andrei/amnezia-client
1
0
Fork 0
mirror of https://github.com/amnezia-vpn/amnezia-client.git synced 2026-06-23 02:00:20 +07:00
Code Issues Packages Projects Releases 10 Wiki Activity

Fix: selfhosted server installations

Browse Source
This commit is contained in:
dranik
2026-06-04 15:25:40 +03:00
parent a9861d18b7
commit 1c32561dd4
9 changed files with 114 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files
client/server_scripts/openvpn/configure_container.sh
+2 -1
View File
@@ -5,7 +5,8 @@ dev tun
ca /opt/amnezia/openvpn/ca.crt
cert /opt/amnezia/openvpn/AmneziaReq.crt
key /opt/amnezia/openvpn/AmneziaReq.key
dh /opt/amnezia/openvpn/dh.pem
dh none
ecdh-curve secp384r1
server $OPENVPN_SUBNET_IP $OPENVPN_SUBNET_MASK
ifconfig-pool-persist ipp.txt
duplicate-cn
client/server_scripts/openvpn/run_container.sh
+8 -2
View File
@@ -7,6 +7,13 @@ sudo docker run -d \
-p $OPENVPN_PORT:$OPENVPN_PORT/$OPENVPN_TRANSPORT_PROTO \
--name $CONTAINER_NAME $CONTAINER_NAME
# Wait until the container is actually running before the network/exec steps.
# DH generation was removed, so this phase now finishes in ~2s instead of up to
# minutes; without this guard a slow Docker daemon (or a leftover container from a
# previous deploy) could let later steps race ahead and fail with "No such
# container". Single-line on purpose (script runs as one batched shell). ~15s cap.
amn_i=0; while [ "$(sudo docker inspect -f '{{.State.Running}}' $CONTAINER_NAME 2>/dev/null)" != "true" ] && [ $amn_i -lt 30 ]; do sleep 0.5; amn_i=$((amn_i+1)); done
sudo docker network connect amnezia-dns-net $CONTAINER_NAME
# Create tun device if not exist
@@ -18,8 +25,7 @@ sudo docker exec -i $CONTAINER_NAME sh -c "ifconfig eth0:0 $SERVER_IP_ADDRESS ne
# OpenVPN config
sudo docker exec -i $CONTAINER_NAME bash -c 'mkdir -p /opt/amnezia/openvpn/clients; \
cd /opt/amnezia/openvpn && easyrsa init-pki; \
cd /opt/amnezia/openvpn && easyrsa gen-dh; \
cd /opt/amnezia/openvpn && cp pki/dh.pem /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\
cd /opt/amnezia/openvpn && easyrsa build-ca nopass << EOF yes EOF && easyrsa gen-req AmneziaReq nopass << EOF2 yes EOF2;\
cd /opt/amnezia/openvpn && easyrsa sign-req server AmneziaReq << EOF3 yes EOF3;\
cd /opt/amnezia/openvpn && openvpn --genkey --secret ta.key << EOF4;\
cd /opt/amnezia/openvpn && cp pki/ca.crt pki/issued/AmneziaReq.crt pki/private/AmneziaReq.key /opt/amnezia/openvpn;\