-
Notifications
You must be signed in to change notification settings - Fork 260
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create an ovpn admin panel login page #212
Comments
I had the same question and I read in an older issue that it's being considered. Someone remarked that it's easy to add nginx in front to provide authentication. Not sure if the following details helps you at all but I'm happy so share my solution along with some critical details that come with my implemention choices. I ended up using nginx in front as well. My problem was that I didn't want to expose the management interface of OpenVPN by running it at any interface (0.0.0.0) which makes it vulnerable so I had it running at 127.0.0.1. If I can help someone out with the for all of this then let me know, I'm happy to share it. |
please explain more |
I failed, I need help |
In order to help you out, I need to know where you're stuck. Hope this gives an impression of how I solved it. It's also completely possible to get this done without the use of containers. Just install nginx locally and use 127.0.0.1 for the management interface.
|
Hello, Chiming in as I am working on this as well. I am trying to put nginx in front of the admin panel at http://192.168.1.97:8080/ Do you happen to have a dockerfile? I am using Docker for this project. (management with Portainer) What I have so far:
What I need to do:
|
The main problem I am having is that nginx (conf below) gets a 502 error when trying to proxy to the ovpn-admin ui at docker-compose ports "127.0.0.1:8888:8080" the UI works fine when I switch to just 8888:8080 , or if I disable nginx and do 8080:8080. I just cant get nginx to proxy correctly to the ovpn-admin ui. nginx conf:
Docker-compose:
|
In this case, I figured out ovpn-admin was still running on the container but at 8080, even when the dockerfile specified " My new nginx conf: looks like:
the docker-compose for ovpn /ovpn admin looks like
the docker-compose for nginx looks like
Note the other 8081 port was to test the nginx page |
Got this to work:
|
I came up to this solution, resulting the web UI admin panel being accessible only for specific users from inside the VPN network and management port 8989 not being accessible from the VPN network. changes made: docker-compose.yaml
This allows to access the web admin panel only through nginx proxy, not from the VPN network To disable the possibility of access the management port of VPN from inside the VPN network (if some will add 10.99.0.2 IP to routing table somehow).
Use an additional webserver as a proxy, being accessible only from a VPN network. Port 443 to the VPN server accessible only from that additional proxy. strong username + password as basic auth on nginx |
Do you have a method for creating an admin username and password to access the OVPN management panel?
The text was updated successfully, but these errors were encountered: