Public | Automated Build

Last pushed: a month ago
Short Description
router for openvpn networks
Full Description



You'll need an uplink network, for OpenVPN to tunnel through, created somewhat

docker network create net_uplink

but any named Docker network that can connect to the internet should do.

You'll also need an internal network set up a bit more carefully:

docker network create net_vpn \
  -o \
  -o \
  --subnet= --gateway= \
  --aux-address DefaultGatewayIPv4=

This creates a bridge network but disables communication to other Docker
containers via the gateway IP ( on the Docker host. It also uses the
secret DefaultGatewayIPv4 option that works on bridge networks to set the
default route to something other than the Docker host's gateway IP.

Finally, the router:

docker create --name router --cap-add NET_ADMIN \
  -v /path/to/openvpn.conf:/data/openvpn.conf:ro \
  -v /path/to/keys/maybe:/data/keys:ro \
  -v /var/run/docker.sock:/var/run/docker.sock:ro \
  jonnrb/router_openvpn -logtostderr -v 2 \
  -create_tun vpntun -docker.uplink_interface vpntun \
  -docker.lan_network net_vpn

docker network connect net_uplink router
docker network connect net_vpn router

docker start -a router

Your openvpn.conf will need to reference the tunnel vpntun or you can live
on the edge and change the name given to -create_tun and

(The container needs CAP_NET_ADMIN for iptables and the raw sockets ping used
for the healthcheck.)

Docker Pull Command
Source Repository