hwdsl2/docker-ipsec-vpn-server

This project is a pre-built Docker image that runs a private VPN server on any Linux machine that has Docker installed. A VPN encrypts your internet traffic so that no one between your device and the server can see what you are doing online. This is particularly useful when connecting from public Wi-Fi networks. The image supports three VPN protocols: IPsec/L2TP, Cisco IPsec (also called XAuth), and IKEv2. IKEv2 is the most modern and secure of the three and is recommended for most users. All three protocols are compatible with Windows, macOS, iOS, Android, Chrome OS, and Linux. The image automatically generates login credentials and VPN configuration files on first startup, so you do not need to configure anything manually to get a working server. Setting up the server takes a single Docker command. The image pulls from Docker Hub, starts a container with the VPN software running, and outputs randomly generated credentials that you use on your client devices. There is also a helper script included for managing IKEv2 users and certificates, and the image can generate configuration profiles for iOS, macOS, and Android to make connecting those devices straightforward. Two versions of the image are available. The default Alpine-based version is about 19 MB, while a Debian-based alternative weighs around 62 MB. Both support 64-bit x86, 64-bit ARM, and 32-bit ARM processors, so the image can run on cloud servers as well as small computers like the Raspberry Pi. For persistent storage of VPN credentials and certificates across container restarts, the image uses a named Docker volume. Environment variables set in a configuration file control the VPN username, password, and pre-shared key, though even those are optional since the image generates random values when no configuration is provided. A Docker Compose file is also available for users who prefer that workflow.