├── Dockerfile ├── LICENSE ├── MyHUB-myuser.vpn ├── README.md ├── linuxconfig └── scripts └── start /Dockerfile: -------------------------------------------------------------------------------- 1 | # ----------------------------------------------------------------------------- 2 | # docker-wormhole 3 | # 4 | # Base Ubuntu + SoftEther VPN + Wormhole 5 | # (https://wormhole.network). 6 | # 7 | # Authors: Pedro Perez 8 | # Updated: Jan 16th, 2016 9 | # Require: Docker (http://www.docker.io/) 10 | # ----------------------------------------------------------------------------- 11 | 12 | 13 | # Base system is the LTS version of Ubuntu. 14 | FROM ubuntu:14.04 15 | 16 | 17 | # Make sure we don't get notifications we can't answer during building. 18 | ENV DEBIAN_FRONTEND noninteractive 19 | 20 | # Let's keep everything tidy 21 | WORKDIR /usr/local/vpnclient 22 | 23 | # Download and install the needed tools 24 | RUN apt-get update &&\ 25 | apt-get -y -q install gcc make wget && \ 26 | apt-get clean && \ 27 | rm -rf /var/cache/apt/* /var/lib/apt/lists/* && \ 28 | wget https://whdowns.blob.core.windows.net/whclient/softether-vpnclient-v4.19-9599-beta-2015.10.19-linux-x64-64bit.tar.gz -O /tmp/softether-vpnclient.tar.gz &&\ 29 | tar -xzvf /tmp/softether-vpnclient.tar.gz -C /usr/local/ &&\ 30 | rm /tmp/softether-vpnclient.tar.gz &&\ 31 | make i_read_and_agree_the_license_agreement &&\ 32 | apt-get purge -y -q --auto-remove gcc make wget && \ 33 | apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* 34 | 35 | # Move dhclient to /usr/bin to work around a bug that prevents dhclient from running 36 | RUN mv /sbin/dhclient /usr/sbin/dhclient 37 | 38 | # Load in all of our config files. 39 | ADD ./scripts/start /start 40 | ADD ./linuxconfig /usr/local/vpnclient/linuxconfig 41 | ADD ./*.vpn /usr/local/vpnclient/ 42 | 43 | # Fix all permissions 44 | RUN chmod +x /start 45 | 46 | # /data contains static files and database 47 | VOLUME ["/data"] 48 | 49 | # /start runs it. 50 | CMD ["/start"] 51 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2016 Pedro Perez 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /MyHUB-myuser.vpn: -------------------------------------------------------------------------------- 1 | REPLACE THIS FILE WITH YOUR CONFIG FILE from https://wormhole.network 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # docker-wormhole 2 | Wormhole Docker base image (Based on Ubuntu 14.04) 3 | 4 | This image automatically connects your container to Wormhole Network, an overlay network solution that enables networking between your Docker containers on different hosts. This way you can move your containers to different servers, even on different hosting locations, without having to change your application's architecture. 5 | 6 | The image is meant to serve as a base image for your own containers. Please clone this repository or fork it to build your own images with Wormhole's overlay networking included. 7 | 8 | You'll need a free account in [Wormhole Network](https://wormhole.network) and to create a hub and a hub user. See the [documentation](https://wormhole.network/docs/) for simple instructions. 9 | 10 | ## Building docker-wormhole 11 | 12 | git clone https://github.com/pjperez/docker-wormhole 13 | cd docker-wormhole 14 | 15 | Download your config (.vpn) and linuxconfig files from your dashboard at [Wormhole Network](https://wormhole.network) and use them to replace the placeholders before the next step. 16 | 17 | sudo docker build -t wormhole/client . 18 | 19 | ## Running docker-wormhole 20 | 21 | sudo docker run --rm -t -i --device=/dev/net/tun --cap-add=NET_ADMIN wormhole/client 22 | 23 | It is important to keep **-i** flag to make the session interactive, as you'll be asked to input your hub user's password twice. The --cap-add=NET_ADMIN and --device=/dev/net/tun are needed for SoftEther to create the tun adapter inside the container. 24 | 25 | This is what you'll see after running it: 26 | 27 | The SoftEther VPN Client service has been started. 28 | The commands written in the file "linuxconfig" will be used instead of input from keyboard. 29 | vpncmd command - SoftEther VPN Command Line Management Utility 30 | SoftEther VPN Command Line Management Utility (vpncmd command) 31 | Version 4.19 Build 9599 (English) 32 | Compiled 2015/10/19 20:28:20 by yagi at pc30 33 | Copyright (c) SoftEther VPN Project. All Rights Reserved. 34 | 35 | Connected to VPN Client "127.0.0.1:5555". 36 | 37 | VPN Client>AccountImport MyHUB-myuser.vpn 38 | AccountImport command - Import VPN Connection Setting 39 | The VPN Connection Setting "MyHUB" has been imported. 40 | The command completed successfully. 41 | 42 | VPN Client>AccountPasswordSet MyHUB /TYPE:STANDARD 43 | AccountPasswordSet command - Set User Authentication Type of VPN Connection Setting to Password Authentication 44 | Please enter the password. To cancel press the Ctrl+D key. 45 | 46 | Password: ************************ 47 | Confirm input: ************************ 48 | 49 | 50 | The command completed successfully. 