Hey everyone! I just started learning UNIX-based systems and docker itself, but I have a major issue with somewhat a simple set-up. Before you read the thread - I have no idea if this is the right place to describe my problem. If you know another forum which is more appropriate, please suggest it :)There’s the situation:
I have 3 machines:
- Ubuntu server 18.04.1 LTS
- A FreeNAS server (version doesn’t matter)
- A client machine (any OS, windows, linux etc.)
The original idea is to have an OpenVPN server on the Server machine which protects other services installed on it. So for example, i want to have a mediawiki container that is only accessible for clients logged in to the VPN.
On my Ubuntu server I installed and configured an OpenVPN server (directly, not with docker) with, let’s say a 10.9.0.0/24 internal network. I created a ufw rule:
sudo ufw allow openvpn
I tested the tun connection by connecting from a client machine and it works - the IP of the client is masqueraded and the client can access the internet.
Then, on the server I installed docker and run a mediawiki container. Installed it, seems fine, I can access it via the internet (port mapping is 80:80).
Then, I blocked port 80 with UFW:
sudo ufw deny 80
sudo ufw reload
Now, when a client logs in to VPN, it has access to the internet, but not the wikimedia container.
I spent the last couple of days trying hundreds of ufw rule combinations and none of them work.
Is such setup possible or do i have to use docker networks with specific iptables rules?
Please forgive me my noobish-ness.
Distributor ID: Ubuntu Description: Ubuntu 18.04.1 LTS Release: 18.04 Codename: bionic
Client: Version: 18.09.1 API version: 1.39 Go version: go1.10.6 Git commit: 4c52b90 Built: Wed Jan 9 19:35:31 2019 OS/Arch: linux/amd64 Experimental: false Server: Docker Engine - Community Engine: Version: 18.09.1 API version: 1.39 (minimum version 1.12) Go version: go1.10.6 Git commit: 4c52b90 Built: Wed Jan 9 19:02:44 2019 OS/Arch: linux/amd64 Experimental: false