OpenVPN Server Docker
OpenVPN 2.3.10 server that based from Docker Image - Ubuntu 16.04
- Docker 1.13.0 (or higher)
Create a new Docker image that based from Ubuntu 16.04 and install:
- OpenVPN 2.3.10 (or higher)
- easy-rsa 2.2.2-2 (or higher)
Example command line:
docker build -t openvpn:2.3.10 \ --build-arg KEY_COUNTRY=SG \ --build-arg KEY_PROVINCE=SG \ --build-arg KEY_CITY=Singapore \ --build-arg KEY_ORG=Organization \ --build-arg [email protected] \ --build-arg KEY_OU=OrganizationUnit \ --build-arg KEY_CN=CommonName \ --build-arg KEY_NAME=Name \ --build-arg KEY_TAGGING=0 \ --build-arg SERVER_ADDRESS=RemoteAddress \ .
Create and run a new Docker container, mount a host directory and create the OpenVPN client configuration (ovpn) file.
Example command line:
docker run -d --privileged \ --volume ~/ovpn-files:/root/client-configs/files \ --network host \ --name openvpn openvpn:2.3.10
Continue with this command line to recreate the OpenVPN client configuration (ovpn) file in the mounted directory.
docker exec -t openvpn /root/client-configs/make_config.sh
Regenerate the server and client certification files and client configuration file.
Example command line:
docker exec -t \ --e KEY_NAME=Name \ --e KEY_TAGGING=1 \ openvpn /root/remake_all.sh
Continue with this command line to restart the Docker container to reload the new certification files and server configuration changes.
docker restart openvpn
- Enable IPv4 forwarding.
- Adjust Firewall rules to Masquerade client connections.
- Open the OpenVPN port and protocol.
For more detail on how to do it in Ubuntu 16.04, please read Digital Ocean - Adjust the Server Networking Configuration
- Duplicate CN is enabled.
- Server and Clint certification files are always be generated together.
If there's any changes required to fit your environment or implementation, please do the necessary changes in Dockerfile.
- Only been tested with Ubuntu 16.04 as the host OS.
- Privileged must be extended and using host network.
- Port is hardcoded to always use 1194.