1
0
mirror of https://github.com/vimagick/dockerfiles.git synced 2025-01-22 05:09:36 +02:00

stunnel

Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs' code.

Overview

domain ip:port country services
master 1.2.3.4:4911 Japan openvpn-server, stunnel-server
bridge 5.6.7.8:1194 China stunnel-client
N/A 192.168/16 China openvpn-client

docker-compose.yml

# In Japan
master:
  image: vimagick/stunnel
  ports:
    - "4911:4911"
  environment:
    - CLIENT=no
    - SERVICE=openvpn
    - ACCEPT=0.0.0.0:4911
    - CONNECT=server:1194
  external_links:
    - openvpn_server_1:server
  restart: always

# In China
bridge:
  image: vimagick/stunnel
  ports:
    - "1194:1194"
  environment:
    - CLIENT=yes
    - SERVICE=openvpn
    - ACCEPT=0.0.0.0:1194
    - CONNECT=server:4911
  extra_hosts:
    - server:1.2.3.4
  restart: always

Server Setup (Cloud)

# master server (Japan)
docker-compose up -d master

Client Setup (Cloud)

# bridge server (China)
docker-compose up -d bridge

Client Setup (Local)

File: /etc/stunnel/stunnel.conf

foreground = yes
client = yes

[openvpn]
accept = 127.0.0.1:1194
connect = 1.2.3.4:4911

Pro Tip: Running stunnel locally is faster.

OpenVPN Setup (Partial)

# For Cloud Setup
...
remote 5.6.7.8 1194 tcp
route 192.168.0.0 255.255.0.0 net_gateway
...
# For Local Setup
...
remote 127.0.0.1 1194 tcp
route 1.2.3.4 255.255.255.255 net_gateway
route 192.168.0.0 255.255.0.0 net_gateway
....