Add: Generation Default CRL
This commit is contained in:
parent
fbdf22a762
commit
dcae23df17
14
Dockerfile
14
Dockerfile
@ -2,30 +2,30 @@ FROM debian:stable-slim
|
|||||||
|
|
||||||
RUN apt update && apt dist-upgrade -y
|
RUN apt update && apt dist-upgrade -y
|
||||||
|
|
||||||
RUN apt install -y openvpn openvpn-auth-ldap easy-rsa
|
RUN apt install -y openvpn openvpn-auth-ldap easy-rsa
|
||||||
|
|
||||||
WORKDIR /etc/openvpn
|
WORKDIR /etc/openvpn
|
||||||
|
|
||||||
|
## Default Certificates - Not Production Use
|
||||||
|
## Documentation: https://wiki.archlinux.org/title/Easy-RSA
|
||||||
|
|
||||||
RUN make-cadir easy-rsa/
|
RUN make-cadir easy-rsa/
|
||||||
|
|
||||||
WORKDIR easy-rsa
|
WORKDIR easy-rsa
|
||||||
|
|
||||||
COPY ./vars ./vars
|
|
||||||
RUN ./easyrsa init-pki
|
RUN ./easyrsa init-pki
|
||||||
RUN export EASYRSA_BATCH=1 && ./easyrsa build-ca nopass
|
RUN export EASYRSA_BATCH=1 && ./easyrsa build-ca nopass
|
||||||
RUN export EASYRSA_BATCH=1 && ./easyrsa build-server-full server nopass
|
RUN export EASYRSA_BATCH=1 && ./easyrsa build-server-full server nopass
|
||||||
RUN ./easyrsa gen-dh
|
RUN ./easyrsa gen-dh
|
||||||
RUN openvpn --genkey secret /etc/openvpn/server/ta.key
|
RUN openvpn --genkey secret /etc/openvpn/server/ta.key
|
||||||
|
RUN ./easyrsa gen-crl
|
||||||
RUN mkdir -p /dev/net && \
|
|
||||||
mknod /dev/net/tun c 10 200 && \
|
|
||||||
chmod 600 /dev/net/tun
|
|
||||||
|
|
||||||
|
|
||||||
COPY server.conf /etc/openvpn/server.conf
|
COPY server.conf /etc/openvpn/server.conf
|
||||||
|
|
||||||
ADD entrypoint.sh /entrypoint.sh
|
ADD entrypoint.sh /entrypoint.sh
|
||||||
|
|
||||||
|
VOLUME ["/etc/openvpn"]
|
||||||
|
|
||||||
ENTRYPOINT ["/entrypoint.sh"]
|
ENTRYPOINT ["/entrypoint.sh"]
|
||||||
|
|
||||||
CMD ["openvpn","/etc/openvpn/server.conf"]
|
CMD ["openvpn","/etc/openvpn/server.conf"]
|
||||||
|
Loading…
Reference in New Issue
Block a user