Skip to content

Commit

Permalink
9668 (#57)
Browse files Browse the repository at this point in the history
* Create CONTRIBUTORS.txt

* Update Dockerfile

* Update Dockerfile.alpine

* Update Dockerfile.debian

* Rename CONTRIBUTORS.txt to CONTRIBUTORS

* Update Dockerfile

* Update Dockerfile.alpine

* Update Dockerfile.debian

* CHORE(centos): 4.27-9668-beta

* CHORE(alpine): 4.27-9668-beta

* CHORE(debian): 4.27-9668-beta

* FIX(debian): add libssl to runtime

* FEAT(ubuntu): ubuntu:18.04 based

* TEST(ubuntu): expand travis ci to :ubuntu

* DOCS(all): Configurations section

closes #56

* DOCS(all): fix table
  • Loading branch information
siomiz authored Aug 21, 2018
1 parent f590100 commit 99c4b0d
Show file tree
Hide file tree
Showing 7 changed files with 120 additions and 25 deletions.
17 changes: 14 additions & 3 deletions .travis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,14 +5,16 @@ jobs:
include:
- stage: Docker Build
script:
- docker build .
- docker build -f Dockerfile .
- script:
- docker build -f Dockerfile.alpine .
- script:
- docker build -f Dockerfile.debian .
- script:
- docker build -f Dockerfile.ubuntu .
- stage: Test
script:
- docker build -t softethervpn .
- docker build -t softethervpn -f Dockerfile .
- docker run softethervpn echo "[Travis CI OK]"
- script:
- docker build -t softethervpn-alpine -f Dockerfile.alpine .
Expand All @@ -21,7 +23,10 @@ jobs:
- docker build -t softethervpn-debian -f Dockerfile.debian .
- docker run softethervpn-debian echo "[Travis CI OK]"
- script:
- docker build -t softethervpn .
- docker build -t softethervpn-ubuntu -f Dockerfile.ubuntu .
- docker run softethervpn-ubuntu echo "[Travis CI OK]"
- script:
- docker build -t softethervpn -f Dockerfile .
- docker network create --subnet 172.18.0.0/16 test-ipsec
- docker run -d --cap-add NET_ADMIN -e USERNAME=test -e PASSWORD=test --network test-ipsec --ip 172.18.0.3 softethervpn
- sudo bash tests/prepare-ipsec.sh
Expand All @@ -38,3 +43,9 @@ jobs:
- docker run -d --cap-add NET_ADMIN -e USERNAME=test -e PASSWORD=test --network test-ipsec --ip 172.18.0.3 softethervpn-debian
- sudo bash tests/prepare-ipsec.sh
- sudo bash tests/test-ipsec.sh
- script:
- docker build -t softethervpn-ubuntu -f Dockerfile.ubuntu .
- docker network create --subnet 172.18.0.0/16 test-ipsec
- docker run -d --cap-add NET_ADMIN -e USERNAME=test -e PASSWORD=test --network test-ipsec --ip 172.18.0.3 softethervpn-ubuntu
- sudo bash tests/prepare-ipsec.sh
- sudo bash tests/test-ipsec.sh
5 changes: 5 additions & 0 deletions CONTRIBUTORS
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Ian Neubert <github.com/ianneub>
Ky-Anh Huynh <github.com/icy>
Max Kuchin <mkuchin@gmail.com>
maltalex <github.com/maltalex>
Dmitri Gopkalo <github.com/drefixs>
6 changes: 3 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
FROM alpine:3.7 as prep

LABEL maintainer="Tomohisa Kusano <siomiz@gmail.com>" \
contributors="Ian Neubert <github.com/ianneub>; Ky-Anh Huynh <github.com/icy>; Max Kuchin <mkuchin@gmail.com>; maltalex <github.com/maltalex>"
contributors="See CONTRIBUTORS file <https://github.com/siomiz/SoftEtherVPN/blob/master/CONTRIBUTORS>"

ENV BUILD_VERSION=4.25-9656-rtm \
SHA256_SUM=c5a1791d69dc6d1c53fb574a3ce709707338520be797acbeac0a631c96c68330
ENV BUILD_VERSION=4.27-9668-beta \
SHA256_SUM=85cf84202e09b9efb1948929e99a08041152d7cb812a5761db200b7cd560e573

RUN wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/archive/v${BUILD_VERSION}.tar.gz \
&& echo "${SHA256_SUM} v${BUILD_VERSION}.tar.gz" | sha256sum -c \
Expand Down
6 changes: 3 additions & 3 deletions Dockerfile.alpine
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
FROM alpine:3.7 as prep

LABEL maintainer="Tomohisa Kusano <siomiz@gmail.com>" \
contributors="Ian Neubert <github.com/ianneub>; Ky-Anh Huynh <github.com/icy>; Max Kuchin <mkuchin@gmail.com>; maltalex <github.com/maltalex>"
contributors="See CONTRIBUTORS file <https://github.com/siomiz/SoftEtherVPN/blob/master/CONTRIBUTORS>"

ENV BUILD_VERSION=4.25-9656-rtm \
SHA256_SUM=c5a1791d69dc6d1c53fb574a3ce709707338520be797acbeac0a631c96c68330
ENV BUILD_VERSION=4.27-9668-beta \
SHA256_SUM=85cf84202e09b9efb1948929e99a08041152d7cb812a5761db200b7cd560e573

RUN wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/archive/v${BUILD_VERSION}.tar.gz \
&& echo "${SHA256_SUM} v${BUILD_VERSION}.tar.gz" | sha256sum -c \
Expand Down
19 changes: 8 additions & 11 deletions Dockerfile.debian
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
FROM alpine:3.7 as prep

LABEL maintainer="Tomohisa Kusano <siomiz@gmail.com>" \
contributors="Ian Neubert <github.com/ianneub>; Ky-Anh Huynh <github.com/icy>; Max Kuchin <mkuchin@gmail.com>; maltalex <github.com/maltalex>"
contributors="See CONTRIBUTORS file <https://github.com/siomiz/SoftEtherVPN/blob/master/CONTRIBUTORS>"

ENV BUILD_VERSION=4.25-9656-rtm \
SHA256_SUM=c5a1791d69dc6d1c53fb574a3ce709707338520be797acbeac0a631c96c68330
ENV BUILD_VERSION=4.27-9668-beta \
SHA256_SUM=85cf84202e09b9efb1948929e99a08041152d7cb812a5761db200b7cd560e573

RUN wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/archive/v${BUILD_VERSION}.tar.gz \
&& echo "${SHA256_SUM} v${BUILD_VERSION}.tar.gz" | sha256sum -c \
Expand All @@ -23,19 +23,17 @@ RUN apt-get update \
libncurses5-dev \
libreadline7 \
libreadline-dev \
libssl1.1 \
libssl-dev \
wget \
zlib1g \
zlib1g-dev \
zip \
&& wget http://http.us.debian.org/debian/pool/main/o/openssl/libssl1.1_1.1.0h-2_amd64.deb \
&& wget http://http.us.debian.org/debian/pool/main/o/openssl/libssl-dev_1.1.0h-2_amd64.deb \
&& dpkg -i /libssl1.1_1.1.0h-2_amd64.deb /libssl-dev_1.1.0h-2_amd64.deb \
&& apt-get install -f \
&& cd /usr/local/src/SoftEtherVPN_Stable-* \
&& ./configure \
&& make \
&& make install \
&& zip -r9 /artifacts.zip /usr/vpn* /usr/bin/vpn* /libssl1.1_1.1.0h-2_amd64.deb
&& zip -r9 /artifacts.zip /usr/vpn* /usr/bin/vpn*

FROM debian:9-slim

Expand All @@ -47,15 +45,14 @@ RUN apt-get update \
&& apt-get install -y --no-install-recommends \
libncurses5 \
libreadline7 \
libssl1.1 \
iptables \
unzip \
zlib1g \
&& unzip -o /artifacts.zip -d / \
&& dpkg -i /libssl1.1_1.1.0h-2_amd64.deb \
&& apt-get install -f \
&& rm -rf /var/lib/apt/lists/* \
&& chmod +x /entrypoint.sh /gencert.sh \
&& rm /artifacts.zip /libssl1.1_1.1.0h-2_amd64.deb \
&& rm /artifacts.zip \
&& rm -rf /opt \
&& ln -s /usr/vpnserver /opt \
&& find /usr/bin/vpn* -type f ! -name vpnserver \
Expand Down
69 changes: 69 additions & 0 deletions Dockerfile.ubuntu
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
FROM alpine:3.7 as prep

LABEL maintainer="Tomohisa Kusano <siomiz@gmail.com>" \
contributors="See CONTRIBUTORS file <https://github.com/siomiz/SoftEtherVPN/blob/master/CONTRIBUTORS>"

ENV BUILD_VERSION=4.27-9668-beta \
SHA256_SUM=85cf84202e09b9efb1948929e99a08041152d7cb812a5761db200b7cd560e573

RUN wget https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/archive/v${BUILD_VERSION}.tar.gz \
&& echo "${SHA256_SUM} v${BUILD_VERSION}.tar.gz" | sha256sum -c \
&& mkdir -p /usr/local/src \
&& tar -x -C /usr/local/src/ -f v${BUILD_VERSION}.tar.gz \
&& rm v${BUILD_VERSION}.tar.gz

