Your own VPN
Nanocl aim to make your life easier so we have a prebuilt VPN Statefile.
Based on hwdsl2/docker-ipsec-vpn-server from @Lin Song you can use it from our Official Nanocl Repository
nanocl state apply -fs nhnr.io/v0.16/sys/vpn.yml
If you want to tweak it more than what is already possible from the Statefile Args
, you can download it and customize it to fit your needs:
wget nhnr.io/v0.16/sys/vpn.yml
Here is the content of the VPN Statefile
:
You can use it in the following way:
nanocl state apply -fs nhnr.io/v0.16/sys/vpn.yml -- --namespace private --public-ip $(curl -s http://ipinfo.io/ip)
From the file above, you can notice that we create a custom DNS for our VPN.
This allows us to create and override existing domains and redirect them to our Cargoes.
But before connecting to the VPN, you can retrieve the credentials using this command:
nanocl cargo -n private logs vpn
You should be able to see something like this:
================================================
IPsec VPN server is now ready for use!
Connect to your new VPN with these details:
Server IP: server-public-ip
IPsec PSK: secret-psk
Username: vpnuser
Password: secret-password
We are not going to cover how to connect to a VPN here as it depends on your system.
You can have a deeper understanding of the container image in the official documentation.
Now we can create cargoes on any namespace we want and make them accessible from our vpn for example:
Notice that we use alot of private.nsp
that reference to the gateway of our namespace private
you may have to change it if you used a different namespace.
After applying this settings you should be able to access to http://my-domain.internal.