server [NETWORK] [NETMASK]

Running as an OpenVPN client

Run the OpenVPN container and map your local config directory (/srv/openvpn) to the container config directory (/vol/config):

docker run -d -v /srv/openvpn:/vol/config --privileged --name openvpn-client phlak/openvpn

Now you can start up another container with a shared network stack to the OpenVPN container:

docker run -d --net container:openvpn-client --name container-name alpine

This container will now be reliant on the OpenVPN container's network stack for network access.

Optional 'docker run' Arguments

-p 1234:1234 - Map a port on the host OS to the OpenVPN container. When running as a client this will pass ports through to containers that share the OpenVPN container's network stack (i.e. When ran with the --net container:openvpn-client parameter).

--restart always - Always restart the container regardless of the exit status. See the Docker restart policies for additional details.

Troubleshooting

When running a client container, if you are having trouble making a connection and docker logs shows Initialization Sequence Completed without indicatiing any problems try manually setting your container's DNS servers by adding --dns 1.1.1.1 --dns 1.0.0.1 to your run command. Once your container is running check you DNS name servers with:

docker exec transmission-vpn cat /etc/resolv.conf

For general help and support join our GitHub Discussions or reach out on Twitter.

Please report bugs to the GitHub Issue Tracker.

Copyright

This project is licensed under the MIT License.

docker-openvpn's People

Contributors

dependabot-preview[bot] avatar dependabot[bot] avatar phlak avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

jongillies tmpshadow

docker-openvpn's Issues

Network destroyed on WAN reconnect

Hi,

first of all thank you very much for providing this great Docker image! I love its size and simplicity. While it does work most of the time, I experience a few problems which I'd like to resolve.

I run this image and connect a few docker images as "clients" to it (using -p x:y on the openvpn-client iamge to access them). The Docker machines get IPs in 172.17.0.0 and can be talked to using their specified port. Furthermore, all traffic seems to be routed through the VPN tunnel -- so far so good.

However, as soon as a WAN reconnect occurs (each night...), the openvpn-client exits (because of --remap... I guess). It then restarts (--restart=always) and connects to the VPN again. At this point, the other images of the container network cannot be accessed anymore. Probably because the network creating image died and restarted?!

So is the --remap parameter really necessary? If yes, how can this problem be fixed (apart from restarting all containers every night...).

Thanks again and best regards

In [CMD-LINE]:1: Error opening configuration file: /vol/config/openvpn.conf

I am just trying your image and ran into a problem... I hope you can help.

docker run -d \
    --name openvpn-client \
    --privileged \
    --cap-add=NET_ADMIN \
    --device /dev/net/tun \
    -v ${HOME}/srv_cfg/openvpn/client:/vol/config \
    --dns 1.1.1.1 \
    --dns 1.0.0.1 \
    -p 12000:12000 \
    --restart unless-stopped \
    phlak/openvpn

docker stop openvpn-client

docker start -i openvpn-client
Options error: In [CMD-LINE]:1: Error opening configuration file: /vol/config/openvpn.conf
Use --help for more information.

docker exec -i openvpn-client /bin/bash
Error response from daemon: Container 5309f5e41c24afedfca09d321582649cbc93646361a23d26e73f715361a8fe4c is restarting, wait until the container is running

in my config folder I have:
openvpn.conf update-resolv-conf user_pass.txt

These 3 files are supplied by my VPN service.

openvpn.conf:
remote removed 1196 udp
remote removed 1196 udp
fragment 1300
explicit-exit-notify 3
auth-user-pass user_pass.txt
up 'update-resolv-conf'
down 'update-resolv-conf'
auth RSA-SHA512
dev tap
server-poll-timeout 20
client
nobind
resolv-retry infinite
auth-retry nointeract
persist-key
persist-tun
cipher AES-256-CBC
mute-replay-warnings
comp-lzo
verb 3
mute 20
remote-cert-tls server
route-method exe
route-delay 2
script-security 3
reneg-sec 0

-----BEGIN CERTIFICATE-----
removed
-----END CERTIFICATE-----

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.