Prerequisites:
- A domain that resolves to your public IP address, possibly by using a DDNS client. I'm using this DDNS-client since I'm using Cloudflares name servers.
- A static local IP address assigned in your DHCP that points to your server
- Access to your router to open port UDP/1194 and point to the static server IP
Based on guide: https://medium.com/@gurayy/set-up-a-vpn-server-with-docker-in-5-minutes-a66184882c45
- Generate config
docker run -v ~/docker-config/openvpn:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://your-ddns.domain
- Initiate PKI
docker run -v ~/docker-config/openvpn:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki
Common name is your DDNS-domain. Setting a password is optional, you can leave it blank.
- Start container
docker run --restart=unless-stopped --name=openvpn-server -v ~/docker-config/openvpn:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn
- Create user With certificate authentication:
docker run -v ~/docker-config/openvpn:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full username nopass
With password authentication:
docker run -v ~/docker-config/openvpn:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full username
- Download user config
docker run -v ~/docker-config/openvpn:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient username > username.ovpn
- Import
username.ovpn
to your VPN app and connect! For macOS I would recommend Tunnelblick.
docker exec -it openvpn-server /bin/bash
docker exec -it openvpn-server easyrsa revoke username