openvpn-httpbasic-server:
image: mdns/rancher-openvpn:1.2
privileged: true
volumes:
- /var/lib/openvpn/data:/etc/openvpn
volumes_from:
- openvpn-httpbasic-data
ports:
- 13279:1194/tcp
environment:
AUTH_HTTPBASIC_URL: http://openvpn-httpbasic
AUTH_METHOD: httpbasic
CERT_CITY: London
CERT_COUNTRY: UK
CERT_EMAIL: andrew@dog.com
CERT_ORG: DogZ
CERT_OU: IT
CERT_PROVINCE: AL
REMOTE_IP: 127.0.0.1
REMOTE_PORT: '13279'
VPNPOOL_CIDR: '16'
VPNPOOL_NETWORK: 10.43.0.0
OPENVPN_EXTRACONF: 'push "dhcp-option DNS 8.8.8.8"\npush "dhcp-option DNS 8.8.4.4"\npush "dhcp-option DOMAIN rancher.internal"'
links:
- "openvpn-httpbasic:openvpn-httpbasic"
log_driver: "json-file"
log_opt:
max-size: "30m"
max-file: "3"
labels:
io.rancher.sidekicks: openvpn-httpbasic-data
openvpn-httpbasic-data:
image: busybox
entrypoint:
- /bin/true
volumes:
- /etc/openvpn/
labels:
io.rancher.container.start_once: 'true'
openvpn-httpbasic:
image: findexchange/nginx-basic-auth:1.0
restart: always
log_driver: "json-file"
log_opt:
max-size: "30m"
max-file: "3"
environment:
DEFAULT_USER: user
DEFAULT_PASSWORD: password
- Prepare docker-compose.yml for Rancher
- Replace
REMOTE_IP: 127.0.0.1
with your real server IP - Run this config in Rancher
- Copy /var/lib/openvpn/data/client.conf and save it as *.ovpn file
- Use that file in your VPN program to connect
- When you connected, you can access your rancher services via
- Internal IPs like
10.42.*.*
- Rancher DNS names
{service}.{stack}.rancher.internal
or{service}.{stack}