• This repository has been archived on 16/Sep/2018
  • Stars
    star
    178
  • Rank 214,989 (Top 5 %)
  • Language
    Shell
  • License
    MIT License
  • Created about 9 years ago
  • Updated almost 7 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Docker image for easily setting up a secure StrongSwan VPN

Strongswan on Docker

Base docker image to run a Strongswan IPsec and a XL2TPD server.

Usage

Run the following to start the container:

docker run -d -p 500:500/udp -p 4500:4500/udp -p 1701:1701/udp --privileged philplckthun/strongswan

If you haven't set any login credentials via configuration files or environment variables, then a new random password will be set. To get it, read the logs of the running container:

docker logs <CONTAINER>

Search for this line in the output at the top:

No VPN_PASSWORD set! Generated a random password: mrXEv2S3F
No VPN_PSK set! Generated a random PSK key: NZESSabnC

Here, the user hasn't set a PSK secret and password.

Environment variables

By default a single account is added for EAP and XAuth login.

Its password is specified by the VPN_PASSWORD environment variable, and its username is specified by the VPN_USER variable.

VPN_USER defaults to user and VPN_PASSWORD is randomised if not changed.

The PSK (pre-shared key) is specified in the VPN_PSK environment variable, and is randomised as well.

You can inject these variables through docker run:

docker run ... -e VPN_USER=dave VPN_PASSWORD=dave-is-awesome ...

Volume / Configuration files

There is a single volume that is mounted at /etc/ipsec.d. Through it you can add a lot of Strongswan configuration. Additionally you can overwrite:

  • /etc/ppp/l2tp-secrets
  • /etc/ipsec.secrets
  • /etc/ipsec.conf
  • /etc/strongswan.conf
  • /etc/xl2tpd.conf

with it, by putting your configuration files in that volume folder as well. They will be copied to the correct locations.

Services running

There are two services running: Strongswan and addtionally XL2TPD for IPSec/L2TP support.

The default IPSec configuration supports:

  • IKEv2 with EAP Authentication (Though a certificate has to be added for that to work)
  • IKEv2 with PSK
  • IKEv1 with PSK and XAuth (Cisco IPSec)
  • IPSec/L2TP with PSK

The ports that are exposed for this container to work are:

  • 4500/udp and 500/udp for IPSec
  • 1701/udp for L2TP

More Repositories

1

setup-simple-ipsec-l2tp-vpn

Setup a simple IPSec/L2TP VPN Server for Ubuntu and Debian
Shell
644
star
2

setup-strong-strongswan

[UNMAINTAINED] Setup a (really) strong StrongSwan VPN Server for Ubuntu and Debian
Shell
633
star
3

fluorine

[UNMAINTAINED] Reactive state and side effect management for React using a single stream of actions
JavaScript
286
star
4

sweetsour

A CSS-in-JS parser and pipeline adhering to the ISTF spec 🍭
OCaml
224
star
5

prosemd-lsp

An experimental proofreading and linting language server for markdown files ✍️
Rust
142
star
6

rxjs-diagrams

React Components for visualising RxJS observables and operators
JavaScript
128
star
7

spectacle-sync

πŸ’ Present Spectacle presentations synchronised on multiple devices
JavaScript
59
star
8

extendable-immutable

Wrapper classes around Immutable.js that turn it inheritable
JavaScript
58
star
9

bunpkg

A proof of concept clone of Unpkg running on Cloudflare Workers
TypeScript
49
star
10

stream-tag

A tagged template literal utility for Node streams
TypeScript
47
star
11

react-compat-component

Marrying ES6 with mixins and more: Compatibility layer for React's ES6 Component class
JavaScript
39
star
12

Adventurous-Syntax

A dark Atom theme using common colors often seen in the cult series Adventure Time.
CSS
28
star
13

react-wonka

Several hooks for using Wonka streams with React
TypeScript
26
star
14

moomin

An experimental JSX/component framework around Reprocessing for Reason
OCaml
17
star
15

graphql-box

[WIP] Instant GraphQL OpenCRUD database that is universally runnable & deployable
TypeScript
17
star
16

pessimism

A fast HAMT Map intended for KV caching and optimistic updates
OCaml
15
star
17

bs-rebel

A toolkit for collections for bsb-native and bsb aimed at bundle size and performance
OCaml
14
star
18

kitten.sh

My collection of posts as found at kitten.sh
JavaScript
12
star
19

redux-fluorine

A Redux enhancer to manage groups of actions as observables ("agendas")
JavaScript
12
star
20

hachiko

WIP: Modular and performant data collections for JavaScript
TypeScript
10
star
21

bs-flow-parser

Flow's JavaScript parser, packaged and adapted for BuckleScript
OCaml
10
star
22

runruntypes

A poor man's runtime-only type checker
JavaScript
9
star
23

system

Nix
9
star
24

vim-adventurous

A dark vim color theme using common colours often seen in the cult series Adventure Time
Vim Script
9
star
25

react-static-plugin-md-pages

react-static plugin to create nested pages from a given source directory
JavaScript
7
star
26

goethe

Node module for immutable color conversion and manipulation
JavaScript
6
star
27

dotfiles

Vim Script
6
star
28

2g

WIP: A cross-platform creative coding framework for Reason
C
6
star
29

didsmoosh

componentDidSmoosh is a comedy night for JS nerds bringing together experts of developer humour on stage
JavaScript
6
star
30

fix-ubuntu-unicorn-for-macbooks

A wizard which can fix multiple issues, bugs and quirks occuring on Macbook Pros running Ubuntu 14.10.
Shell
5
star
31

nightingale

Reason
4
star
32

reason-hmm

HandmadeMath Bindings for OCaml
C++
4
star
33

reason-glsl-optimizer

GLSL Optimizer Bindings for OCaml
C++
4
star
34

threed-example-api

A GraphQL Example API for threaded conversations
JavaScript
4
star
35

advent-of-code-2019

Learning some Rust with "Advent of Code 2019" β€” because why not?
Rust
4
star
36

bowtie

JavaScript
4
star
37

thought-leader

JavaScript
3
star
38

concurrent-mode-deck

JavaScript
3
star
39

gatsby-theme-docs-system

JavaScript
3
star
40

twitter-was-down-

2
star
41

gatsby-theme-mdx-deck

Modified version of mdx-deck's Gatsby Theme with fixed size slides
JavaScript
2
star
42

vierdreidrei

433Mhz Receiver and Transmitter Module through a RCSwitch wrapper (WIP)
C++
1
star
43

pebble-barely-v2

A simple watchface only using horizontal and vertical straight lines for the Pebble smartwatch. Four squares for the time, four for the date, and four for the year, filling the whole screen. Also invertable!
C
1
star
44

kitten

1
star