This server can be used to connect multiple clients to a private network.
This specific configuration manages only the traffic towards the private network and also it allows the use of the local DNS server.
So it basically simulates a physical and secure connection to the private network.
Steps
Follow this guide from the author of the docker image, it works perfect: https://github.com/kylemanna/docker-openvpn/blob/master/docs/docker-compose.md
version: '3' services: openvpn: cap_add: - NET_ADMIN image: kylemanna/openvpn container_name: openvpn ports: - "1194:1194/udp" restart: always volumes: - openvpn-data:/etc/openvpn volumes: openvpn-data:
Routing Customization
### Push Configurations Below
push "dhcp-option DNS 8.8.8.8"
push "comp-lzo no"
push "route 10.2.0.0 255.255.0.0"
- Open a shell inside the container :
docker-compose exec openvpn bash
- Edit the configuration file with nano :
nano /etc/openvpn/openvpn.conf
- if
nano
is not installed :apk add nano
- if
- Add the configuration to teach clients DNS server and the reachable networks
exit
and then restart the containerdocker-compose restart openvpn
I create this script to speed up the user creation (or recreation) if I made some mistake
#!/bin/bash user="$1" echo "DELETING USER $user (if exists)" docker-compose run --rm openvpn ovpn_revokeclient $user remove || true echo "CREATING USER $user" docker-compose run --rm openvpn easyrsa build-client-full $user rm $user.ovpn || true echo "EXPORT OVPN FILE" docker-compose run --rm openvpn ovpn_getclient $user > $user.ovpn # by default all traffic will be redirect, not our case echo "REMOVING ALL TRAFFIC REDIRECT" sed -i '/redirect-gateway def1/d' ./$user.ovpn
docker-openvpn (this link opens in a new window) by kylemanna (this link opens in a new window)
🔒 OpenVPN server in a Docker container complete with an EasyRSA PKI CA