FROM ubuntu:18.04 as build

COPY --from=prep /usr/local/src /usr/local/src

RUN apt-get update \
&& apt-get install -y --no-install-recommends \
build-essential \
libncurses5 \
libncurses5-dev \
libreadline7 \
libreadline-dev \
libssl1.1 \
libssl-dev \
wget \
zlib1g \
zlib1g-dev \
zip \
&& cd /usr/local/src/SoftEtherVPN_Stable-* \
&& ./configure \
&& make \
&& make install \
&& zip -r9 /artifacts.zip /usr/vpn* /usr/bin/vpn*

FROM ubuntu:18.04

COPY --from=build /artifacts.zip /

COPY copyables /

RUN apt-get update \
&& apt-get install -y --no-install-recommends \
libncurses5 \
libreadline7 \
libssl1.1 \
iptables \
unzip \
zlib1g \
&& unzip -o /artifacts.zip -d / \
&& rm -rf /var/lib/apt/lists/* \
&& chmod +x /entrypoint.sh /gencert.sh \
&& rm /artifacts.zip \
&& rm -rf /opt \
&& ln -s /usr/vpnserver /opt \
&& find /usr/bin/vpn* -type f ! -name vpnserver \
-exec bash -c 'ln -s {} /opt/$(basename {})' \;

WORKDIR /usr/vpnserver/

VOLUME ["/usr/vpnserver/server_log/"]

ENTRYPOINT ["/entrypoint.sh"]

EXPOSE 500/udp 4500/udp 1701/tcp 1194/udp 5555/tcp 443/tcp

CMD ["/usr/bin/vpnserver", "execsvc"]
23 changes: 18 additions & 5 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,12 @@
<sup>*</sup> "Simple" as in no configuration parameter is needed for a single-user SecureNAT setup.

## Image Tags
Base OS Image | Latest Stable ([v4.25-9656-rtm](https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/tree/v4.25-9656-rtm))
------------- | --
`centos:7` | **`:latest`**, `:9656`, `:4.25`, `:centos`, `:9656-centos`, `4.25-centos`
`debian:9-slim` | `:debian`, `:9656-debian`, `:4.25-debian`
`alpine:3.7` | `:alpine`, `:9656-alpine`, `:4.25-alpine`
Base OS Image | Latest Stable ([v4.27-9668-beta](https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/tree/v4.27-9668-beta)) | [v4.25-9656-rtm](https://github.com/SoftEtherVPN/SoftEtherVPN_Stable/tree/v4.25-9656-rtm)
------------- | -- | --
`centos:7` | **`:latest`**, `:centos`, `:9668`, `:4.27`, `:9668-centos`, `:4.27-centos` | `:9656`, `:4.25`, `:9656-centos`, `4.25-centos`
`debian:9-slim` | `:debian`, `:9668-debian`, `:4.27-debian` | `:9656-debian`, `:4.25-debian`
`alpine:3.7` | `:alpine`, `:9668-alpine`, `:4.27-alpine` | `:9656-alpine`, `:4.25-alpine`
`ubuntu:18.04` | `:ubuntu`, `:9668-ubuntu`, `:4.27-ubuntu` | -

## Setup
- L2TP/IPSec PSK + OpenVPN
Expand Down Expand Up @@ -57,6 +58,18 @@ Dots (.) are part of the password. Password will not be logged if specified via

If you specify credentials using environment variables (`-e`), they may be revealed via the process list on host (ex. `ps(1)` command) or `docker inspect` command. It is recommended to mount an already-configured SoftEther VPN config file at `/opt/vpn_server.config`, which contains hashed passwords rather than raw ones. The initial setup will be skipped if this file exists at runtime (in entrypoint script). You can obtain this file from a running container using [`docker cp` command](https://docs.docker.com/engine/reference/commandline/cp/).

## Configurations ##

To make the server configurations persistent beyond the container lifecycle (i.e. to make the config survive a restart), mount a complete config file at `/usr/vpnserver/vpn_server.config`. If this file is mounted the initial setup will be skipped.
To obtain a config file template, `docker run` the initial setup with Server & Hub passwords, then `docker cp` out the config file:

$ docker run --name vpnconf -e SPW=<serverpw> -e HPW=<hubpw> siomiz/softethervpn echo
$ docker cp vpnconf:/usr/vpnserver/vpn_server.config /path/to/vpn_server.config
$ docker rm vpnconf
$ docker run ... -v /path/to/vpn_server.config:/usr/vpnserver/vpn_server.config siomiz/softethervpn

Refer to [SoftEther VPN Server Administration manual](https://www.softether.org/4-docs/1-manual/3._SoftEther_VPN_Server_Manual/3.3_VPN_Server_Administration) for more information.

## Server & Hub Management Commands ##

Management commands can be executed just before the server & hub admin passwords are set via:
Expand Down

0 comments on commit 99c4b0d

Please sign in to comment.