Pi OpenVPN is a lightweight Dockerised OpenVPN server designed for Raspberry Pi and other systems. It simplifies the setup processs of an OpenVPN server, allowing secure connections and client management. This project was created to address the lack of maintained OpenVPN Docker solutions for Raspberry Pi, ensuring a reliable and customisable option for users. This project is currently in development, with additional features planned for future releases.
- Docker: To containerise the OpenVPN server.
- Docker Compose: For orchestrating container deployment.
- EasyRSA: For managing PKI and certificate generation.
- Bash Scripting: For automating key generation and server initialisation.
Below is a description of the files and how they work together:
- Builds the Docker image for the OpenVPN server.
- Installs required dependencies such as OpenVPN and EasyRSA.
- Sets up directories and permissions for certificates and configurations.
- Copies
gen-keys.sh
,entrypoint.sh
, andserver.conf
into the container.
- A Bash script that:
- Initialise the PKI using EasyRSA.
- Generates the Certificate Authority (CA) and server/client certificates.
- Creates HMAC keys for TLS authentication. Copies all necessary keys and certificates to the appropriate directories.
- The entry point for the container.
- Executes the
gen-key.sh
script to generate or verify keys/certificates. - Copies the sample
server.conf
to the appropriate directory. - Starts the OpenVPN server with the provided configuration.
- The sample OpenVPN server configuration file.
- Key settings include:
port 1194
andproto udp4
: OpenVPN listens on UDP port 1194.dev tun
: Enables tunneling for secure traffic.ca
,cert
,key
,dh
: Paths to certificates and keys used for encryption and authentication.push
options: Pushes network configurations (e.g., DNS and routing) to clients.tls-auth
: Protects against DoS attacks.data-ciphers
: Specifies supported encryption algorithms for secure communication.
Note: This is a sample server.conf
. Future updates will allow users to specify their own server.conf.
- Defines the container's configuration and network settings for deployment.
- Maps necessary ports and devices to enable VPN functionality.
- Uses environment variables for customisation (e.g., VPN name).
git clone https://github.com/Cyrof/pi-openvpn.git
cd pi-openvpn
Replace <name>
with your preferred image name:
docker build -t <name> .
Run the following command to start the OpenVPN server using Docker Compose:
docker-compose -f start-openvpn.ymal up -d
- A sample
.ovpn
client configuration file is automatically generated when the server starts. - Use this file to connect to the VPN using an OpenVPN client.
- Supported for custom
server.conf
files. - Push pre-built Docker images to DockerHub for easier deployment.
This project is licensed under the Apache 2.0 License. See the LICENSE file for details.
Contributions are welcome! Feel free to submit a pull request or raise issues for bug fixes, feature requests, or improvements.