feat: modernize OpenVPN image — Alpine 3.20, tls-crypt, cleanup by tomklapka · Pull Request #1 · bonitoo-io/docker-openvpn

tomklapka · 2026-03-26T11:45:36Z

Summary

Pin Alpine base to 3.20 (was unpinned latest)
Add tls-crypt support via -x flag / OVPN_TLS_CRYPT env var (replaces tls-auth for full control channel encryption)
Add HEALTHCHECK instruction to Dockerfile
Change EXPOSE from UDP to TCP (matches actual usage)
Remove unused files: Dockerfile.aarch64, .travis.yml, alpine/ directory
Update maintainer label

tls-crypt mode (when -x flag is used) requires client config regeneration — tls-auth configs are not compatible with tls-crypt
Without -x flag, behavior is unchanged (backward compatible)

Build image: docker build -t bonitoo/docker-openvpn:2.6.16 .
Verify OpenVPN version: docker run --rm bonitoo/docker-openvpn:2.6.16 openvpn --version
Test genconfig with tls-crypt: docker run --rm -v /tmp/test:/etc/openvpn bonitoo/docker-openvpn:2.6.16 ovpn_genconfig -u tcp://test:1194 -2 -x -d -b -N -n 10.43.0.10
Verify tls-crypt in generated config: grep tls-crypt /tmp/test/openvpn.conf
Verify OVPN_TLS_CRYPT=1 saved: grep TLS_CRYPT /tmp/test/ovpn_env.sh
Test genconfig WITHOUT tls-crypt (backward compat): verify tls-auth in config
Test getclient combined mode with tls-crypt: verify <tls-crypt> block in output
Test getclient separated mode with tls-crypt: verify tls-crypt ta.key in output

🤖 Generated with Claude Code

tomklapka added 8 commits March 25, 2026 17:43

chore: remove unused aarch64 Dockerfile, Travis CI, and alpine dir

e775c12

feat: pin Alpine 3.20, add HEALTHCHECK, expose TCP, update maintainer

e28cf06

feat: add tls-crypt support via -x flag and OVPN_TLS_CRYPT env var

03da189

feat: support tls-crypt key embedding in client configs

9d9c67e

fix: use bash /dev/tcp for HEALTHCHECK instead of nc

9fd0f1e

chore: remove accidentally committed .idea directory

07370c8

fix: expose both UDP/TCP, use pgrep for HEALTHCHECK, ADD→COPY

660c094

fix: add ta.key validation in getclient, quote file paths

36d6b56