First of all, we are going to store all the data in a Docker shared volume, called openvpn_data
.
To initialise the OpenVPN configuration and CA:
$ docker run -v openvpn_data:/etc/openvpn --rm evolvedm/openvpn-rpi ovpn_genconfig -u udp://your-vpn.address.com
$ docker run -v openvpn_data:/etc/openvpn --rm -it evolvedm/openvpn-rpi ovpn_initpki
To start daemon (and auto-restart it):
$ docker run -v openvpn_data:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN -e --restart=always --name openvpn_server evolvedm/openvpn-rpi
And to create new profiles:
$ docker run -v openvpn_data:/etc/openvpn --rm -it evolvedm/openvpn-rpi easyrsa build-client-full **CLIENTNAME**
$ docker run -v openvpn_data:/etc/openvpn --rm evolvedm/openvpn-rpi ovpn_getclient **CLIENTNAME** > **CLIENTNAME**.ovpn
Then you can download your .ovpn file and start using your OpenVPN!! (if the port is correctly exposed)
I'm not a real fan of giving your data security to other's containers, so if you want to compile your own image, you can use this repo:
@sukruburakcetin
--restart=always
just tells docker that it should restart the container if it crashes for some reason (see https://docs.docker.com/engine/reference/commandline/run/#restart-policies---restart) . It won't have any impact if docker itself crashes (e.g. if your VPN server loses power).You need to use something else on you raspberry pi to ensure that docker is started up. I recommend using something like Docker Compose to store all of the configuration and then ensuring that docker-compose script runs on restart.