update openvpn-arm

2024-11-24 08:52:31 +02:00 · 2016-07-12 15:23:52 +08:00 · 2016-07-12 15:23:52 +08:00 · 9e6788ec23
commit 9e6788ec23
parent 24868b4a5e
4 changed files with 79 additions and 11 deletions
--- a/openvpn/arm/README.md
+++ b/openvpn/arm/README.md
@ -0,0 +1,57 @@
+openvpn
+=======
+
+Setup OpenVPN on Raspberry Pi.
+
+## docker-compose.yml
+
+```yaml
+stunnel:
+  image: easypi/stunnel-arm
+  ports:
+    - "1194:1194"
+  environment:
+    - CLIENT=yes
+    - SERVICE=openvpn
+    - ACCEPT=0.0.0.0:1194
+    - CONNECT=server:4911
+  extra_hosts:
+    - server:1.2.3.4
+  restart: always
+
+openvpn:
+  image: easypi/openvpn-arm
+  command: --config pi.ovpn
+  volumes:
+    - ./data:/etc/openvpn
+  net: host
+  privileged: yes
+  restart: always
+
+dnsmasq:
+  image: easypi/dnsmasq-arm
+  volumes:
+    - ./data/dnsmasq.conf:/etc/dnsmasq.d/dnsmasq.conf
+  cap_add:
+    - NET_ADMIN
+  net: host
+  restart: always
+```
+
+## up and running
+
+```bash
+$ echo 'net.ipv4.ip_forward=1' > /etc/sysctl.d/local.conf
+$ sysctl -p /etc/sysctl.d/local.conf
+
+$ iptables -t nat -A POSTROUTING -s 192.168.31.0/24 -o tun0 -j MASQUERADE
+$ iptables-save -t nat | grep -vi docker > /etc/iptables/iptables.rules
+$ systemctl enable iptables
+
+$ docker-compose up -d stunnel # 1st
+$ docker-compose up -d openvpn # 2nd
+$ docker-compose up -d dnsmasq # 3rd
+$ docker-compose logs -f
+```
+
+> :warning: The order of execution is very important!
--- a/openvpn/arm/data/dnsmasq.conf
+++ b/openvpn/arm/data/dnsmasq.conf
@ -5,5 +5,5 @@ cache-size=10000
 server=8.8.8.8#53
 server=8.8.4.4#53
 dhcp-range=192.168.31.10,192.168.31.20,1h
-dhcp-option=3,192.168.31.1
-dhcp-option=6,192.168.31.1
+#dhcp-option=3,192.168.31.1
+#dhcp-option=6,192.168.31.1
--- a/openvpn/arm/data/wlan0.network
+++ b/openvpn/arm/data/wlan0.network
@ -0,0 +1,11 @@
+# /etc/systemd/network/wlan0.network
+
+[Match]
+Name=wlan0
+
+[Network]
+Address=192.168.31.111/24
+Gateway=192.168.31.1
+DNS=8.8.8.8
+DNS=8.8.4.4
+IPForward=yes
--- a/openvpn/arm/docker-compose.yml
+++ b/openvpn/arm/docker-compose.yml
@ -1,12 +1,3 @@
-openvpn:
-  image: easypi/openvpn-arm
-  command: --config pi.ovpn
-  volumes:
-    - ./data:/etc/openvpn
-  net: host
-  privileged: yes
-  restart: always
-
 stunnel:
  image: easypi/stunnel-arm
  ports:
@ -20,6 +11,15 @@ stunnel:
    - server:1.2.3.4
  restart: always

+openvpn:
+  image: easypi/openvpn-arm
+  command: --config pi.ovpn
+  volumes:
+    - ./data:/etc/openvpn
+  net: host
+  privileged: yes
+  restart: always
+
 dnsmasq:
  image: easypi/dnsmasq-arm
  volumes: