Setup OpenVPN with OpenVPN-Monitor and docker-compose

docker-compose.yml

version: "2"
services:
  openvpn:
    image: kylemanna/openvpn
    volumes:
      - "./data:/etc/openvpn"
      - "/etc/localtime:/etc/localtime:ro"
    ports:
      - "1194:1194/udp"
    expose:
      - 5555
    cap_add:
      - NET_ADMIN

  openvpn_monitor:
    image: ruimarinho/openvpn-monitor
    environment:
      # General
      OPENVPNMONITOR_DEFAULT_DATETIMEFORMAT: "%d/%m/%Y %H:%M:%S"
      OPENVPNMONITOR_DEFAULT_LOGO: https://exmaple.com/logo.png
      OPENVPNMONITOR_DEFAULT_MAPS: "True"
      OPENVPNMONITOR_DEFAULT_LATITUDE: "0.0"
      OPENVPNMONITOR_DEFAULT_LONGITUDE: "0.0"
      OPENVPNMONITOR_DEFAULT_SITE: Live
      # Site 1 - OpenVPN1
      OPENVPNMONITOR_SITES_0_ALIAS: OVPN1
      OPENVPNMONITOR_SITES_0_HOST: openvpn
      OPENVPNMONITOR_SITES_0_NAME: OPENVPN1
      OPENVPNMONITOR_SITES_0_PORT: 5555
    networks:
      - default
      - reverse
#    ports:
#      - "80:80"

networks:
  reverse:
    external:
      name: web_reverse

gen_client_cert.sh

#!/bin/bash

# Adapt this path for your needs
BASE_PATH="/mnt/data/docker/openvpn"
OVPN_DATA="$BASE_PATH/data"

echo
echo "### Generate clinet cert"
echo
echo "# Clientname"
echo "Enter the clients name:"
read CLIENTNAME

docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full $CLIENTNAME nopass

echo
echo "# Retrieve config"
echo

if [ ! -d $BASE_PATH/clients ] ; then
  mkdir $BASE_PATH/clients
fi

docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_getclient $CLIENTNAME > "$BASE_PATH/clients/$CLIENTNAME.ovpn"

echo
echo "# Wrote config to folder clients"
echo
echo "### DONE"

openvpn.conf

[...]

# Append these lines to openvpn.conf in the data folder
### Open Management Port
management 0.0.0.0 5555

setup_vpn.sh

#!/bin/bash

echo
echo "### Setup OpvenVPN Server"

# Adapt this path for your needs
BASE_PATH="/mnt/data/docker/openvpn"
OVPN_DATA="$BASE_PATH/data"
SERVER_NAME="vpn.example.com"

docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://$SERVER_NAME

docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki

echo
echo "### Done"

I created this for simplying the adding and removal of clients/certs.

#!/bin/bash

# Adapt this path for your needs
BASE_PATH="/change/this/path/openvpn"
OVPN_DATA="$BASE_PATH/data"
USER_LIST="$BASE_PATH/listusers.txt"

function LIST_CLIENTS () {
echo "Listing current clients"
docker-compose run --rm openvpn ovpn_listclients | tee ${USER_LIST}
}


function ADDCLIENT () {
echo "### Generate client cert"
read -p "Enter the user's name:" CLIENTNAME

# if user exists, delete it.
if [[ $(cat ${USER_LIST} | grep -c ${CLIENTNAME}) -ne 0 ]]; then
docker-compose run --rm openvpn ovpn_revokeclient ${CLIENTNAME} remove
fi
# Generate certificates
docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full ${CLIENTNAME} nopass
}

function CREATE_OVPN_FILE () {
echo "# Retrieve config"
if [[ ! -d ${BASE_PATH}/clients ]]; then mkdir ${BASE_PATH}/clients; fi
docker run -v ${OVPN_DATA}:/etc/openvpn --rm kylemanna/openvpn ovpn_getclient ${CLIENTNAME} > "${BASE_PATH}/clients/${CLIENTNAME}.ovpn"
echo "# Wrote config to folder clients"
}

function RESTART () {
docker restart openvpn
}

function EMAIL_OVPN () {
cat listusers.txt
read -p "Name of client's OVPN to send?"  NAME
read -p "Email to send the OVPN file to?:"  EMAIL

dpkg -l | grep mpack || sudo apt install mpack

if ! [[ -z ${EMAIL} ]]; then mpack -s subject "${BASE_PATH}/clients/${NAME}.ovpn" ${EMAIL}; fi
}

LIST_CLIENTS
ADDCLIENT
CREATE_OVPN_FILE
RESTART
EMAIL_OVPN

Thank you @aeimer for this Gist. I had to adapted it so I can use it on arm architecture for my Raspberry Pi. I create a git for it here if someone need it : https://gist.github.com/lhoupert/c0f06f2de3f6d3c433570847900b9f26