The aim of this project is to have a small Debian stable-based Docker container
providing an OpenVPN server with the same limitations and settings the
openvpn-server@.service uses.
The container does not include a CA environment. The necessary CA is maintained elsewhere. The configuration and the certificates and files, necessary to run the server, are expected to be copied into the configuration directory via a bind mount ot named volume.
The project's Dockerfile contains the instructions to build the
image, while the docker-compose.yml file contains a few
build instructions, but mainly the directives to run
the docker container.
The tun device is not created, but mapped into
the container!
The configuration of sysctl is also done via
docker-compose.yml.
The file ta.key must be created. If this file does not exist when starting
the container, it will be created, but requires /etc/openvpn to be mounted
read-write. For normal operations, though, this directory should be
read-only.
The image can be found at https://hub.docker.com/r/dleidert/docker-openvpn-server.