| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105 |
- <!DOCTYPE html>
- <html lang="en" xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <title>Running A Containerized OpenVPN Server in Docker</title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <meta charset="UTF-8">
- <meta name="keywords" content="Docker Made Easy,Home Lab,Home Lab Ideas,Install Guide,Self-Hosted,CA,CLI,Certificate Authority,Certificates,Container,Containerization,Containers,Docker,Docker Host,Docker How To,Docker Made Simple,Docker Simplified,Home Networking,Linux,Network,OpenVPN,PKI,Personal VPN,Public Key Infrastructure,Self-Hosted VPN Server,Self-Hosted VPN,Self-Signed Certificate,Self-Signed PKI,VPN To Your Home Network,How To,Tutorial,i12bretro">
- <meta name="author" content="i12bretro">
- <meta name="description" content="Running A Containerized OpenVPN Server in Docker">
- <meta name="viewport" content="width=device-width, initial-scale=1.0">
- <meta name="revised" content="05/27/2022 02:48:03 PM" />
- <link rel="icon" type="image/x-icon" href="includes/favicon.ico">
- <script type="text/javascript" src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
- <script type="text/javascript" src="includes/js/steps.js"></script>
- <link href="css/steps.css" rel="stylesheet" type="text/css" />
- </head>
- <body>
- <div id="gridContainer">
- <div class="topMargin"></div>
- <div id="listName" class="topMargin">
- <h1>Running A Containerized OpenVPN Server in Docker</h1>
- </div>
- <div></div>
- <div id="content">
- <h2>What is OpenVPN?</h2>
- <blockquote><em>OpenVPN is a virtual private network system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications. -<a href="https://openvpn.net" target="_blank">https://openvpn.net</a></em></blockquote>
- <h2>Installing Docker</h2>
- <ol>
- <li>Log into the Linux based device</li>
- <li>Run the following commands in the terminal
- <div class="codeBlock"># install prerequisites<br />
- sudo apt install apt-transport-https ca-certificates curl software-properties-common gnupg-agent -y<br />
- # add docker gpg key<br />
- curl -fsSL https://download.docker.com/linux/$(awk -F'=' '/^ID=/{ print $NF }' /etc/os-release)/gpg | sudo apt-key add -<br />
- # add docker software repository<br />
- sudo add-apt-repository "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/$(awk -F'=' '/^ID=/{ print $NF }' /etc/os-release) $(lsb_release -cs) stable"<br />
- # install docker<br />
- sudo apt install docker-ce docker-compose containerd.io -y<br />
- # enable and start docker service<br />
- sudo systemctl enable docker && sudo systemctl start docker<br />
- # add the current user to the docker group<br />
- sudo usermod -aG docker $USER<br />
- # reauthenticate for the new group membership to take effect<br />
- su - $USER</div>
- </li>
- </ol>
- <h2>Running OpenVPN Server</h2>
- <ol>
- <li>Continue with the following commands in a terminal window
- <div class="codeBlock"># create a working directory<br />
- mkdir ~/docker/openvpn-server -p<br />
- # SET SOME VARIABLES<br />
- # set the openvpn service name (recommended to use the ovpn-data-)<br />
- OVPN_DATA="ovpn-data-docker"<br />
- # set the external IP address or DNS name<br />
- OVPN_HOST="udp://VPN.SERVERNAME.COM"<br />
- # set a client name identifier<br />
- OVPN_CLIENT="client1"<br />
- # pull the docker image<br />
- docker pull kylemanna/openvpn<br />
- # generate new openvpn config<br />
- docker run -v ~/docker/openvpn-server:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u ${OVPN_HOST}<br />
- # initialize the openvpn pki<br />
- docker run -v ~/docker/openvpn-server:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki</div>
- </li>
- <li>Enter and confirm a password to protect the PKI</li>
- <li>Enter a common name for the PKI (ie OpenVPN Server)</li>
- <li>Enter and confirm a password to protect the CA private key</li>
- <li>Continue with the following commands in a terminal window
- <div class="codeBlock"># start the openvpn-server container<br />
- docker run -d --name=openvpn-server -v ~/docker/openvpn-server:/etc/openvpn -p 1194:1194/udp --cap-add=NET_ADMIN --restart unless-stopped kylemanna/openvpn<br />
- # generate a client certificate with no password<br />
- # NOTE any client with this certificate can connect to the VPN server<br />
- docker run -v ~/docker/openvpn-server:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full ${OVPN_CLIENT} nopass<br />
- # enter the password for the CA private key<br />
- # generate an openvpn configuration file for the client<br />
- docker run -v ~/docker/openvpn-server:/etc/openvpn --rm kylemanna/openvpn ovpn_getclient ${OVPN_CLIENT} > ${OVPN_CLIENT}.ovpn<br />
- # output the generated .ovpn file<br />
- cat ${OVPN_CLIENT}.ovpn</div>
- </li>
- </ol>
- <h2>Installing OpenVPN Client Software and Testing</h2>
- <p><em>At this point the OpenVPN server is running but you will need to configure your router to forward UDP port 1194 from the WAN to the IP address of the Docker host. The process to do this will vary based on your router</em></p>
- <ol>
- <li>Download the OpenVPN software <a href="https://openvpn.net/community-downloads/" target="_blank">Download</a></li>
- <li>Run the installer accepting all the default values</li>
- <li>Click the Start button and search OpenVPN GUI</li>
- <li>Select OpenVPN GUI from the results to start the application</li>
- <li>Copy the generated .ovpn configuration file from the Docker host to the OpenVPN client install directory/config</li>
- <li>Right click OpenVPN GUI in the system tray > Connect</li>
- </ol>
- <p>Documentation: <a href="https://hub.docker.com/r/kylemanna/openvpn" target="_blank">https://hub.docker.com/r/kylemanna/openvpn</a></p> </div>
- </div>
- </body>
- </html>
-
|
