The systemd service aims to make the update and invocation of the
docker-openvpn
container seamless. It automatically downloads the latest
docker-openvpn
image and instantiates a Docker container with that image. At
shutdown it cleans-up the old container.
In the event the service dies (crashes, or is killed) systemd will attempt to
restart the service every 10 seconds until the service is stopped with
systemctl stop [email protected]
.
A number of IPv6 hacks are incorporated to workaround Docker shortcomings and are harmless for those not using IPv6.
To use and enable automatic start by systemd:
-
Create a Docker volume container named
ovpn-data-NAME
whereNAME
is the user's choice to describe the use of the container. In this example configuration,NAME=example
.OVPN_DATA="ovpn-data-example" docker volume create --name $OVPN_DATA
-
Initialize the data container, but don't start the container :
docker run -v $OVPN_DATA:/etc/openvpn --rm registry.gitlab.com/ix.ai/openvpn ovpn_genconfig -u udp://VPN.SERVERNAME.COM docker run -v $OVPN_DATA:/etc/openvpn --rm -it registry.gitlab.com/ix.ai/openvpn ovpn_initpki
-
Download the [email protected] file to
/etc/systemd/system
:curl -L https://raw.githubusercontent.com/registry.gitlab.com/ix.ai/docker-openvpn/master/init/docker-openvpn%40.service | sudo tee /etc/systemd/system/[email protected]
-
Enable and start the service with:
systemctl enable --now [email protected]
-
Verify service start-up with:
systemctl status [email protected] journalctl --unit [email protected]
For more information, see the systemd manual pages.