Merge branch 'develop'

Author: SloCompTech

CHANGELOG.md

@@ -0,0 +1,23 @@
+# Changelog
+
+### 1.0.2 - Official release
+
+- Fixed typo in `basic_nat` example config wizard  
+- Consistency fix in `Makefile`  
+- Added docs for *basic_nat* example  
+- Added docs for commands, simple setup guide  
+- Added badges to `README.md`  
+
+### 1.0.1 -  First version of OpenVPN container
+
+Implemented:
+
+- PKI handling with scripts
+- Hooks scripts (in separate directories)
+- Example config with wizard
+- Docker Hub hook
+
+Still missing:
+
+- Documentation
+- Dicrobadger badges

Makefile

@@ -5,7 +5,7 @@
 
 IMAGE_NAME=slocomptech/openvpn
 DATA_DIR=$(shell pwd)/data
-CONTAINER=ovpn
+CONTAINER_NAME=ovpn
 
 
 default: build
@@ -37,29 +37,29 @@ config:
 #
 setup:
 	@echo "Running temporary container"
-	docker run -it --cap-add NET_ADMIN -p 1194:1194/udp -v ${DATA_DIR}:/config --name ${CONTAINER} ${IMAGE_NAME}:latest 
+	docker run -it --cap-add NET_ADMIN -p 1194:1194/udp -v ${DATA_DIR}:/config --name ${CONTAINER_NAME} ${IMAGE_NAME}:latest 
 
 #
 #	Starts container
 #
 start:
-	docker start ${CONTAINER}
+	docker start ${CONTAINER_NAME}
 
 #
 #	Stops container
 #
 stop:
-	docker stop ${CONTAINER}
+	docker stop ${CONTAINER_NAME}
 
 #
 #	Restart container
 #
 restart:
-	docker restart ${CONTAINER}
+	docker restart ${CONTAINER_NAME}
 
 #
 #	Open terminal inside container
 #	Only when container is running
 #
 term:
-	docker exec -it ${CONTAINER} bash
+	docker exec -it ${CONTAINER_NAME} bash

README.md

@@ -1,22 +1,35 @@
 
-# [slocomptech/docker-openvpn]()
+# [slocomptech/docker-openvpn](https://github.com/SloCompTech/docker-openvpn)
 
+[![](https://images.microbadger.com/badges/version/slocomptech/openvpn.svg)](https://microbadger.com/images/slocomptech/openvpn "Get your own version badge on microbadger.com") [![](https://images.microbadger.com/badges/image/slocomptech/openvpn.svg)](https://microbadger.com/images/slocomptech/openvpn "Get your own image badge on microbadger.com") [![](https://images.microbadger.com/badges/commit/slocomptech/openvpn.svg)](https://microbadger.com/images/slocomptech/openvpn "Get your own commit badge on microbadger.com") ![](https://img.shields.io/docker/cloud/automated/slocomptech/openvpn.svg) ![](https://img.shields.io/docker/cloud/build/slocomptech/openvpn.svg)
 
 Features:  
 
-- OpenVPN is running as non-root user, soo it has limited permission.
-- OpenVPN is running in isolated environment (container) so you don't break it with updates, upgrades of your PC.
-- Easy managed (has helper scripts).
+- OpenVPN running as non-root user (limited permission)
+- Containerized (Isolated environment)
+- Easy managed (Helper scripts).
 - Easy start (Simple first-start guide).
 - Easly modified to your needs (see [docs](CONTRIBUTING.md)).
 - Easy scripting (python3 installed).
 
 ## Usage
 
+Here are some example snippets to help you get started creating a container.  
+
 ### docker
 
 ``` bash
-
+# Normal start command (but you need to setup config first)
+docker run \
+  --name=ovpn \
+  --cap-add NET_ADMIN \
+  -e PUID=1000 \
+  -e GUID=1000 \
+  -p 1194:1194/udp \
+  -v </path/o/config>:/config \
+  --restart=unless-stopped \
+  --network host \
+  slocomptech/openvpn:latest
 ```
 
 ### docker-compose
@@ -29,6 +42,9 @@ Features:
 
 |**Parameter**|**Function**|
 |:-----------:|:----------:|
+|`-e PUID=1000`|for UserID - see below for explanation|
+|`-e PGID=1000`|for GroupID - see below for explanation|
+|`-v /config`|All the config files including OpenVPNs reside here|
 
 ## User / Group Identifiers
 
@@ -45,29 +61,56 @@ In this instance `PUID=1000` and `PGID=1000`, to find yours use `id user` as bel
 
 ## Application setup
 
-``` bash
-# Setup config directory
-sudo docker run -v <Config on Host>:/config --rm -it slocomptech/docker-openvpn bash
-$ ovpn_init
-# Here will ask for password for CA (needed for signing new certificates) (add nopass if you dont want to set password)
-# Enable basic example as config & edit /config/openvpn/server/server_*.conf & /config/openvpn/client_*.conf
-$ ovpn_enconf basic1
-# Or put your own server config in /config/openvpn/server & client template (without certs) to /config/openvpn/client
-# To add client (generate certificates)
-$ ovpn_client add <name> [nopass]
-# To build .ovpn file
-$ ovpn_client ovpn <name> > <file>
-# Or from outside of docker (currently not working yet)
-sudo docker exec -it <container name> ovpn_client add <name> nopass && ovpn_client ovpn <name> > <file>
-# Exit from temporary container
-$ exit
-# Run container for real
-sudo docker run -v <Config on Host>:/config --cap-add NET_ADMIN -p 1104:1194/udp --restart=unless-stopped slocomptech/docker-openvpn
-# Setup routing
+### Initial setup
 
