Skip to content
Dockerized version of the easy2connect scripts for a FIP-Box from
Branch: master
Clone or download
Latest commit a8fdaa2 Sep 25, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.

Docker-based setup of easy2connect-scripts

Basic usage

  • Install docker and docker-compose
  • Generate easyconnnect-Id (e2cid), installcode and VPN-password
curl -q -c /tmp/cookie -o /t
curl -q -b /tmp/cookie

This outputs the data on the console.

sudo ./
  • Add the new docker instance as a new service to be started on boot of your machine

File reference

The basic deployment script


Passing the e2cid and installcode environment variables into the docker instance. The volume on tmp is just for debugging purposes.


Copies scripts into docker instance, installs basic packages and runs scripts.

Beware: Hacks!

There is an evil hack with /etc/ since the scripts seem to try to determine the Linux environment based on /etc/ but fail to do so correctly in the docker instance. The provided /etc/ hacks around this.

Installs openvpn and knockd.

Gets data based on e2cid and installcode from


This file is run on each start of the docker instance. It gets the current configuration for the e2cid from and opens the VPN tunnel based on the settings.

Beware: Hacks!

  • There is also a mean hack for /etc/resolv.conf to always use the Google nameserver, since the docker nameserver seemed to fail in my environment.
  • Another hack is adding a log-append option to /tmp/easy2connect/openvpn/ec.conf for better debugging.
  • The last hack is that since the script to run ( is downloaded from But we want two things to happen in it:
    • We want a trap on signal 15 and a sleep infinity in the end, so that we can stop the script. This stopping is usually performed by knockd, which listens on commands from issues a knock-sequence across the established VPN, if the configuration is changed in the web interface. We need to process this command in a way, that we stop all runnings scripts, refetch the current configuration and restart our scripts.
    • The sleep is necessary, since we want our script to block until got terminated - most likely through knockd.


This file is run by knockd, when wants the FIP-Box to restart.

Beware: Hacks!

Currently it issues a "pkill -9", but with the trap set on signal 15 it should also be possible to just use "pkill". Maybe we do not understand correctly how "trap", "sleep" and "kill" work together? Needs some debugging and/or RTFM on these...

You can’t perform that action at this time.