The documentation of the production deployment should be improved. What are this v

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Improve the documentation about openvpn-admin-plus HOT 3 CLOSED

bnhf commented on August 28, 2024

Improve the documentation

from openvpn-admin-plus.

Comments (3)

bnhf commented on August 28, 2024

@melakhvision

Fair point, I'll add some detail on those.

The first two are EasyRSA values intended to improve the cryptographic strength of generated keys and certificates.

ORG = Organization
You can use your company name or make something up if you don't have one.

OU = Organizational Unit
A typical value here would be IT (for Information Technology), or again you can make something up.

The second two are PiVPN values, which include the the unique ID PiVPN uses in creating your server certificate. If your look at the /etc/openvpn/server.conf file generated by PiVPN, you'll see it in the cert and key directives in the file. That long string, which starts with the hostname of your OpenVPN server and ends with a .crt or .key is what you want to use.

So on my test system:

PIVPN_SERVER = raspberrypi10_ca8554c5-6025-442f-9d06-25a5cab85a3c

PIVPN_CONF = server.conf (which is the default name created by PiVPN)

from openvpn-admin-plus.

bnhf commented on August 28, 2024

@melakhvision

I added some comments to the docker-compose, and I'll add some to the README as well:

version: '3'
services:
  gui:
    image: bnhf/openvpn-admin-plus:latest
    container_name: openvpn-gui-tap
    environment:
    - OPENVPN_ADMIN_USERNAME=admin # Leave this default as-is and update on first-run
    - OPENVPN_ADMIN_PASSWORD=b3secure # Leave this default as-is and update on first-run
    - COUNTRY=${COUNTRY} # Country, Province, City, Org and OU are used by EasyRSA
    - PROVINCE=${PROVINCE} # Province or State
    - CITY=${CITY}
    - ORG=${ORG} # Organization - Use your company name here or make one up
    - EMAIL=${EMAIL}
    - OU=${OU} # Organizational Unit - Use your company department name or make one up
    - PIVPN_SERVER=${PIVPN_SERVER} # The unique name used for your server's certificate and key. Found in the /etc/openvpn/server.conf file.
    - PIVPN_CONF=${PIVPN_CONF} # Filename for your OpenVPN server configuration - usually server.conf
    - TZ=${TZ} # Your OpenVPN server's timezone
    ports:
     - "8080:8080/tcp"
    restart: always
    volumes:
     - /etc/openvpn:/etc/openvpn
     - ./openvpn-data/db:/opt/openvpn-gui-tap/db

from openvpn-admin-plus.

bnhf commented on August 28, 2024

@melakhvision

I added the same commented environment section to the README, so I think we should be covered. I noticed PIVPN_SERVER and PIVPN_CONF were already discussed there, but of course it doesn't hurt to have some things described multiple times.

ORG and OU definitely needed clarification though. Those values used to be requested during a PiVPN script install of OpenVPN, but I don't think that's the case anymore. They're still used to improve cryptography when available, AFAIK.

I'm closing this one out, but feel free to re-open if needed. Cheers.

from openvpn-admin-plus.

Improve the documentation about openvpn-admin-plus HOT 3 CLOSED

Comments (3)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent