From 7ec93a661b7c061ee6415912de72334d1fe0a39e Mon Sep 17 00:00:00 2001 From: Chuck Lantz Date: Fri, 5 Nov 2021 17:54:28 +0000 Subject: [PATCH] README tweak --- .devcontainer/Dockerfile | 3 ++- README.md | 40 +++++++++++++++++++++++++++++++++++++++- 2 files changed, 41 insertions(+), 2 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index 675be43..c8c3a9f 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -7,5 +7,6 @@ RUN export DEBIAN_FRONTEND=noninteractive && apt-get update \ && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/library-scripts \ # # Remove the OPENVPN_CONFIG variable since we don't neeed it after is written to a file - && echo "unset OPENVPN_CONFIG" | tee -a /etc/bash.bashrc > /etc/profile.d/unset-openvpn-config.sh \ + && echo 'OPENVPN_CONFIG=""' >> /etc/environment \ + && echo "unset OPENVPN_CONFIG" | tee -a /etc/bash.bashrc > /etc/profile.d/999-unset-openvpn-config.sh \ && if [ -d "/etc/zsh" ]; then echo "unset OPENVPN_CONFIG" >> /etc/zsh/zshenv; fi diff --git a/README.md b/README.md index c95b915..088edce 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,40 @@ -# Using the OpenVPN client from Codespaces +# Using the OpenVPN client from GitHub Codespaces + +GitHub Codespaces provides a useful environment for development that is separated from your local machine. This provides some nice security benifits due to the fact that the codespace has no direct route to your machine or the network it is sitting in. However, you may have a resource you need to access that is in a private network. This sample illustrates how to set up the OpenVPN (v2) client in a codespace to connect into a OpenVPN capable VPN gateway. + +# Using the sample + +1. Your VPN admistrator should be able to provide you with an OpenVPN configuraion file. This particular sample is assuming you are using certificate based authentication to access the VPN. We'll call this file `vpnconfig.ovpn`. +2. Work with your administrator to place any needed certificates or keys in the `vpnconfig.ovpn` file. You can tell if the certificates and keys are in the file by looking for the following: + + ``` + + -----BEGIN CERTIFICATE----- + uQltvbIPFv69jSPNotypuUQqRAyLC+gBTVDxN3zC3WPeKMR6vJTh0lxC6GPhkHC + ... + -----END CERTIFICATE----- + + + + -----BEGIN CERTIFICATE----- + uQltvbIPFv69jSPNotypuUQqRAyLC+gBTVDxN3zC3WPeKMR6vJTh0lxC6GPhkHC + ... + -----END CERTIFICATE----- + + + + -----BEGIN CERTIFICATE----- + uQltvbIPFv69jSPNotypuUQqRAyLC+gBTVDxN3zC3WPeKMR6vJTh0lxC6GPhkHC + ... + -----END CERTIFICATE----- + + + ``` + + For example, see [here](https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-openvpn-clients#linux) for information on setting up config file for a connection to an Azure VPN Gateway. You can skip the steps that install the client and use the GUI. +3. Create a Codespaces user secret called `OPENVPN_CONFIG` and place the contents of the file in it. +4. Assign this secret to either this repository or your own fork of it. +5. Create a codespace - after its started, you should be connected to your VPN. If you aren't you can manually run `.devcontainer/start-openvpn.sh` to try again and logs can be found in `.devcontainer/openvpn-tmp/openvpn.log`. + +