search

kylemanna / docker-openvpn

🔒 OpenVPN server in a Docker container complete with an EasyRSA PKI CA
https://hub.docker.com/r/kylemanna/openvpn/
MIT License
8.71k stars 2.39k forks source link

it doesn't work in Ubuntu 18.04,and I have no idea how to fix it #402

Open abcdef123ghi opened 6 years ago

abcdef123ghi commented 6 years ago

my enviroment is not Ubuntu 18.04 and docker version is 18.5 I tried the following steps,however it didn't work

$export OVPN_DATA=/home/myuser/workspace/OpenVPN_docker_community/openvpn_data

$docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://VPN.SERVER

$sudo docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki

and then I copied my own Openvpn files which are openvpn.conf to replace the openvpn.conf and PKI file to PKI folder my openvpn.conf

-------------openvpn.conf start--------------------- port 1194

proto udp dev tun server 10.0.0.0 255.255.255.0 keepalive 20 120 ca /etc/openvpn/mypki/ca.crt cert /etc/openvpn/mypki/server.crt key /etc/openvpn/mypki/server.key dh /etc/openvpn/mypki/dh1024.pem

crl-verify keys/crl.pem

tls-auth /etc/openvpn/mypki/ta.key 0 user nobody group nobody status openvpn-status.log log-append openvpn.log verb 2 mute 20 max-clients 200

management 127.0.0.1 1199

client-config-dir ccd

client-to-client persist-key persist-tun

ccd-exclusive

script-security 3 system

push "route 192.168.0.0 255.255.255.0" push "redirect-gateway def1"

push "dhcp-option DNS 8.8.8.8"

push "dhcp-option DNS 6.6.6.6"

status openvpn-status.log

comp-lzo verb 3 daemon openvpn

-------------openvpn.conf end---------------------

$ sudo docker run -v $OVPN_DATA:/etc/openvpn --rm --name openvpn -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn iptables: No chain/target/match by that name. iptables: No chain/target/match by that name. Enabling IPv6 Forwarding sysctl: error setting key 'net.ipv6.conf.all.disable_ipv6': Read-only file system Failed to enable IPv6 support sysctl: error setting key 'net.ipv6.conf.default.forwarding': Read-only file system Failed to enable IPv6 Forwarding default sysctl: error setting key 'net.ipv6.conf.all.forwarding': Read-only file system Failed to enable IPv6 Forwarding

and I tried $ sudo cat openvpn.log Fri Jun 15 00:55:45 2018 OpenVPN 2.4.4 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 9 2017 Fri Jun 15 00:55:45 2018 library versions: LibreSSL 2.6.3, LZO 2.10

I have no idea what wrong I have done,I tired to disabled ipv6 ,and afterward it didn't work as well

mathieu-aubin commented 6 years ago

in my opinion, docker isn't able to change the configuration file /etc/sysctl.conf That file usually is where such things as net.ipv6.conf.all.disable_ipv6 and other are located.

you need to make sure the file has the correct permissions to allow docker to edit it (i suppose -- i'm not docker litterate really)

When you decide to run docker with sudo, stick to it -- don't run one docker command with and the other without. Try and see if that does anything.

Also, make sure your configuration files are existing before you start the container (have a backup, just in case, who knows)

hope it helps

edit: typo

victor23d commented 5 years ago

It does work in Ubuntu 18.04 Bionic Beaver, I have tested on both ubuntu18 server and ubuntu18 client proved successful result. Just go through the basic docs, no additional configuration needed. So it doesn't matter with Ubuntu18.

abcdef123ghi commented 5 years ago

thanks

shaunstoltz commented 5 years ago

Agreed, this dosnt work. Basic default install and it just dosnt work. I think this only works on a totally fresh install, maybe only fit for a dropplet or something similar, but this isnt ready for prime time at all.