Skip to content

Instantly share code, notes, and snippets.

@gf3
Last active Jan 22, 2019
Embed
What would you like to do?
Docker: VPN + DNS Proxy + App

Docker setup

Using the docker-compose.yml below as a template, replace the webapp section with your application.

VPN setup

Follow the setup guide here: https://github.com/kylemanna/docker-openvpn

Afterwards we'll want to modify the VPN config so that it points to our local DNS proxy.

Edit openvpn-data/conf/openvpn.conf, replacing everything after ### Push Configurations Below:

### Push Configurations Below
push "block-outside-dns"
push "dhcp-option DNS 172.22.0.100"
push "route 172.22.0.0 255.255.255.0"
push "comp-lzo no"

### Extra Configurations Below
topology subnet

Network access

We need to allow access to the host and from the VPN connections to the docker network:

$ iptables -A FORWARD -i tun+ -j ACCEPT
$ ip route add 192.168.255.0/24 via 172.22.101
$ ufw allow 1194/udp

Connecting

Using the OpenVPN client apps for iOS, Android, Windows, Linux, or MacOS you can connect using the .ovpn file you generated during the OpenVPN setup.

Once connected to the VPN you should be able to access http://webapp.docker

version: '3.5'
services:
dnsproxy:
image: defreitas/dns-proxy-server
container_name: dnsproxy
restart: always
networks:
service-net:
ipv4_address: 172.22.0.100
environment:
- "MG_REGISTER_CONTAINER_NAMES=1"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/etc/resolv.conf:/etc/resolv.conf"
openvpn:
cap_add:
- NET_ADMIN
image: kylemanna/openvpn
container_name: openvpn
ports:
- "1194:1194/udp"
restart: always
volumes:
- "./openvpn-data/conf:/etc/openvpn"
networks:
service-net:
ipv4_address: 172.22.0.101
webapp:
container_name: webapp
hostname: webapp.local
build:
context: ./app
dockerfile: Dockerfile
volumes:
- "./app:/usr/src/app"
- "/usr/src/app/node_modules"
expose:
- '80'
environment:
- NODE_ENV=development
- CHOKIDAR_USEPOLLING=true
- PORT=80
networks:
service-net:
ipv4_address: 172.22.0.102
networks:
service-net:
ipam:
driver: default
config:
- subnet: 172.22.0.0/16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment