allanger
/
container-openvpn
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases Activity
546 Commits 3 Branches 6 Tags 628 KiB
Commit Graph

546 Commits

Author SHA1 Message Date
Kyle Manna e4feb29b87 README: Correct dynamic subnet 
* Correct dynamic client subnet that recently changed.
 2014-06-30 23:45:36 -07:00
Kyle Manna 9951ca6ca2 README: Use long server_url 
* Attempt to reveal the configurability to the curious.
 2014-06-30 23:43:41 -07:00
Kyle Manna 836b473d20 ovpn: Remove reference to udp/1194 
* Remove references to udp/1194.
* Works better with non-standard ports and tcp.
 2014-06-30 23:27:00 -07:00
Kyle Manna 34eca5b96f ovpn: Convert from servername -> server_url 
* Previously the server name cached the common name generated during
  init and assumed always 1194/udp.
* The new configuration allows for users to pass in a url in a new form
  that allows the protocol to be specified as well as the port.
* Example: udp://vpn.example.com:1194
* Try to be backwards compatible.
 2014-06-30 23:27:00 -07:00
Kyle Manna 507f27a9e0 docs: Add backup documentation 
* Brain dump on ways to backup the docker volume container for peace of
  mind.
 2014-06-30 09:19:36 -07:00
Kyle Manna aeb1e255cf Merge branch 'static-ips' 
Closes #2
 2014-06-30 00:39:11 -07:00
Kyle Manna 9a7ccd45ae docs: Add static IP documentation 
* Add the documentation while it's fresh.
 2014-06-30 00:35:52 -07:00
Kyle Manna 26a14d2f4b clients: Add support for static subnet 
* Allow static clients to be placed on 192.168.254.0/24 subnet.
 2014-06-30 00:13:55 -07:00
Kyle Manna 5e3c9719c8 run: Always ensure client dir exists 
* OpenVPN will fail to start if this directory doesn't exist.
 2014-06-29 23:26:23 -07:00
Kyle Manna 7b9d82630d genconfig: Backup old config file 
* Backup previous config file before overwriting.
 2014-06-29 23:26:23 -07:00
Kyle Manna 1aaf6a4359 genconfig: Use servername if $1 not specified 
* Set the common name to servername set during last ovpn_init if $1 is
  not passed in.
* Simplies re-running ovpn_genconfig when features are added.
 2014-06-29 23:26:23 -07:00
Kyle Manna 20dc3d6ea0 genconfig: Expand the subnet 
* Use a larger subnet (2x the size) to allow for more hard-coded
  configurations.
 2014-06-29 23:26:23 -07:00
Kyle Manna 353019b0e9 genconfig: Add client-config-dir 
* Add client config directory for client specific configuration options
  such as IP addresses.
 2014-06-29 23:26:23 -07:00
Kyle Manna 024fa95f19 README: Update to describe current implementation 
* Update to describe the current implementation as changed following the
  fork.
 2014-06-05 09:02:49 -07:00
Kyle Manna 126f3a4557 ovpn_init: Protect the CA key by default 
* Protect the CA key with a passphrase by default to protect it from a
  filsystem compromise.  An attacker could still steal the other keys
  stored (ie the server's cert key), but not issue new keys.
* This is a good compromise for now.
 2014-06-04 17:07:07 -07:00
Kyle Manna e1902bc2cd ovpn_genconfig: Add generate config script 
* Create a generate config script so that the new docker containers can
  regenerate the OpenVPN configuration without clobbering the PKI setup.
 2014-06-04 16:50:53 -07:00
Kyle Manna d180cce5d0 README: Update with quick blurb on how to use 
* Brain dump of an example until I get time to properly update.
 2014-06-04 15:42:35 -07:00
Kyle Manna 4728990da3 ovpn_getclient: Verify server certificate 
* Verify the server's certificate to avoid MITM attacks
 2014-06-04 15:38:49 -07:00
Kyle Manna bc4165e587 tls-auth: Enable tls-auth for security 
* Enabling tls-auth improves security and helps protect against DDoS.
 2014-06-04 15:35:18 -07:00
Kyle Manna 1751d00fc9 Dockerfile: Switch to leaner Debian image 
* Debian testing/Jessie is approximately 30% smaller the Ubuntu, use
  that instead.
 2014-06-04 11:42:37 -07:00
Kyle Manna 939cf7ab67 ovpen_init: Remove external IP resolution 
* Disable auto guessing the external IP in favor of the user explicitly
  specifying the server name.  Save the servername for client cert
  generation later.
