Deploy a VPN server with Docker
What is VPN ?
A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g., a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common, though not an inherent, part of a VPN connection.
What is Docker ?
 Docker Engine is an open source containerization technology for building and containerizing your applications. Docker Engine acts as a client-server application with:
- A server with a long-running daemon process
- APIs which specify interfaces that programs can use to talk to and instruct the Docker daemon.
- A command line interface (CLI) client
This article describes how to install a VPN (Virtual Private Network) server with docker in a host machine (virtual or physical).
RequirementsBefore starting you need to have Docker installed on your host machine. Take a look to this article to see how to install Docker Community Edition.
InstallingInitialize the $VPN_DATA container volume name.
Create the volume that will be mounted by the Openvpn container to hold the server configuration files and certificates.
$ sudo docker volume create --name $VPN_DATA
Run the server to generate a certificate authority with your server public url that will be accessed from the WAN.
$ sudo docker run -v $VPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://vpn.yassinemaachi.com
The container will prompt for a passphrase to protect the private key used by the newly generated certificate authority (For example : > ca.key pass phrase : 50mESeCRetc0de).
$ sudo docker run -v $VPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_initpki
Start OpenVPN server process using the default exposed port by the container and mounting the configuration volume
$ sudo docker run -v $VPN_DATA:/etc/openvpn --restart=unless-stopped --name=homelab-vpn -d -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn
Create new clientsGenerate a client certificate with a passphrase (The container will prompt for a passphrase, this passphrase will be used to connect to this vpn server from a client side)
$ sudo docker run -v $VPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full ymaachi
Generate a client certificate without a passphrase
$ sudo docker run -v $VPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full ymaachinp nopass
Retrieve a client configuration with embedded certificates
$ sudo docker run -v $VPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient ymaachi > ymaachi.ovpn
Test the connectionFirst, make sure that your firewall (if you have one in your network) authorize the port 1194 with udp protocol.
You can connect to your server using the OpenVPN client [link to download] that can be installed on your Laptop or Mobile phone.
After installing the OpenVPN client you can upload the generated client configuration file (ymaachi.ovpn):
Enjoy your secured connection !
-  https://en.wikipedia.org/wiki/Virtual_private_network
-  https://docs.docker.com/install/