Skip to content

Latest commit

 

History

History
43 lines (28 loc) · 1.94 KB

systemd.md

File metadata and controls

43 lines (28 loc) · 1.94 KB

Docker + OpenVPN systemd Service

The systemd service aims to make the update and invocation of the docker-openvpn container seamless. It automatically downloads the latest docker-openvpn image and instantiates a Docker container with that image. At shutdown it cleans-up the old container.

In the event the service dies (crashes, or is killed) systemd will attempt to restart the service every 10 seconds until the service is stopped with systemctl stop docker-openvpn@NAME.service.

A number of IPv6 hacks are incorporated to workaround Docker shortcomings and are harmless for those not using IPv6.

To use and enable automatic start by systemd:

  1. Create a Docker volume container named ovpn-data-NAME where NAME is the user's choice to describe the use of the container. In this example configuration, NAME=example.

     OVPN_DATA="ovpn-data-example"
     docker volume create --name $OVPN_DATA
    
  2. Initialize the data container, but don't start the container :

    docker run -v $OVPN_DATA:/etc/openvpn --rm registry.gitlab.com/ix.ai/openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM
    docker run -v $OVPN_DATA:/etc/openvpn --rm -it registry.gitlab.com/ix.ai/openvpn ovpn_initpki
    
  3. Download the docker-openvpn@.service file to /etc/systemd/system:

     curl -L https://raw.githubusercontent.com/registry.gitlab.com/ix.ai/docker-openvpn/master/init/docker-openvpn%40.service | sudo tee /etc/systemd/system/docker-openvpn@.service
    
  4. Enable and start the service with:

     systemctl enable --now docker-openvpn@example.service
    
  5. Verify service start-up with:

     systemctl status docker-openvpn@example.service
     journalctl --unit docker-openvpn@example.service
    

For more information, see the systemd manual pages.