|
@ -531,17 +531,17 @@ body.book #toc,body.book #preamble,body.book h1.sect0,body.book .sect1>h2{page-b |
|
|
<div class="title">create-vpn.sh</div> |
|
|
<div class="title">create-vpn.sh</div> |
|
|
<div class="content"> |
|
|
<div class="content"> |
|
|
<pre class="highlight"><code class="language-bash" data-lang="bash">#!/bin/bash |
|
|
<pre class="highlight"><code class="language-bash" data-lang="bash">#!/bin/bash |
|
|
IP=127.0.0.1 # Server IP |
|
|
IP=127.0.0.1 # Server IP <i class="conum" data-value="1"></i><b>(1)</b> |
|
|
P=1194 # Server Port |
|
|
P=1194 # Server Port <i class="conum" data-value="2"></i><b>(2)</b> |
|
|
OVPN_SERVER='10.80.0.0/16' # VPN Network |
|
|
OVPN_SERVER='10.80.0.0/16' # VPN Network <i class="conum" data-value="3"></i><b>(3)</b> |
|
|
|
|
|
|
|
|
#vpn_data=/var/lib/swarmlab/openvpn/openvpn-services/ # Dir to save data ** this must exist ** |
|
|
#vpn_data=/var/lib/swarmlab/openvpn/openvpn-services/ # Dir to save data ** this must exist ** |
|
|
vpn_data=$PWD/openvpn-services/ |
|
|
vpn_data=$PWD/openvpn-services/ <i class="conum" data-value="4"></i><b>(4)</b> |
|
|
if [ ! -d $vpn_data ]; then |
|
|
if [ ! -d $vpn_data ]; then |
|
|
mkdir -p $vpn_data |
|
|
mkdir -p $vpn_data |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
NAME=swarmlab-vpn-services # name of docker service |
|
|
NAME=swarmlab-vpn-services # name of docker service <i class="conum" data-value="5"></i><b>(5)</b> |
|
|
DOCKERnetwork=swarmlab-vpn-services-network # docker network |
|
|
DOCKERnetwork=swarmlab-vpn-services-network # docker network |
|
|
docker=registry.vlabs.uniwa.gr:5080/myownvpn # docker image |
|
|
docker=registry.vlabs.uniwa.gr:5080/myownvpn # docker image |
|
|
|
|
|
|
|
@ -561,17 +561,17 @@ docker network create --attachable=true --driver=bridge --subnet=172.50.0.0/16 - |
|
|
|
|
|
|
|
|
#run container see ovpn_genconfig |
|
|
#run container see ovpn_genconfig |
|
|
docker run --net=none -it -v $vpn_data:/etc/openvpn -p 1194:1194 --rm $docker ovpn_genconfig -u udp://$IP:1194 \ |
|
|
docker run --net=none -it -v $vpn_data:/etc/openvpn -p 1194:1194 --rm $docker ovpn_genconfig -u udp://$IP:1194 \ |
|
|
-N -d -c -p "route 172.50.20.0 255.255.255.0" -e "topology subnet" -s $OVPN_SERVER |
|
|
-N -d -c -p "route 172.50.20.0 255.255.255.0" -e "topology subnet" -s $OVPN_SERVER <i class="conum" data-value="6"></i><b>(6)</b> |
|
|
|
|
|
|
|
|
# create pki see ovpn_initpki |
|
|
# create pki see ovpn_initpki |
|
|
docker run --net=none -v $vpn_data:/etc/openvpn --rm -it $docker ovpn_initpki |
|
|
docker run --net=none -v $vpn_data:/etc/openvpn --rm -it $docker ovpn_initpki <i class="conum" data-value="7"></i><b>(7)</b> |
|
|
|
|
|
|
|
|
# see ovpn_copy_server_files |
|
|
# see ovpn_copy_server_files |
|
|
#docker run --net=none -v $vpn_data:/etc/openvpn --rm $docker ovpn_copy_server_files |
|
|
#docker run --net=none -v $vpn_data:/etc/openvpn --rm $docker ovpn_copy_server_files |
|
|
|
|
|
|
|
|
#create vpn see --cap-add=NET_ADMIN |
|
|
#create vpn see --cap-add=NET_ADMIN |
|
|
sleep 1 |
|
|
sleep 1 |
|
|
docker run --detach --name $NAME -v $vpn_data:/etc/openvpn --net=$DOCKERnetwork --ip=172.50.0.2 -p $P:1194/udp --cap-add=NET_ADMIN $docker |
|
|
docker run --detach --name $NAME -v $vpn_data:/etc/openvpn --net=$DOCKERnetwork --ip=172.50.0.2 -p $P:1194/udp --cap-add=NET_ADMIN $docker <i class="conum" data-value="8"></i><b>(8)</b> |
|
|
|
|
|
|
|
|
sudo sysctl -w net.ipv4.ip_forward=1 |
|
|
sudo sysctl -w net.ipv4.ip_forward=1 |
|
|
|
|
|
|
|
@ -579,6 +579,42 @@ sudo sysctl -w net.ipv4.ip_forward=1 |
|
|
docker ps</code></pre> |
|
|
docker ps</code></pre> |
|
|
</div> |
|
|
</div> |
|
|
</div> |
|
|
</div> |
|
|
|
|
|
<div class="colist arabic"> |
|
|
|
|
|
<table> |
|
|
|
|
|
<tr> |
|
|
|
|
|
<td><i class="conum" data-value="1"></i><b>1</b></td> |
|
|
|
|
|
<td><strong>localhost</strong> inside of a container will resolve to the network stack of this container</td> |
|
|
|
|
|
</tr> |
|
|
|
|
|
<tr> |
|
|
|
|
|
<td><i class="conum" data-value="2"></i><b>2</b></td> |
|
|
|
|
|
<td>Port</td> |
|
|
|
|
|
</tr> |
|
|
|
|
|
<tr> |
|
|
|
|
|
<td><i class="conum" data-value="3"></i><b>3</b></td> |
|
|
|
|
|
<td>Specify Addresses and Netmasks for VPN Clients</td> |
|
|
|
|
|
</tr> |
|
|
|
|
|
<tr> |
|
|
|
|
|
<td><i class="conum" data-value="4"></i><b>4</b></td> |
|
|
|
|
|
<td>Directory to mount data</td> |
|
|
|
|
|
</tr> |
|
|
|
|
|
<tr> |
|
|
|
|
|
<td><i class="conum" data-value="5"></i><b>5</b></td> |
|
|
|
|
|
<td>Name of docker services</td> |
|
|
|
|
|
</tr> |
|
|
|
|
|
<tr> |
|
|
|
|
|
<td><i class="conum" data-value="6"></i><b>6</b></td> |
|
|
|
|
|
<td>Create config</td> |
|
|
|
|
|
</tr> |
|
|
|
|
|
<tr> |
|
|
|
|
|
<td><i class="conum" data-value="7"></i><b>7</b></td> |
|
|
|
|
|
<td>keys</td> |
|
|
|
|
|
</tr> |
|
|
|
|
|
<tr> |
|
|
|
|
|
<td><i class="conum" data-value="8"></i><b>8</b></td> |
|
|
|
|
|
<td>Run docker vpn service</td> |
|
|
|
|
|
</tr> |
|
|
|
|
|
</table> |
|
|
|
|
|
</div> |
|
|
</div> |
|
|
</div> |
|
|
</div> |
|
|
</div> |
|
|
<div class="sect1"> |
|
|
<div class="sect1"> |
|
@ -699,7 +735,7 @@ the path is made by walking.</p> |
|
|
</div> |
|
|
</div> |
|
|
<div id="footer"> |
|
|
<div id="footer"> |
|
|
<div id="footer-text"> |
|
|
<div id="footer-text"> |
|
|
Last updated 2020-12-08 20:34:28 UTC |
|
|
Last updated 2020-12-08 21:19:15 UTC |
|
|
</div> |
|
|
</div> |
|
|
</div> |
|
|
</div> |
|
|
</body> |
|
|
</body> |
|
|