From: Nicolas Boisselier <nicolas.boisselier@gmail.com>
Date: Wed, 23 Nov 2016 16:21:50 +0000 (+0000)
Subject: docker openvpn
X-Git-Url: https://git.nbdom.net/?a=commitdiff_plain;h=24725e917141e80d59b927302c8b7a2fe43f354f;p=nb.git

docker openvpn
---

diff --git a/src/Docker/Compose/dbq/docker-compose.yaml b/src/Docker/Compose/dbq/docker-compose.yaml
index 1a691075..c76256fb 100644
--- a/src/Docker/Compose/dbq/docker-compose.yaml
+++ b/src/Docker/Compose/dbq/docker-compose.yaml
@@ -1,12 +1,15 @@
-php:
-  build: ../../php/
+app:
+  image: php:7.0-fpm-alpine
   volumes:
     #- ./../../../..:/opt/nb
     - ./../../../../..:/opt
     - ./:/var/www/html
     #- ./../../../../lib/php/db:/var/www/html
-# NB 20.11.16   command:
-# NB 20.11.16     - "/bin/echo HELLO > /HELLO"
+  command: "echo . /opt/nb/etc/profile > /etc/profile.d/nb.sh"
+php:
+  build: ../../php/
+  volumes_from:
+    - app
   expose:
     - 9000
 
diff --git a/src/Docker/openvpn/Dockerfile b/src/Docker/openvpn/Dockerfile
new file mode 100644
index 00000000..c6909a9a
--- /dev/null
+++ b/src/Docker/openvpn/Dockerfile
@@ -0,0 +1,5 @@
+FROM alpine:latest
+RUN apk update && apk add openvpn
+ADD ./docker-start.sh /etc/openvpn/docker-start.sh
+RUN chmod 755 /etc/openvpn/docker-start.sh
+CMD "/etc/openvpn/docker-start.sh"
diff --git a/src/Docker/openvpn/client.conf b/src/Docker/openvpn/client.conf
new file mode 100644
index 00000000..45e26eba
--- /dev/null
+++ b/src/Docker/openvpn/client.conf
@@ -0,0 +1,17 @@
+# Client configuration
+client
+remote db.nbdom.net
+nobind
+dev tun
+comp-lzo
+
+# SSL Configuration
+ca docker.crt
+cert docker.crt
+key docker.key
+
+# Logging configuration
+#log /var/log/openvpn.log
+verb 3
+
+no-replay
diff --git a/src/Docker/openvpn/docker-start.sh b/src/Docker/openvpn/docker-start.sh
new file mode 100755
index 00000000..9c09b7b5
--- /dev/null
+++ b/src/Docker/openvpn/docker-start.sh
@@ -0,0 +1,21 @@
+#!/usr/bin/env sh
+
+[ -e /dev/net ] || mkdir -p /dev/net
+[ -e /dev/net/tun ] || mknod /dev/net/tun c 10 200
+
+if [ -e /etc/openvpn/server.conf ]; then
+  CONF=/etc/openvpn/server.conf
+  IP=$(grep '^server .*$' /etc/openvpn/server.conf | awk '{print $2}')
+  iptables -t nat -A POSTROUTING -s ${IP}/24 -o eth0 -j MASQUERADE
+
+elif [ -e /etc/openvpn/client.conf ]; then
+  CONF=/etc/openvpn/client.conf
+
+else
+
+  echo "No server or client config file"
+  exit
+
+fi
+
+/usr/sbin/openvpn --cd /etc/openvpn --config $CONF --script-security 2