51 | 52 | VPN Client>NicCreate wormhole 53 | NicCreate command - Create New Virtual Network Adapter 54 | The command completed successfully. 55 | 56 | VPN Client>AccountNicSet MyHUB /NIC:wormhole 57 | AccountNicSet command - Set Virtual Network Adapter for VPN Connection Setting to Use 58 | The command completed successfully. 59 | 60 | VPN Client>AccountConnect MyHUB 61 | AccountConnect command - Start Connection to VPN Server using VPN Connection Setting 62 | The command completed successfully. 63 | 64 | Acquiring IP address... 65 | IP address acquired! 66 | 67 | And this is what the server sees: 68 | 69 | 2016-01-15 19:42:26.406 The connection "CID-743" (IP address: 1.2.3.4, Host name: 1.2.3.4, Port number: 1168, Client name: "SoftEther VPN Client", Version: 4.19, Build: 9599) is attempting to connect to the Virtual Hub. The auth type provided is "Password authentication" and the user name is "myuser". 70 | 71 | 2016-01-15 19:42:26.406 Connection "CID-743": Successfully authenticated as user "myuser". 72 | 2016-01-15 19:42:26.406 Connection "CID-743": The new session "SID-MYUSER-19" has been created. (IP address: 1.2.3.4, Port number: 1168, Physical underlying protocol: "Standard TCP/IP (IPv4)") 73 | 74 | 2016-01-15 19:42:26.406 Session "SID-MYUSER-19": The parameter has been set. Max number of TCP connections: 2, Use of encryption: Yes, Use of compression: No, Use of Half duplex communication: No, Timeout: 20 seconds. 75 | 76 | 2016-01-15 19:42:26.406 Session "SID-MYUSER-19": VPN Client details: (Client product name: "SoftEther VPN Client", Client version: 419, Client build number: 9599, Server product name: "SoftEther VPN Server (64 bit)", Server version: 419, Server build number: 9599, Client OS name: "Linux", Client OS version: "Unknown Linux Version", Client product ID: "--", Client host name: "6bb06fc1b280", Client IP address: "172.17.0.2", Client port number: 43429, Server host name: "amsterdam-hub.wormhole.network", Server IP address: "4.3.2.1", Server port number: 443, Proxy host name: "", Proxy IP address: "0.0.0.0", Proxy port number: 0, Virtual Hub name: "MyHUB", Client unique ID: "30D35CC2852F39D4B062A070BDE3FCF1") 77 | 78 | 2016-01-15 19:42:26.519 SecureNAT: The DHCP entry 555 has been created. MAC address: 00-AC-34-56-78-12, IP address: 100.64.0.13, host name: 6bb06fc1b280, expiration span: 7200 seconds 79 | 80 | 2016-01-15 19:42:26.519 Session "SID-SECURENAT-1": The DHCP server of host "00-AC-34-A7-D3-1F" (100.64.0.1) on this session allocated, for host "SID-MYUSER-19" on another session "00-AC-34-56-78-12", the new IP address 100.64.0.13. 81 | 82 | Now your container is reachable on 100.64.0.13 inside your virtual network. Of course, all the traffic inside the network is encrypted for privacy and security purposes. 83 | 84 | **Note:** As soon as the container is connected, it will die. This is **by design** as this container is a mere template to build your own services, boosted by [Wormhole Network](https://wormhole.network) connectivity. 85 | 86 | ## Use cases 87 | 88 | The main use case for docker-wormhole is to make network reachability easier between your microservices, without having to expose ports, configure NAT or work with firewalls. 89 | 90 | ## Images available 91 | 92 | Available images based on docker-wormhole: 93 | 94 | - [docker-iperfserver](https://github.com/pjperez/docker-iperfserver): iPerf 2 server running on default settings. Reachable through the overlay network. 95 | - [docker-iperfclient](https://github.com/pjperez/docker-iperfclient): iPerf 2 client running 32 parallel threads. Reaches the iPerf server through the overlay network. 96 | - **NEW** [docker-whminecraft](https://github.com/pjperez/docker-whminecraft): The easiest Minecraft server to launch and join, ever!! It works out of the box on any network. Powered by Wormhole's overlay network. 97 | 98 | If you build one, send us a link to info@wormhole.network 99 | -------------------------------------------------------------------------------- /linuxconfig: -------------------------------------------------------------------------------- 1 | REPLACE THIS FILE WITH YOUR LINUX CONFIG FILE DOWNLOADED FROM https://wormhole.network 2 | -------------------------------------------------------------------------------- /scripts/start: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # Script to automate Wormhole's Docker container 4 | # 5 | # 6 | # 7 | # Wormhole Network - 2016 8 | # 9 | # This code is made public for our customers and anyone else interested. It might not always reflect the latest version in production. 10 | # 11 | # 12 | # Start the VPN client daemon 13 | ./vpnclient start 14 | 15 | # Wait 2s and connect to the local vpnclient daemon with vpncmd 16 | sleep 2s 17 | ./vpncmd /CLIENT 127.0.0.1:5555 /IN:linuxconfig 18 | 19 | # Get a new IP address 20 | echo "Acquiring IP address..." 21 | dhclient vpn_wormhole 22 | echo "IP address acquired!" --------------------------------------------------------------------------------