dockerfiles/stunnel/README.md

stunnel
=======

[Stunnel][1] is a proxy designed to add TLS encryption functionality to
existing clients and servers without any changes in the programs' code.

### Overview

domain | ip:port      | country | services
-------| ------------ | ------- | ------------------------------
master | 1.2.3.4:4911 | Japan   | openvpn-server, stunnel-server
bridge | 5.6.7.8:1194 | China   | stunnel-client
N/A    | 192.168/16   | China   | openvpn-client

### docker-compose.yml

```yaml
# In Japan
master:
  image: vimagick/stunnel
  ports:
    - "4911:4911"
  environment:
    - CLIENT=no
    - SERVICE=openvpn
    - ACCEPT=0.0.0.0:4911
    - CONNECT=server:1194
  external_links:
    - openvpn_server_1:server
  restart: always

# In China
bridge:
  image: vimagick/stunnel
  ports:
    - "1194:1194"
  environment:
    - CLIENT=yes
    - SERVICE=openvpn
    - ACCEPT=0.0.0.0:1194
    - CONNECT=server:4911
  extra_hosts:
    - server:1.2.3.4
  restart: always
```

### Server Setup (Cloud)

```bash
# master server (Japan)
docker-compose up -d master
```

### Client Setup (Cloud)

```bash
# bridge server (China)
docker-compose up -d bridge
```

### Client Setup (Local)

File: /etc/stunnel/stunnel.conf

```ini
foreground = yes
client = yes

[openvpn]
accept = 127.0.0.1:1194
connect = 1.2.3.4:4911
```

> Pro Tip: Running stunnel locally is faster.

### OpenVPN Setup (Partial)

```ini
# For Cloud Setup
...
remote 5.6.7.8 1194 tcp
route 192.168.0.0 255.255.0.0 net_gateway
...
```

```ini
# For Local Setup
...
remote 127.0.0.1 1194 tcp
route 1.2.3.4 255.255.255.255 net_gateway
route 192.168.0.0 255.255.0.0 net_gateway
....
```

[1]: https://www.stunnel.org/index.html
add stunnel 2016-07-11 07:14:59 +02:00			`stunnel`
			`=======`

fix icon 2016-07-11 07:57:48 +02:00			`[Stunnel][1] is a proxy designed to add TLS encryption functionality to`
			`existing clients and servers without any changes in the programs' code.`

add stunnel 2016-07-11 07:14:59 +02:00			`### Overview`

			`domain \| ip:port \| country \| services`
			`-------\| ------------ \| ------- \| ------------------------------`
			`master \| 1.2.3.4:4911 \| Japan \| openvpn-server, stunnel-server`
			`bridge \| 5.6.7.8:1194 \| China \| stunnel-client`
			`N/A \| 192.168/16 \| China \| openvpn-client`

			`### docker-compose.yml`

			```yaml
			`# In Japan`
			`master:`
			`image: vimagick/stunnel`
			`ports:`
			`- "4911:4911"`
			`environment:`
			`- CLIENT=no`
			`- SERVICE=openvpn`
			`- ACCEPT=0.0.0.0:4911`
			`- CONNECT=server:1194`
			`external_links:`
			`- openvpn_server_1:server`
			`restart: always`

			`# In China`
			`bridge:`
			`image: vimagick/stunnel`
			`ports:`
			`- "1194:1194"`
			`environment:`
			`- CLIENT=yes`
			`- SERVICE=openvpn`
			`- ACCEPT=0.0.0.0:1194`
			`- CONNECT=server:4911`
			`extra_hosts:`
			`- server:1.2.3.4`
			`restart: always`
			```

			`### Server Setup (Cloud)`

			```bash
			`# master server (Japan)`
			`docker-compose up -d master`
			```

			`### Client Setup (Cloud)`

			```bash
			`# bridge server (China)`
			`docker-compose up -d bridge`
			```

			`### Client Setup (Local)`

			`File: /etc/stunnel/stunnel.conf`

			```ini
			`foreground = yes`
			`client = yes`

			`[openvpn]`
			`accept = 127.0.0.1:1194`
			`connect = 1.2.3.4:4911`
			```

			`> Pro Tip: Running stunnel locally is faster.`

			`### OpenVPN Setup (Partial)`

			```ini
			`# For Cloud Setup`
			`...`
			`remote 5.6.7.8 1194 tcp`
			`route 192.168.0.0 255.255.0.0 net_gateway`
			`...`
			```

			```ini
			`# For Local Setup`
			`...`
			`remote 127.0.0.1 1194 tcp`
			`route 1.2.3.4 255.255.255.255 net_gateway`
			`route 192.168.0.0 255.255.0.0 net_gateway`
			`....`
			```

fix icon 2016-07-11 07:57:48 +02:00			`[1]: https://www.stunnel.org/index.html`