summaryrefslogtreecommitdiff
path: root/ci/docker/eduvpn-server.docker
blob: b1e2c707d20b85125d145a1ace51184f0a1af71d (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

FROM fedora:36

RUN dnf -y install git

WORKDIR /eduvpn

RUN git clone https://github.com/eduvpn/documentation

WORKDIR /eduvpn/documentation

RUN git checkout v3

RUN echo -e '[eduVPN_v3-dev]\n\
name=eduVPN 3.x Development Packages (Fedora $releasever)\n\
baseurl=https://repo.tuxed.net/eduVPN/v3-dev/rpm/fedora-$releasever-$basearch\n\
gpgcheck=1\n\
gpgkey=https://repo.tuxed.net/fkooman+repo@tuxed.net.asc\n\
enabled=1'\
>> /etc/yum.repos.d/eduVPN_v3-dev.repo

RUN cat /etc/yum.repos.d/eduVPN_v3-dev.repo

RUN dnf -y install mod_ssl php-opcache httpd iptables-nft pwgen cronie \
    iptables-services php-fpm php-cli policycoreutils-python-utils chrony \
    ipcalc tmux wget iproute

RUN dnf -y install vpn-server-node vpn-user-portal vpn-maint-scripts

ARG WEB_FQDN=eduvpnserver

RUN cp resources/ssl.fedora.conf /etc/httpd/conf.d/ssl.conf
RUN cp resources/localhost.fedora.conf /etc/httpd/conf.d/localhost.conf
RUN cp resources/vpn.example.fedora.conf "/etc/httpd/conf.d/${WEB_FQDN}.conf"

RUN sed -i "s/vpn.example/${WEB_FQDN}/" "/etc/httpd/conf.d/${WEB_FQDN}.conf"

RUN sed -i "s/vpn.example/${WEB_FQDN}/" "/etc/vpn-user-portal/config.php"

RUN sed -i "s|10.42.42.0|$(ipcalc -4 -r 24 -n --no-decorate)|" "/etc/vpn-user-portal/config.php"
RUN sed -i "s|fd42::|$(ipcalc -6 -r 64 -n --no-decorate)|" "/etc/vpn-user-portal/config.php"
RUN sed -i "s|10.43.43.0|$(ipcalc -4 -r 24 -n --no-decorate)|" "/etc/vpn-user-portal/config.php"
RUN sed -i "s|fd43::|$(ipcalc -6 -r 64 -n --no-decorate)|" "/etc/vpn-user-portal/config.php"

RUN cp /etc/vpn-user-portal/keys/node.0.key /etc/vpn-server-node/keys/node.key

RUN openssl req \
    -nodes \
    -subj "/CN=${WEB_FQDN}" \
    -x509 \
    -sha256 \
    -newkey rsa:2048 \
    -keyout "/etc/pki/tls/private/${WEB_FQDN}.key" \
    -out "/etc/pki/tls/certs/${WEB_FQDN}.crt" \
    -days 90

WORKDIR /eduvpn/server
ADD ci/docker/starteduvpn.sh /eduvpn/server

RUN chmod +x ./starteduvpn.sh

RUN wget https://raw.githubusercontent.com/gdraheim/docker-systemctl-replacement/master/files/docker/systemctl3.py -O /bin/systemctl

RUN chmod +x /bin/systemctl

CMD ["./starteduvpn.sh"]