This server can be used to connect multiple clients to a private network.
This specific configuration manages only the traffic towards the private network and also it allows the use of the local DNS server.
So it basically simulates a physical and secure connection to the private network.
Steps
Follow this guide from the author of the docker image, it works perfect: https://github.com/kylemanna/docker-openvpn/blob/master/docs/docker-compose.md
version: '3'
services:
openvpn:
cap_add:
- NET_ADMIN
image: kylemanna/openvpn
container_name: openvpn
ports:
- "1194:1194/udp"
restart: always
volumes:
- openvpn-data:/etc/openvpn
volumes:
openvpn-data:
Routing Customization
### Push Configurations Below
push "dhcp-option DNS 8.8.8.8"
push "comp-lzo no"
push "route 10.2.0.0 255.255.0.0"- Open a shell inside the container :
docker-compose exec openvpn bash - Edit the configuration file with nano :
nano /etc/openvpn/openvpn.conf- if
nanois not installed :apk add nano
- if
- Add the configuration to teach clients DNS server and the reachable networks
exitand then restart the containerdocker-compose restart openvpn
I create this script to speed up the user creation (or recreation) if I made some mistake
#!/bin/bash user="$1" echo "DELETING USER $user (if exists)" docker-compose run --rm openvpn ovpn_revokeclient $user remove || true echo "CREATING USER $user" docker-compose run --rm openvpn easyrsa build-client-full $user rm $user.ovpn || true echo "EXPORT OVPN FILE" docker-compose run --rm openvpn ovpn_getclient $user > $user.ovpn # by default all traffic will be redirect, not our case echo "REMOVING ALL TRAFFIC REDIRECT" sed -i '/redirect-gateway def1/d' ./$user.ovpn
docker-openvpn (this link opens in a new window) by kylemanna (this link opens in a new window)
🔒 OpenVPN server in a Docker container complete with an EasyRSA PKI CA