Few steps to setup in 10 minutes a OpenVPN server inside a Docker in your VPS.
Requirements
- Docker
- Docker compose
Docker compose setup
note: static-network is optional, just in case you would like to access with static IP addresses to other containers
version: '3.8'
services:
openvpn:
cap_add:
- NET_ADMIN
image: kylemanna/openvpn
container_name: openvpn
ports:
- "1194:1194/udp"
restart: always
volumes:
- ./openvpn-data/conf:/etc/openvpn
networks:
static-network:
ipv4_address: 172.20.0.24
networks:
static-network:
ipam:
config:
- subnet: 172.20.0.0/24Then
# init config
docker compose run --rm openvpn ovpn_genconfig -u udp://<your-dns>
docker compose run --rm openvpn ovpn_initpki
sudo chown -R $(whoami): ./openvpn-data
# generate a client certificate with password
docker-compose run --rm openvpn easyrsa build-client-full your-client-name
# or generate a client certificate without password
docker compose run --rm openvpn easyrsa build-client-full your-client-name nopass
# export in ovpn
docker compose run --rm openvpn ovpn_getclient your-client-name > your-client-name.ovpn
# finally start docker
docker compose up -d openvpn
# revoke a certificate
docker compose run --rm openvpn easyrsa revoke your-client-name
docker compose run --rm openvpn easyrsa gen-crlNotes
- if the openvpn docker server is running substitute
docker compose run --rm openvpncommand entering directly in the container withdocker exec -it <docker-hash> bash - one opvn file should be generated for each client
Static ip
if you would like to assign a static ip to a client
- go to your root directory, where the docker compose yml file is located
- then navigate to the ccd directory located inside your volume
cd openvpn-data/conf/ccd(in the above case)
- then create a new file with the same name of the client you generated
vim your-client-name(without ovpn extension)- add the following line
ifconfig-push 192.168.255.10 192.168.255.1- where
192.168.255.10is the static ip you would like to assign 192.168.255.1is the gateway ip of your vpn
0 Comments