A Dockerfile
based off of phusion/baseimage-docker
that establishes a VPN connection with vpnc
.
VPNC_GATEWAY
: IP/name of your IPSec gatewayVPNC_ID
: Group nameVPNC_SECRET
: Group passwordVPNC_USERNAME
: XAUTH usernameVPNC_PASSWORD
: XAUTH password
First, ensure that all of the environment variables above exist in a file:
$ cat > .env <<EOF
VPNC_GATEWAY=1.2.3.4
VPNC_ID=joker-group
VPNC_SECRET=joker-secret
VPNC_USERNAME=joker
VPNC_PASSWORD=joker-password
EOF
Note: You can also use the -e
option to docker run
.
Next, build the container:
$ docker build -t azavea/vpnc .
Lastly, run the container, and then ask ipify what your external IP address is. It should return the IP address of your VPN endpoint.
$ docker run --rm -ti --privileged --env-file .env --dns 8.8.8.8 \
azavea/vpnc /sbin/my_init --quiet -- \
/bin/sh -c "sleep 5 && curl 'https://api.ipify.org?format=json'"
VPNC started in foreground...
{"ip":"216.158.51.82"}
$ curl 'https://api.ipify.org?format=json'
{"ip":"52.2.53.130"}
Option Explanations
--rm
: Removes the container after it's done executing--privileged
: Allows the container to create and make use of thetun
device--env-file
: Loads up the contents of.env
into the container's environment--dns
: Make use of Google's DNS servers for name resolution within the container/sbin/my_init
: The init system provided byphusion/baseimage-docker
Everything after --
is the command we want to run within the container, in addition to the services managed by my_init.
Note: If you get an error like the one below, it is a known bug with vpnc
:
select: Interrupted system call
terminated by signal: 15