OpenVpn Docker

Image github

Tutorial

Requirement

  • Open UDP port 1194

  • Install :

    • docker
    • docker compose
    • git

Process

Create folder openvpn :

cd /srv
sudo mkdir openvpn
cd openvpn

Build image (fork of kylemanna/docker-openvpn) :

git clone https://github.com/ArnaudBaley/fork-docker-openvpn.git
cd fork-docker-openvpn
docker build -t custom-openvpn .

Create folder openvpn/data :

cd ../../
sudo mkdir openvpn/data

Create configurations (fill your value for MY_IP_OR_MY_DOMAIN) :

(-c allow clients to communicate between them)

sudo docker run -v /srv/openvpn/data:/etc/openvpn --rm custom-openvpn ovpn_genconfig -c -u udp://MY_IP_OR_MY_DOMAIN

Launch script ovpn_initpki :

sudo docker run -v /srv/openvpn/data:/etc/openvpn --rm -it custom-openvpn ovpn_initpki

Create file docker-compose.yml :

cd /srv/openvpn/
sudo nano docker-compose.yml

docker-compose.yml :

app:
  image: 'custom-openvpn'
  volumes:
    - './data:/etc/openvpn'
  ports:
    - "1194:1194/udp"
  cap_add:
    - NET_ADMIN
  restart: always

Start OpenVPN server :

sudo docker-compose up -d

Generate a client certificate without a passphrase (fill your value for CLIENT_NAME) :

sudo docker run -v /srv/openvpn/data:/etc/openvpn --rm -it custom-openvpn easyrsa build-client-full CLIENT_NAME nopass

Retrieve the client configuration with embedded certificates (fill your value for CLIENT_NAME) :

a - Normal case

sudo su
docker run -v /srv/openvpn/data:/etc/openvpn --rm custom-openvpn ovpn_getclient CLIENT_NAME > CLIENT_NAME.ovpn

b- IF OTP (2FA Google Authenticator) SOURCE

docker run -v /var/openvpn/data:/etc/openvpn --rm -t custom-openvpn ovpn_otp_user CLIENT_NAME

Get file with WinSCP