Docker Community Forums

Share and learn in the Docker community.

Problem with routing nginx-proxy through openvpn tunnel

docker

(Svarto) #1

I am trying to use DigitalOcean VPS as a openVPN server to access services (e.g. nextcloud) hosted on my home network through subdomains (e.g. nextcloud.example.com).

I have gotten most of it to work but I am struggling a bit to set up the static routes so that the dockerized nginx-proxy now to send the request into the dockerized openvpn.

Basically, the routing would look like this:

nextcloud.example.com (external) > nginx.proyx (docker network, 172.17.0.3 listening on port 80) > openvpn docker (docker network, 172.17.0.2, seems to listen for VPN connections on port 1194) > internal vpn network (192.168.255.x)

I would really appreciate some help with:

  1. -I added the static routes to the host (through ip route add 192.168.255.0/24 via 172.17.0.2), but not sure if that is the right way?

  2. -Should I nginx-proxy all traffic through the port 1194 or can I use another port for the openVPN docker container?

  3. -When I ifconfig in host, I don’t see the VPN interface (tun0), however when I go into the openVPN docker container and ifconfig then I see the tun0 interface. So it seems it is only accessible inside the container - I assume I should add an iptables forwarding route inside the openVPN docker to make sure traffic routed to the openVPN docker (172.17.0.2) from nginx-proxy docker (172.17.0.3) continues to the tun0 VPN interface - is iptables the right way to do this?

Thanks a lot for your help!