File size: 2,870 Bytes
e6166c0 5fe6df2 e6166c0 5fe6df2 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 bd42648 e6166c0 5fe6df2 e6166c0 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 |
# docker-compose.yml for OpenVPN
version: '3.8'
services:
openvpn:
image: kylemanna/openvpn:latest
container_name: openvpn-server
cap_add:
- NET_ADMIN
ports:
- "1194:1194/udp"
volumes:
- ./openvpn-data:/etc/openvpn
restart: unless-stopped
command: ovpn_run
---
# Quick setup script (setup-openvpn.sh)
#!/bin/bash
# Replace with your server's public IP or domain
SERVER_URL="udp://YOUR_SERVER_IP:1194"
echo "🔧 Setting up OpenVPN server..."
# Initialize the configuration
docker-compose run --rm openvpn ovpn_genconfig -u $SERVER_URL
# Generate the certificate authority
docker-compose run --rm openvpn ovpn_initpki
# Start the server
docker-compose up -d
echo "✅ OpenVPN server started!"
echo "📝 To create a client certificate:"
echo " docker-compose run --rm openvpn easyrsa build-client-full CLIENTNAME nopass"
echo " docker-compose run --rm openvpn ovpn_getclient CLIENTNAME > CLIENTNAME.ovpn"
---
# Alternative: Tailscale (even simpler)
version: '3.8'
services:
tailscale:
image: tailscale/tailscale:latest
container_name: tailscale-subnet-router
hostname: docker-router
environment:
- TS_AUTHKEY=tskey-auth-your-auth-key-here
- TS_ROUTES=10.0.0.0/8,192.168.0.0/16,172.16.0.0/12
- TS_STATE_DIR=/var/lib/tailscale
volumes:
- ./tailscale-state:/var/lib/tailscale
- /dev/net/tun:/dev/net/tun
cap_add:
- NET_ADMIN
- SYS_MODULE
restart: unless-stopped
---
# Or use a ready-made VPN solution
version: '3.8'
services:
pritunl:
image: jippi/pritunl:latest
container_name: pritunl-vpn
privileged: true
sysctls:
- net.ipv6.conf.default.forwarding=1
- net.ipv6.conf.all.forwarding=1
ports:
- "80:80"
- "443:443"
- "1194:1194/udp"
volumes:
- pritunl_data:/var/lib/pritunl
- pritunl_mongodb:/var/lib/mongodb
restart: unless-stopped
volumes:
pritunl_data:
pritunl_mongodb:
---
# Simple SOCKS5 Proxy (lightest option)
version: '3.8'
services:
dante:
image: serjs/go-socks5-proxy
container_name: socks5-proxy
ports:
- "1080:1080"
environment:
- PROXY_USER=username
- PROXY_PASSWORD=password
restart: unless-stopped
---
# SSH Tunnel (if you just need simple forwarding)
version: '3.8'
services:
ssh-tunnel:
image: alpine:latest
container_name: ssh-tunnel-server
ports:
- "2222:22"
volumes:
- ./ssh-config:/etc/ssh
command: |
sh -c "
apk add --no-cache openssh &&
ssh-keygen -A &&
adduser -D -s /bin/sh tunneluser &&
echo 'tunneluser:password' | chpasswd &&
echo 'GatewayPorts yes' >> /etc/ssh/sshd_config &&
echo 'AllowTcpForwarding yes' >> /etc/ssh/sshd_config &&
/usr/sbin/sshd -D
"
restart: unless-stopped |