# docker-openvpn-radiusplugin **Repository Path**: seanmurphy-personal/docker-openvpn-radiusplugin ## Basic Information - **Project Name**: docker-openvpn-radiusplugin - **Description**: 包含Radiusplugin插件的开箱即用 openVpn docker 镜像 - **Primary Language**: Docker - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2021-07-26 - **Last Updated**: 2022-06-13 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Usage ``` docker run -it --rm --cap-add=NET_ADMIN \ -p 1194:1194/udp -p 80:8080/tcp \ -v /mnt/openvpn/data/Dockovpn_data:/opt/Dockovpn_data \ -v {OPEN_VPN_CONFIG_FILE_PATH}:/etc/openvpn/server.conf \ -v {RADIUS_PLUGIN_CONFIG_FILE_PATH}:/etc/openvpn/radiusplugin.conf \ -e HOST_ADDR=$(curl -s https://api.ipify.org) \ -d --name dockovpn seanmurphy010/openvpn-with-radiusplugin:v-0.1alpha ``` you can run it without OPEN_VPN_CONFIG_FILE_PATH and RADIUS_PLUGIN_CONFIG_FILE_PATH, and then, the container will use default config to start, then you can run 'docker cp' command get the default config file otherwise, u can modify the config and restart with specific config when docker container start, you can get the client.ovpn file on the volume # the openvpn config file sample ``` server.conf : port 1194 proto udp dev tun ca /etc/openvpn/ca.crt cert /etc/openvpn/MyReq.crt key /etc/openvpn/MyReq.key dh /etc/openvpn/dh.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 8.8.8.8" duplicate-cn keepalive 10 120 cipher AES-256-GCM ncp-ciphers AES-256-GCM:AES-256-CBC auth SHA512 user nobody group nobody persist-key persist-tun plugin /opt/Dockovpn/radiusplugin.so /etc/openvpn/radiusplugin.conf client-cert-not-required username-as-common-name status openvpn-status.log verb 1 tls-server tls-version-min 1.2 tls-auth /etc/openvpn/ta.key 0 ``` # the radiusPlugin config sample: ``` # The NAS identifier which is sent to the RADIUS server NAS-Identifier=OpenVpn001 # The service type which is sent to the RADIUS server Service-Type=5 # The framed protocol which is sent to the RADIUS server Framed-Protocol=1 # The NAS port type which is sent to the RADIUS server NAS-Port-Type=5 # The NAS IP address which is sent to the RADIUS server NAS-IP-Address=172.24.0.222 # Path to the OpenVPN configfile. The plugin searches there for # client-config-dir PATH (searches for the path) # status FILE (searches for the file, version must be 1) # client-cert-not-required (if the option is used or not) # username-as-common-name (if the option is used or not) OpenVPNConfig=/etc/openvpn/server.conf # Support for topology option in OpenVPN 2.1 # If you don't specify anything, option "net30" (default in OpenVPN) is used. # You can only use one of the options at the same time. # If you use topology option "subnet", fill in the right netmask, e.g. from OpenVPN option "--server NETWORK NETMASK" subnet=255.255.255.0 # If you use topology option "p2p", fill in the right network, e.g. from OpenVPN option "--server NETWORK NETMASK" # p2p=10.8.0.1 # Allows the plugin to overwrite the client config in client config file directory, # default is true overwriteccfiles=true # Allows the plugin to use auth control files if OpenVPN (>= 2.1 rc8) provides them. # default is false useauthcontrolfile=true # Path to a script for vendor specific attributes. # Leave it out if you don't use an own script. # vsascript=/root/workspace/radiusplugin_v2.0.5_beta/vsascript.pl # Path to the pipe for communication with the vsascript. # Leave it out if you don't use an own script. # vsanamedpipe=/tmp/vsapipe # A radius server definition, there could be more than one. # The priority of the server depends on the order in this file. The first one has the highest priority. server { # The UDP port for radius accounting. acctport=1813 # The UDP port for radius authentication. authport=1812 # The name or ip address of the radius server. name=172.24.0.90 # How many times should the plugin send the if there is no response? retry=1 # How long should the plugin wait for a response? wait=1 # The shared secret. sharedsecret=testpw } ``` # the Dockfile infomation the source project: https://gitee.com/seanmurphy/docker-openvpn-radiusplugin this image base on Docker-OpenVPN : the website : https://dockovpn.io contact:xumeng010@126.com