- Install Docker on the Pi
- Clone the OpenVPN for Docker repository
- Enter the
docker-openvpnfolder - Build the image
docker build -t your-prefix/open-vpn .Follow the README in the repo or these slightly modified instructions below:
- Initialise the data volume
export OVPN_DATA="ovpn-data"
export OVPN_IMAGE="your-prefix/open-vpn"
docker volume create --name ${OVPN_DATA}
docker run -v ${OVPN_DATA}:/etc/openvpn --rm ${OVPN_IMAGE} ovpn_genconfig -u udp://your.server.vpn
docker run -v ${OVPN_DATA}:/etc/openvpn --rm -it ${OVPN_IMAGE} ovpn_initpki
# (this can take a while)- Start the server
docker run -v ${OVPN_DATA}:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN --restart=always ${OVPN_IMAGE}- Generate a client certificate with a passphrase
docker run -v ${OVPN_DATA}:/etc/openvpn --rm -it ${OVPN_IMAGE} easyrsa build-client-full your-client-name- Retrieve the client configuration with embedded certificates for the use within OpenVPN Connect
docker run -v ${OVPN_DATA}:/etc/openvpn --rm ${OVPN_IMAGE} ovpn_getclient your-client-name > your-client-name.ovpn- Fetch the
.ovpnfile from your server - Archive with the passphrase password
zip -er your-client-name.zip your-client-name.ovpn- Distribute the zip to the 'client' and send the passphrase in a separate channel.
To access your VPN server from outside your home, configure NAT (or Port Forwarding) on your router and specify port 1194 and the (static) IP address of your VPN server. Then use the configured VPN client to connect, either by IP address or domain name.