Previously:
I installed Docker CE on Ubuntu 16.04, but the method described would work on most versions of Linux.
Creating an OpenVPN-AS container:
For this part, I’m going to be posting the scripts and dockerfile that I wrote to create my OpenVPN-AS container.
The dockerfile is a text document that instructs Docker how to build the image. I’ll be starting from a Ubuntu 16.04 build and will install the required packages, download the OpenVPN-AS package and install it, then change the openvpn user’s password. After that, I’ll open communication over the required ports, copy over my entrypoint.sh script, set it as executable, and run it.
The entrypoint.sh script is essentially a startup script for the instance that will launch OpenVPN-AS and, if required, removes files from a previously running instance of the OpenVPN services. If OpenVPN crashes, I’ll need to stop twistd.pid and then remove the file.
dockerfile:
[shell]
FROM ubuntu:16.04
MAINTAINER Thurdi "https://github.com/thurdi";
USER root
WORKDIR /
RUN apt-get update && apt-get install -y wget \
iptables \
net-tools \
psmisc && \
wget https://swupdate.openvpn.org/as/openvpn-as-2.1.12-
ubuntu16.amd_64.deb && \
dpkg -i openvpn-as-2.1.12-Ubuntu16.amd_64.deb && \
echo "openvpn:password1234" | chpasswd && \
rm -rf openvpn-as-2.1.12-Ubuntu16.amd_64.deb
COPY Build/entrypoint.sh /
RUN chmod +x /entrypoint.sh
EXPOSE 443/tcp 1194/udp 943/tcp
VOLUME ["/usr/local/openvpn_as"]
CMD ["/entrypoint.sh"]
[/shell]
entrypoint.sh:
[shell]
#!/bin/bash
# remove twisted pid
if ps -p $(cat twistd.pid) > /dev/null 2>&1
then
TMP=$(cat twistd.pid)
kill $TMP
exit 1
else
echo "no twistd.pid found"
fi
if [ -e "/twistd.pid" ]; then
rm -rf twistd.pid &>/dev/null
fi
# remove pid file if it exists
if [ -e "/var/run/openvpnas.pid" ]; then
rm -f "/var/run/openvpnas.pid" &>/dev/null
fi
#start openvpn
/usr/local/openvpn_as/scripts/openvpnas -n
[/shell]