It would be helpful to have an OpenVPN service so that people can securely manage their home while they are away.
The openvpn-as image looks to be the easiest to use. By that I mean it has a GUI. However, it tries to modify network settings, and thus needs to be ran as net-admin. I'd rather figure out how to not require that. Alternatively, we could set up a wrapper similarly to TechnoCore-esphomeyaml-Wrapper.
I've already sketched in the OpenVPN service, but because of the net-admin requirement, it doesn't work:
openvpn:
deploy:
mode: global
restart_policy:
condition: any
image: linuxserver/openvpn-as
networks:
- web
ports:
- "943:943"
#volumes:
# - openvpn:/data
It would be helpful to have an OpenVPN service so that people can securely manage their home while they are away.
The openvpn-as image looks to be the easiest to use. By that I mean it has a GUI. However, it tries to modify network settings, and thus needs to be ran as net-admin. I'd rather figure out how to not require that. Alternatively, we could set up a wrapper similarly to TechnoCore-esphomeyaml-Wrapper.
I've already sketched in the OpenVPN service, but because of the net-admin requirement, it doesn't work:
It would be snazzy if TechnoCore actually operated 2 VPNs, one as tun so that phones can use it, and the other as tap so that outside computers are accessible via the internal network. Here are some links on tap/bridging: https://www.aaflalo.me/2015/01/openvpn-tap-bridge-mode/ https://wiki.archlinux.org/index.php/OpenVPN_Bridge https://n0where.net/bridging-openvpn