Add: Generation Default CRL

This commit is contained in:
Luca 2023-05-18 09:45:49 -05:00
parent fbdf22a762
commit dcae23df17
Signed by: lrullo
GPG Key ID: A04E97D8E19A58A7

View File

@ -2,30 +2,30 @@ FROM debian:stable-slim
RUN apt update && apt dist-upgrade -y RUN apt update && apt dist-upgrade -y
RUN apt install -y openvpn openvpn-auth-ldap easy-rsa RUN apt install -y openvpn openvpn-auth-ldap easy-rsa
WORKDIR /etc/openvpn WORKDIR /etc/openvpn
## Default Certificates - Not Production Use
## Documentation: https://wiki.archlinux.org/title/Easy-RSA
RUN make-cadir easy-rsa/ RUN make-cadir easy-rsa/
WORKDIR easy-rsa WORKDIR easy-rsa
COPY ./vars ./vars
RUN ./easyrsa init-pki RUN ./easyrsa init-pki
RUN export EASYRSA_BATCH=1 && ./easyrsa build-ca nopass RUN export EASYRSA_BATCH=1 && ./easyrsa build-ca nopass
RUN export EASYRSA_BATCH=1 && ./easyrsa build-server-full server nopass RUN export EASYRSA_BATCH=1 && ./easyrsa build-server-full server nopass
RUN ./easyrsa gen-dh RUN ./easyrsa gen-dh
RUN openvpn --genkey secret /etc/openvpn/server/ta.key RUN openvpn --genkey secret /etc/openvpn/server/ta.key
RUN ./easyrsa gen-crl
RUN mkdir -p /dev/net && \
mknod /dev/net/tun c 10 200 && \
chmod 600 /dev/net/tun
COPY server.conf /etc/openvpn/server.conf COPY server.conf /etc/openvpn/server.conf
ADD entrypoint.sh /entrypoint.sh ADD entrypoint.sh /entrypoint.sh
VOLUME ["/etc/openvpn"]
ENTRYPOINT ["/entrypoint.sh"] ENTRYPOINT ["/entrypoint.sh"]
CMD ["openvpn","/etc/openvpn/server.conf"] CMD ["openvpn","/etc/openvpn/server.conf"]