Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
OpenVPN in LXD Container
# On the host
=============
lxc config set openvpn raw.lxc 'lxc.cgroup.devices.allow = c 10:200 rwm'
lxc config device add openvpn tun unix-char path=/dev/net/tun
# In the container
==================
1. mknod /dev/net/tun c 10 200
2. install OpenVPN (https://github.com/Nyr/openvpn-install or manual)
3. edit /lib/systemd/system/openvpn@.service -- comment out/remove `LimitNPROC=10`
4. systemctl daemon-reload or reboot container
@Wizlonex

This comment has been minimized.

Copy link

@Wizlonex Wizlonex commented Feb 13, 2018

Totally brilliant. I spent way too long looking for a solution. Nothing worked, until this. THANK YOU.

@kkremitzki

This comment has been minimized.

Copy link

@kkremitzki kkremitzki commented Jun 7, 2018

This worked for me as well. Thanks!

@starkers

This comment has been minimized.

Copy link

@starkers starkers commented Aug 14, 2018

Cheers dude

@thalesmaoa

This comment has been minimized.

Copy link

@thalesmaoa thalesmaoa commented Oct 22, 2018

Maybe I did something wrong, however I can't get it to work. I'm using a bridge connection:

Mon Oct 22 03:22:06 2018 Unrecognized option or missing parameter(s) in local.ovpn:14: block-outside-dns (2.3.10)
Mon Oct 22 03:22:06 2018 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Mon Oct 22 03:22:06 2018 library versions: OpenSSL 1.0.2g  1 Mar 2016, LZO 2.08
Mon Oct 22 03:22:06 2018 Control Channel Authentication: tls-auth using INLINE static key file
Mon Oct 22 03:22:06 2018 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Mon Oct 22 03:22:06 2018 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Mon Oct 22 03:22:06 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Oct 22 03:22:06 2018 UDPv4 link local: [undef]
Mon Oct 22 03:22:06 2018 UDPv4 link remote: [AF_INET] server_ip:1194

Any suggestion?

EDIT:
I found the problem. Does not install without following the proposed order.

@FinduschkaLi

This comment has been minimized.

Copy link

@FinduschkaLi FinduschkaLi commented Aug 28, 2019

In case you are installing openvpn via the bashfile obtained via
wget https://git.io/vpn -O openvpn-install.sh
make sure that the server files actually lie in folder: /etc/opevpn/ and not in /etc/openvpn/server/.
I had to move all files from /etc/openvpn/server to /etc/openvpn/ in order for the server to start.
Maybe there is also a configuration for this path?

@FinduschkaLi

This comment has been minimized.

Copy link

@FinduschkaLi FinduschkaLi commented Aug 28, 2019

In case you are installing openvpn via the bashfile obtained via
wget https://git.io/vpn -O openvpn-install.sh
make sure that the server files actually lie in folder: /etc/opevpn/ and not in /etc/openvpn/server/.
I had to move all files from /etc/openvpn/server to /etc/openvpn/ in order for the server to start.
Maybe there is also a configuration for this path?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment