about summary refs log tree commit diff
diff options
context:
space:
mode:
authormaride <maride@darknebu.la>2018-08-23 12:10:35 +0200
committermaride <maride@darknebu.la>2018-08-23 12:10:35 +0200
commit65d1f311e1679d0d61b4be9162fdab23359c2403 (patch)
treecbe6e636b1955777993e88b61c97061e0a6f8aa7
parent8b65f91699cd474563c0abacc726a3d47961a78f (diff)
Add port forwarding for VPN, print remote address/port into env vars of VPN container
-rw-r--r--README.md2
-rw-r--r--src/access.go15
-rw-r--r--src/main.go1
3 files changed, 18 insertions, 0 deletions
diff --git a/README.md b/README.md
index 89b2017..bef50bc 100644
--- a/README.md
+++ b/README.md
@@ -19,6 +19,8 @@ This executable needs some parameters to work properly:
 | `-accessCode` | Yes | Access code for the user. *Default: AllYourCodesAreBelongToUs* |
 | `-sessionSalt` | Yes | Variable to salt the session token generator with. |
 | `-seedFile` | Yes | JSON file to read challenge information from. |
+| `-vpnRemoteAddress` | Yes | Address the VPN will run on, as rendered into the client VPN configuration file. |
+| `-vpnRemotePort` | No | Port the VPN will run on |
 
 ## Seed file
 
diff --git a/src/access.go b/src/access.go
index 6072025..ddb032d 100644
--- a/src/access.go
+++ b/src/access.go
@@ -8,10 +8,18 @@ import (
 	"net/http"
 	"fmt"
 	"github.com/docker/docker/api/types/network"
+	"flag"
 )
 
 var vpnContainerID string
 var vpnNetworkID string
+var remoteAddress* string
+var remotePort* int
+
+func registerAccessFlags() {
+	remoteAddress = flag.String("vpnRemoteAddress", "", "The remote domain name or IP the VPN will run on")
+	remotePort = flag.Int("vpnRemotePort", 1194, "The port the VPN should listen on")
+}
 
 func startVPN() (err error) {
 	// Set up our context and Docker CLI connection
@@ -23,12 +31,19 @@ func startVPN() (err error) {
 	// Create container
 	resp, err := dockerCli.ContainerCreate(dockerCtx, &container.Config{
 		Image: "circus-vpn",
+		Env: []string{
+			fmt.Sprintf("remoteAddress=%s", *remoteAddress),
+			fmt.Sprintf("remotePort=%d", *remotePort),
+		},
 	}, &container.HostConfig{
 		Privileged: true,
 	}, &network.NetworkingConfig{
 		EndpointsConfig: map[string]*network.EndpointSettings{
 			"endpoint": {
 				NetworkID: vpnNetworkID,
+				Links: []string{
+					fmt.Sprintf("%d:1194/tcp", *remotePort),
+				},
 			},
 		},
 	}, "")
diff --git a/src/main.go b/src/main.go
index a06ee66..ae50632 100644
--- a/src/main.go
+++ b/src/main.go
@@ -11,6 +11,7 @@ func main() {
 	registerSessionFlags()
 	registerCredentialsFlags()
 	registerSeedFlags()
+	registerAccessFlags()
 	flag.Parse()
 
 	// Read challenges from file