Hello ppl
Im a fullstack developer with some experience in linux env.. willing to learn anything new!
Im going to explain what I need so you have some ctxt.
I have a vps with docker installed. I want to deploy some apps but I want these apps only to be accessed within a VPN. This vpn might be accessed by several clients, some of them sbc devices, and some people's PCs.
I want these PCs to resolve some hosts (dumbservice -> 10.0.x.x) but I do not want all traffic to be redirected through the VPN (just when the domain is resolved by the vpn provided DNS) is that even possible?
Then, these sbc devices will be available on port 22, I want to be able to ssh into them
I've been following this sample https://github.com/fscm/docker-openvpn/
After connecting to the vpn server Im unable to resolve hosts outside the vpn..
Thanks in advance
docker containers available within VPN network and dns resolution [dns][vps][docker]
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 4
- Joined: Sat Sep 18, 2021 6:25 pm
docker containers available within VPN network and dns resolution [dns][vps][docker]
Last edited by k1r0s on Sat Sep 18, 2021 9:38 pm, edited 1 time in total.
-
- OpenVpn Newbie
- Posts: 4
- Joined: Sat Sep 18, 2021 6:25 pm
Re: docker containers available within VPN network and dns resolution (yet another noob needs help)
I've finally succeeded to have a working vpn
kylemanna/openvpn image gives me internet access
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1a9aeaeef256 httpd:2.4 "httpd-foreground" 4 seconds ago Up 3 seconds 80/tcp my-apache-app
db1723970b24 kylemanna/openvpn "ovpn_run" 4 minutes ago Up 4 minutes 0.0.0.0:1194->1194/udp, :::1194->1194/udp ovpn
I've created a docker network
both containers showed above are on the same network and both can see each other:
root@localhost:~# docker exec -it ovpn sh
/ # ping my-apache-app
PING my-apache-app (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.181 ms
64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.152 ms
64 bytes from 172.18.0.3: seq=2 ttl=64 time=0.118 ms
How I can allow vpn clients connected to ovpn see the httpd container?
kylemanna/openvpn image gives me internet access
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
1a9aeaeef256 httpd:2.4 "httpd-foreground" 4 seconds ago Up 3 seconds 80/tcp my-apache-app
db1723970b24 kylemanna/openvpn "ovpn_run" 4 minutes ago Up 4 minutes 0.0.0.0:1194->1194/udp, :::1194->1194/udp ovpn
I've created a docker network
both containers showed above are on the same network and both can see each other:
root@localhost:~# docker exec -it ovpn sh
/ # ping my-apache-app
PING my-apache-app (172.18.0.3): 56 data bytes
64 bytes from 172.18.0.3: seq=0 ttl=64 time=0.181 ms
64 bytes from 172.18.0.3: seq=1 ttl=64 time=0.152 ms
64 bytes from 172.18.0.3: seq=2 ttl=64 time=0.118 ms
How I can allow vpn clients connected to ovpn see the httpd container?
-
- OpenVpn Newbie
- Posts: 4
- Joined: Sat Sep 18, 2021 6:25 pm
Re: docker containers available within VPN network and dns resolution [dns][vps][docker]
reading through https://dev.to/setevoy/openvpn-dns-and- ... ation-225f
I guess I can drop openvpn server outside of docker env, run it native in the VPS and make the network resolution. But I guess it should be a way to let docker do its job..
I guess I can drop openvpn server outside of docker env, run it native in the VPS and make the network resolution. But I guess it should be a way to let docker do its job..
-
- OpenVpn Newbie
- Posts: 4
- Joined: Sat Sep 18, 2021 6:25 pm
Re: docker containers available within VPN network and dns resolution [dns][vps][docker]
Hello again,
Im going to approach by other means
- I'm going to natively install openvpn on the VPS
- create a docker container with vpn client and connect it to the vps server
- once connected change the IP
- additional application containers will use the same network space that of the previous container (connected to the vpn)
- third party clients will need to have a /etc/hosts file pointing to that IP we changed the container above
However there are drawbacks since other applications have to explicitly change its network configuration.
I would like to think some seamlessly solution is possible https://openvpn.net/community-resources ... -bridging/
I wonder if an openvpn server can indeed provide ip addresses within the same range so clients are able to see services already present in that space ie: docker applications.
:')
Im going to approach by other means
- I'm going to natively install openvpn on the VPS
- create a docker container with vpn client and connect it to the vps server
- once connected change the IP
- additional application containers will use the same network space that of the previous container (connected to the vpn)
- third party clients will need to have a /etc/hosts file pointing to that IP we changed the container above
However there are drawbacks since other applications have to explicitly change its network configuration.
I would like to think some seamlessly solution is possible https://openvpn.net/community-resources ... -bridging/
I wonder if an openvpn server can indeed provide ip addresses within the same range so clients are able to see services already present in that space ie: docker applications.
:')