Cherry pick changes from dperson#101

ppouliot · Dec 7, 2017 · 5997bc6 · 5997bc6
1 parent 02f2231
commit 5997bc6
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 24 deletions.
diff --git a/README.md b/README.md
@@ -2,7 +2,8 @@
 
 # OpenVPN
 
-OpenVPN client docker container
+This is an OpenVPN client docker container. It makes routing containers'
+traffic through OpenVPN easy.
 
 # What is OpenVPN?
 
@@ -15,7 +16,8 @@ capable of traversing network address translators (NATs) and firewalls.
 # How to use this image
 
 This OpenVPN container was designed to be started first to provide a connection
-to other containers (using `--net=container:vpn`, see below).
+to other containers (using `--net=container:vpn`, see below *Starting an OpenVPN
+client instance*).
 
 **NOTE**: More than the basic privileges are needed for OpenVPN. With docker 1.2
 or newer you can use the `--cap-add=NET_ADMIN` and `--device /dev/net/tun`
@@ -37,7 +39,7 @@ container) when you launch the service in it's container.
 `docker-compose`, see the example
 [file](https://github.com/dperson/openvpn-client/raw/master/docker-compose.yml).
 
-## Hosting an OpenVPN client instance
+## Starting an OpenVPN client instance
 
     sudo cp /path/to/vpn.crt /some/path/vpn-ca.crt
     sudo docker run -it --cap-add=NET_ADMIN --device /dev/net/tun --name vpn \

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,31 +1,15 @@
-version: '2.1'
+version: '3.4'
 
 services:
-  service1:
-    image: docker_hub_user/container_name
-    depends_on:
-      - vpn
-    environment:
-      TZ: 'EST5EDT'
-    network_mode: "service:vpn"
-    read_only: true
-    tmpfs:
-      - /tmp
-    restart: unless-stopped
-    stdin_open: true
-    tty: true
-    volumes:
-      - /srv/service1:/var/lib/service1:Z
-
   vpn:
     image: dperson/openvpn-client
+    # cap_add, security_opt, and volume required for the image to function
     cap_add:
       - net_admin
-  #  dns:
-  #    - 8.8.4.4
-  #    - 8.8.8.8
     environment:
       TZ: 'EST5EDT'
+    networks:
+      - default
     read_only: true
     tmpfs:
       - /tmp
@@ -36,6 +20,24 @@ services:
     tty: true
     volumes:
       - /dev/net:/dev/net:z
+    # Put .ovpn configuration file in the /vpn directory (in "volumes:" above or
+    # launch using the command line arguments, IE pick one:
+    #  - ./vpn:/vpn
+    # command: 'server;user;password[;port]'
+
+  # Replace "service1" with and image with an actual service you want to run
+  service1:
+    image: docker_hub_user/container_name
+    depends_on:
+      - vpn
+    environment:
+      TZ: 'EST5EDT'
+    network_mode: "service:vpn"
+    restart: unless-stopped
+    stdin_open: true
+    tty: true
+    volumes:
+      - /srv/service1:/var/lib/service1:Z
 
   web:
     image: dperson/nginx
@@ -45,6 +47,8 @@ services:
       TZ: 'EST5EDT'
     links:
       - vpn:service1
+    networks:
+      - default
     ports:
       - "80:80"
       - "443:443"
@@ -56,4 +60,9 @@ services:
     restart: unless-stopped
     stdin_open: true
     tty: true
-    command: -w "http://service1:8888;/service1"
+    command: -w "http://service1:8888;/service1"
+    # service1 shares the network stack of vpn. The service can by reached using
+    # the name of the service as a hostname.
+
+networks:
+  default: