I am trying to use DigitalOcean VPS as a openVPN server to access services (e.g. nextcloud) hosted on my home network through subdomains (e.g. nextcloud.example.com).
I have gotten most of it to work but I am struggling a bit to set up the static routes so that the dockerized nginx-proxy now to send the request into the dockerized openvpn.
Basically, the routing would look like this:
nextcloud.example.com (external) > nginx.proyx (docker network, 172.17.0.3 listening on port 80) > openvpn docker (docker network, 172.17.0.2, seems to listen for VPN connections on port 1194) > internal vpn network (192.168.255.x)
I would really appreciate some help with:
-
-I added the static routes to the host (through ip route add 192.168.255.0/24 via 172.17.0.2), but not sure if that is the right way?
-
-Should I nginx-proxy all traffic through the port 1194 or can I use another port for the openVPN docker container?
-
-When I ifconfig in host, I don’t see the VPN interface (tun0), however when I go into the openVPN docker container and ifconfig then I see the tun0 interface. So it seems it is only accessible inside the container - I assume I should add an iptables forwarding route inside the openVPN docker to make sure traffic routed to the openVPN docker (172.17.0.2) from nginx-proxy docker (172.17.0.3) continues to the tun0 VPN interface - is iptables the right way to do this?
Thanks a lot for your help!