* Remove dnsutils from build since dig is no longer necessary.  Favor
  learn and mean images.
 2014-06-04 11:15:43 -07:00
Kyle Manna 1869cd85d0 openvpn.sh: Split in to smaller scripts 
* Split soon to be massive wrapper into smaller managable scripts.
* Re-organized Dockerfile to exploit cache when rebuilding
 2014-06-04 11:13:59 -07:00
Kyle Manna 035ff64200 Dockerfile: Add ENV configuration 
* Add ENV configuration options to Dockerfile as opposed to keeping in
  the wrapper script.
* First step to splitting up openvpn.sh in to smaller scripts.
 2014-06-04 10:52:59 -07:00
Kyle Manna f6474d06f9 Dockerfile: Remove unused ports 
* These ports are unused, remove them to reduce confusion.
 2014-06-04 09:30:04 -07:00
Kyle Manna 2d26b87343 run: Remove run script 
* Replaced by openvpn.sh
 2014-06-04 09:29:45 -07:00
Kyle Manna 161acca6a2 openvpn.sh: Add log tail function 
* Add ability to tail log file as original repo did.
 2014-06-04 09:29:17 -07:00
Kyle Manna 7944bcd9fe serveconfig: Remove 
* Use the openvpn.sh wrapper script instead
 2014-06-04 09:26:53 -07:00
Kyle Manna 422c2a302d openvpn.sh: Add getclientconfig 
* Add mechanism to generate and return a client configuration
* Seemlessly Generates certificate if necessary
 2014-06-04 09:18:25 -07:00
Kyle Manna f673ee83ce openvpn.sh: Save servername used during init 
* Save the DNS domain name or IP address the server was configured with
* Useful for generating client configurations
 2014-06-04 09:08:09 -07:00
Kyle Manna a1c174f6f5 openvpn.sh: Implement init step and cert gen 
* Initialize and configure the OpenVPN server
* Generate PKI keys, CA, and certs when needed
 2014-06-04 01:39:38 -07:00
Kyle Manna 9e4de074d0 openvpn.sh: Add easyrsa to wrapper 
* Provide a way to invoke easyrsa form the wrapper
* Add ability to set the EasyRSA vars file which manages the default
  settings for the EasyRSA PKI CA.
 2014-06-04 00:21:14 -07:00
Kyle Manna f6873cf5bd Dockerfile: Add EasyRSA-3 support 
* EasyRSA v3 is preferred over v2 because it includes support for
  elliptic curves.
 2014-06-04 00:21:14 -07:00
Kyle Manna 023cfe6596 openvpn.sh: Add wrapper script 
* Add the beginning of a wrapper script that will handle cert generation
  and OpenVPN invocation.
 2014-06-03 20:58:13 -07:00
Kyle Manna 47bc4e4865 Dockerfile: Add MAINTAINER line 
* Add maintrainer line and credit jpetazzo
 2014-06-03 20:42:19 -07:00
Kyle Manna c19b01e005 Dockerfile: Update to Ubuntu 14.04 
* Upgrade to latest Ubuntu LTS release
 2014-06-03 20:31:53 -07:00
Jérôme Petazzoni a002a7cbec Merge pull request #4 from ReAzem/patch-1 
readme updates
 2014-05-23 17:13:09 -07:00
Alexandre Viau 93d12716c5 commands were deprecated 2014-05-23 18:31:46 -04:00
Alexandre Viau 7be3bf2cd9 more comprehensible 2014-05-23 17:49:33 -04:00
Jérôme Petazzoni 048539fdcd Merge pull request #3 from paimpozhil/master 
adding google nameservers into the DHCP push
 2014-05-02 14:36:56 -07:00
Paimpozhil 83e47bb3be adding google nameservers into the DHCP push 2014-04-29 16:05:53 -04:00
Jérôme Petazzoni 71136d9ba3 Merge pull request #1 from Tuinslak/patch-1 
forgot .log
 2013-09-10 15:37:01 -07:00
Yeri Tiete b3a5a89ab3 forgot .log 
It's not that important but it's cleaner.
 2013-09-11 00:33:55 +02:00
Jérôme Petazzoni c6b94b5726 Add mention of SSL for configuration download. 2013-09-04 14:22:24 -07:00
Jérôme Petazzoni be9e6b65c9 Add mention of SSL for configuration download. 2013-09-02 18:48:51 -07:00
Jérôme Petazzoni df45b24a3b Documentation is always helpful! 2013-09-02 17:42:05 -07:00
Jerome Petazzoni 0f56065a90 Docker can haz VPN nao! 2013-09-02 23:46:19 +00:00