1、关闭防护墙及centos设置
systemctl stop firewalld
systemctl disable firewalld
setenforce 0
sed -i 's/enforcing/disabled/' /etc/selinux/config
swapoff -a
sed -ri 's/.*swap.*/#&/' /etc/fstab
2、安装docker
curl -fsSL https://get.docker.com | bash -s docker --mirror Aliyun
vi /etc/docker/daemon.json
{"registry-mirrors": ["https://5bbb9226a13d49fd9a2e9763da104bc7.mirror.swr.myhuaweicloud.com"],"live-restore": true }
sudo systemctl enable docke
sudo systemctl start docker
sudo systemctl enable docker
3、安装 docker-compose
$ sudo curl -L "https://github.com/docker/compose/releases/download/1.24.1/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
$ sudo chmod +x /usr/local/bin/docker-compose
$ sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
4、编辑yml文件
vi docker-compose.yml
version: '2'
services:
ovpn:
image: kylemanna/openxxx
volumes:
- ./opt/openxxx:/etc/openxxx
ports:
- '1194:1194/tcp'
cap_add:
- NET_ADMIN
restart: always
5、## Quick Start
# 请把tcp改成IP地址或域名
docker-compose run --rm ovpn ovpn_genconfig -u tcp://internetIp
# 设置参数并配置密码
docker-compose run --rm ovpn ovpn_initpki
# 启动实例
docker-compose up -d
# 定义环境变量
export CLIENTNAME="taichunmin"
# 免密证书设置
docker-compose run --rm ovpn easyrsa build-client-full "$CLIENTNAME" nopass
# 將 client 的证书导出
docker-compose run --rm ovpn ovpn_getclient "$CLIENTNAME" > "$CLIENTNAME.ovpn"