-```
+If you are new to containers please see rather [Detailed first setup guide](docs/SetupGuide.md), because it includes more detailed description.
+
+1. Init configuration directory with initial config files:
+
+  ``` bash
+  docker run -it --rm --cap-add NET_ADMIN -v </path/to/config>:/config slocomptech/openvpn:latest bash
+  ```
+
+2. At this point you will have bash shell which runs in container. Now run following commands to setup your PKI:
+
+  ``` bash
+  ovpn_init [nopass] # Inits PKI
+  ```
+
+3. Setup OpenVPN config based on example `basic_nat` with configuration wizard:  
+
+  ``` bash
+  ovpn_enconf basic_nat
+  #Protocol udp, tcp, udp6, tcp6 [udp]:
+  #VPN network [10.0.0.0]:
+  #Port [1194]:
+  #Public IP or domain of server: <YOUR PUBLIC IP>
+  #DNS1 [8.8.8.8]:
+  #DNS2 [8.8.4.4]:
+  ```
+4. Enable **port forwarding** on your router so OpenVPN server will be accessible from the internet.
+5. Add clients
+
+  ``` bash
+  # Generates client certificates
+  ovpn_client add <name> [nopass]
+
+  # Generates client config file and prints it to screen (redirect to file)
+  ovpn_client ovpn <name> > <config file>.ovpn
+
+  # OR BETTER SOLLUTION: Run outside container
+  docker exec -it <container name> ovpn_client ovpn <name> > <config file>.ovpn
+  ```
+
+5. Exit container with `exit`, then it will destroy itself.
+6. Start container using command specified in *Usage* section.
+
+For more infromation see:
 
-See more in [docs](docs).  
+- [Detailed first setup guide](docs/SetupGuide.md)  
+- [docs](docs) (for detailed command usage)  
+- **configuration example directory** (for more info about example)  
+- [Contributing](CONTRIBUTING.md) (for explanation how container works, how to write an example config ...)  
 
 ## Contribute
 
@@ -92,3 +135,4 @@ Wanted features (please help implement):
 
 ## Versions
 
+See [CHANGELOG](CHANGELOG.md)  

docs/README.md

@@ -0,0 +1,88 @@
+# Documentation
+
+## Table of content
+
+1. Commands
+
+- [Simple setup guide](SetupGuide.md)  
+
+## Commands
+
+This section explains commands available for use.
+
+### Command List
+
+|**Command**|**Description**|
+|:---------:|:-------------:|
+|`ovpn_backup`|Backups your configration|
+|`ovpn_client`|Manages clients|
+|`ovpn_disconf`|Deletes active OpenVPN config|
+|`ovpn_enconf`|Enables OpenVPN config from examples|
+|`ovpn_init`|Inits PKI|
+
+#### ovpn_backup
+
+This command backups your configration into *.tar.gz* archive and puts it into `/config/backup` directory.
+
+```
+Usage: ovpn_backup COMMAND
+
+Commands:
+  all     # Backup whole config directory"
+  pki     # Backup PKI files"
+  hooks   # Backup hooks"
+  openvpn # Backup openvpn live config"
+```
+
+**Note:** Store your backups in a **SECURE** way, because they are unecrypted.  
+
+#### ovpn_client
+
+This commands manages clients of your OpenVPN server.
+
+```
+Usage: ovpn_client COMMAND [ARGS]
+
+Commands:
+  add [NAME [nopass]]             # Creates certificates for client
+  ovpn NAME                       # Builds .ovpn file
+  revoke|ban|delete|remove NAME   # Removes client
+```
+
+**Note:** First you need to use `add` to create client certificates, before you can use `ovpn` command.
+
+#### ovpn_disconf
+
+This command deletes your active configuration. **Container restart** is needed for changes to take affect.
+
+```
+Usage: ovpn_disconf
+```
+
+**NOTE:** This command does not delete PKI.
+
+#### ovpn_enconf
+
+This command enables OpenVPN config based on config example. If config name isn't specified it prints out config list.
+
+```
+Usage: ovpn_enconf CONFIG_NAME [wizard args...]
+
+Configs:
+    <example config name>
+```
+
+**Note:** Please read example documentation to understand how to use it.  
+**Tip:** If you modifed config in a way that others might need same configuration, consider making new example.  
+
+#### ovpn_init
+
+This command inits your PKI in `/config/pki` folder. You need to run this command only once.  
+
+```
+Usage: ovpn_init [nopass]
+```
+
+**Note:** Best practise is to use password for your PKI. Password is only needed for signing new certificates (when adding new clients). If you don't want your PKI certificate protected with password, add `nopass` parameter.  
+**Note:** In this process you need to enter PKI password serveral times, because a lot of things are generated.  
+