Wraps your program with OpenVPN network tunnel fully contained in Docker. This allows you to have multiple OpenVPN connections in different containers serving different programs running inside them.
Supports latest Docker for both Windows, Linux, and MacOS.
- openvpn-tunnel (GitHub) - This project.
- openvpn-socks5 (GitHub) - Expose a SOCKS5 proxy server on your host port to serve programs on your host machine that can connect to a SOCKS5 proxy.
- shadowsocksr-tunnel (GitHub) - Wraps your program with ShadowsocksR network tunnel fully contained in Docker. Also exposes SOCKS5 server to host machine.
- shadowsocksr-aria2 (GitHub) - Extends
shadowsocksr-tunnel
witharia2
support.
- It reads in an OpenVPN configuration file (
.ovpn
) from a mounted file, specified throughOPENVPN_CONFIG
environment variable. - It starts the OpenVPN client program to establish the VPN connection.
- It optionally runs the executable defined by
OPENVPN_UP
when the VPN connection is stable. - It optionally runs the user specified CMD line from
docker run
positional arguments (see Docker doc). The program will use the VPN connection inside the container. - If user has provided CMD line, and
DAEMON_MODE
environment variable is not set totrue
, then after running the CMD line, it will shutdown the OpenVPN client and terminate the container.
Prepare your OpenVPN configuration file with .ovpn
extension, which you can usually get from your VPN provider's website.
If you want to specify OpenVPN username and password, you can change the line in your .ovpn
configuration with auth-user-pass
to auth-user-pass secret
, then create a file named secret
at the same directory as your .ovpn
configuration file. secret
file should contain two lines, where first line is your username, and second line is your password.
The following example will run curl ifconfig.co/json
through VPN configured in ./vpn.ovpn
on host machine.
# Unix
docker run -it --rm --device=/dev/net/tun --cap-add=NET_ADMIN \
-v "${PWD}":/vpn:ro -e OPENVPN_CONFIG=/vpn/vpn.ovpn \
curve25519xsalsa20poly1305/openvpn-tunnel \
curl ifconfig.co/json
# Windows
docker run -it --rm --device=/dev/net/tun --cap-add=NET_ADMIN ^
-v "%CD%":/vpn:ro -e OPENVPN_CONFIG=/vpn/vpn.ovpn ^
curve25519xsalsa20poly1305/openvpn-tunnel ^
curl ifconfig.co/json
You can leave the VPN connection running in background, and later use docker exec
to run your program inside the running container without ever closing and repoening your VPN connection multiple times. Just leave out the CMD line when you start the container with docker run
, it will automatically enter daemon mode.
# Unix
NAME="myvpn"
docker run --name "${NAME}" -dit --rm --device=/dev/net/tun --cap-add=NET_ADMIN \
-v "${PWD}":/vpn:ro -e OPENVPN_CONFIG=/vpn/vpn.ovpn \
curve25519xsalsa20poly1305/openvpn-tunnel
# Windows
SET NAME="myvpn"
docker run --name "%NAME%" -dit --rm --device=/dev/net/tun --cap-add=NET_ADMIN ^
-v "%PWD%":/vpn:ro -e OPENVPN_CONFIG=/vpn/vpn.ovpn ^
curve25519xsalsa20poly1305/openvpn-tunnel
Then you run commads using docker exec
:
# Unix
NAME="myvpn"
docker exec -it "${NAME}" curl ifconfig.co/json
# Windows
SET NAME="myvpn"
docker exec -it "%NAME%" curl ifconfig.co/json
To stop the daemon, run this:
# Unix
NAME="myvpn"
docker stop "${NAME}"
# Windows
SET NAME="myvpn"
docker stop "%NAME%"
This image only includes curl
and wget
for most basic HTTP request usage. If the program you want to run is not available in this image, you can easily extend this image to include anything you need.
Here is a very simple example Dockerfile
that will install aria2 in its derived image.
FROM curve25519xsalsa20poly1305/openvpn-tunnel
RUN apk add --no-cache aria2
Build this image with:
# Unix & Windows
docker build -t openvpn-aria2 .
Finally run it with
# Unix
docker run -it --rm --device=/dev/net/tun --cap-add=NET_ADMIN \
-v "${PWD}":/vpn:ro -e OPENVPN_CONFIG=/vpn/vpn.ovpn \
-v "${PWD}":/downloads:rw \
-w /downloads \
openvpn-aria2 \
arai2c http://example.com/index.html
# Windows
docker run -it --rm --device=/dev/net/tun --cap-add=NET_ADMIN \
-v "%CD%":/vpn:ro -e OPENVPN_CONFIG=/vpn/vpn.ovpn \
-v "%CD%":/downloads:rw \
-w /downloads \
openvpn-aria2 \
arai2c http://example.com/index.html
It will download the file using aria2c
to your host's current directory.
Please feel free to contribute to this project. But before you do so, just make sure you understand the following:
1. Make sure you have access to the official repository of this project where the maintainer is actively pushing changes. So that all effective changes can go into the official release pipeline.
2. Make sure your editor has EditorConfig plugin installed and enabled. It's used to unify code formatting style.
3. Use Conventional Commits 1.0.0-beta.2 to format Git commit messages.
4. Use Gitflow as Git workflow guideline.
5. Use Semantic Versioning 2.0.0 to tag release versions.
Copyright © 2019 curve25519xsalsa20poly1305 <curve25519xsalsa20poly1305@gmail.com>
This work is free. You can redistribute it and/or modify it under the terms of the Do What The Fuck You Want To Public License, Version 2, as published by Sam Hocevar. See the COPYING file for more details.