OpenVPN

gen-client-cert.sh

#!/bin/bash
echo "$# arguments"
if [ $# -ne 1 ]; then 
	echo "illegal number of parameters"
	exit -1
fi

# Generate a client certificate
export CLIENTNAME="$1"

echo $CLIENTNAME
# with a passphrase (recommended)
docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME
# without a passphrase (not recommended)
# docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME nopass
# Retrieve the client configuration with embedded certificates
docker-compose run --rm openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn
echo "Complete"

setup-tokyo-openvpn.sh

#!/bin/bash
export SERVERNAME="tokyo.sunpi.co"
export CLIENTNAME="tokyo"

docker-compose run --rm openvpn ovpn_genconfig -u udp://$SERVERNAME
docker-compose run --rm openvpn ovpn_initpki

# Fix ownership (depending on how to handle your backups, this may not be needed)
sudo chown -R $(whoami): ./openvpn-data

# Start OpenVPN server process
docker-compose up -d openvpn

# You can access the container logs with
docker-compose logs -f

# Generate a client certificate
# with a passphrase (recommended)
docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME
# without a passphrase (not recommended)
# docker-compose run --rm openvpn easyrsa build-client-full $CLIENTNAME nopass

# Retrieve the client configuration with embedded certificates
docker-compose run --rm openvpn ovpn_getclient $CLIENTNAME > $CLIENTNAME.ovpn