File tree Expand file tree Collapse file tree 1 file changed +38
-0
lines changed Expand file tree Collapse file tree 1 file changed +38
-0
lines changed Original file line number Diff line number Diff line change 1+ #! /bin/bash
2+ set -e
3+
4+ [ -n " ${DEBUG+x} " && set -x
5+ OVPN_DATA=basic-data
6+ IMG=" kylemanna/openvpn"
7+ NAME=" ovpn-test"
8+ SERV_IP=$( ip -4 -o addr show scope global | awk ' {print $4}' | sed -e ' s:/.*::' | head -n1)
9+
10+ # generate server config including iptables nat-ing
11+ docker volume create --name $OVPN_DATA
12+ docker run --rm -v $OVPN_DATA :/etc/openvpn $IMG ovpn_genconfig -u udp://$SERV_IP -N
13+ docker run -v $OVPN_DATA :/etc/openvpn --rm -it -e " EASYRSA_BATCH=1" " EASYRSA_REQ_CN=Travis-CI Test CA" $IMG ovpn_initpki nopass
14+
15+ # Fire up the server
16+ docker run -d --name $NAME -v $OVPN_DATA :/etc/openvpn --cap-add=NET_ADMIN $IMG
17+
18+ # check default iptables rules
19+ docker exec -ti $NAME bash -c ' source /etc/openvpn/ovpn_env.sh; eval iptables -t nat -C POSTROUTING -s $OVPN_SERVER -o eth0 -j MASQUERADE'
20+
21+ # append new setupIptablesAndRouting function to config
22+ docker exec -ti $NAME bash -c ' echo function setupIptablesAndRouting { iptables -t nat -A POSTROUTING -m comment --comment "test"\;} >> /etc/openvpn/ovpn_env.sh'
23+
24+ # kill server in preparation to modify config
25+ docker kill $NAME
26+ docker rm $NAME
27+
28+ # check that overridden function exists and that test iptables rules is active
29+ docker run -d --name $NAME -v $OVPN_DATA :/etc/openvpn --cap-add=NET_ADMIN $IMG
30+ docker exec -ti $NAME bash -c ' source /etc/openvpn/ovpn_env.sh; type -t setupIptablesAndRouting && iptables -t nat -C POSTROUTING -m comment --comment "test"'
31+
32+ #
33+ # kill server
34+ #
35+
36+ docker kill $NAME
37+ docker rm $NAME
38+ docker volume rm $OVPN_DATA
You can’t perform that action at this time.
0 commit comments