History

Simone Ruffilli 6d89b88149 versions.tf maintenance + copyright notice bump (#1782 ) * Bump copyright notice to 2023 * Delete versions.tf on blueprints * Pin provider to major version 5 * Remove comment * Fix lint * fix bq-ml blueprint readme --------- Co-authored-by: Ludovico Magnocavallo <ludomagno@google.com> Co-authored-by: Julio Castillo <jccb@google.com>		2023-10-20 18:17:47 +02:00
..
Dockerfile	versions.tf maintenance + copyright notice bump (#1782 )	2023-10-20 18:17:47 +02:00
README.md	Assorted module fixes (#1045 )	2022-12-10 15:40:15 +01:00
cloudbuild.yaml	versions.tf maintenance + copyright notice bump (#1782 )	2023-10-20 18:17:47 +02:00
entrypoint.sh	versions.tf maintenance + copyright notice bump (#1782 )	2023-10-20 18:17:47 +02:00
ipsec-vti.sh	versions.tf maintenance + copyright notice bump (#1782 )	2023-10-20 18:17:47 +02:00

README.md

StrongSwan docker container

Build

gcloud builds submit . --config=cloudbuild.yaml

Docker compose example

version: "3"
services:
  vpn:
    image: gcr.io/pso-cft-fabric/strongswan:latest
    networks:
      default:
        ipv4_address: 192.168.0.2
    cap_add:
      - NET_ADMIN
    ports:
      - "500:500/udp"
      - "4500:4500/udp"
      - "179:179/tcp"
    privileged: true
    volumes:
      - "/lib/modules:/lib/modules:ro"
      - "/etc/localtime:/etc/localtime:ro"
      - "/var/lib/docker-compose/onprem/ipsec/ipsec.conf:/etc/ipsec.conf:ro"
      - "/var/lib/docker-compose/onprem/ipsec/ipsec.secrets:/etc/ipsec.secrets:ro"
      - "/var/lib/docker-compose/onprem/ipsec/vti.conf:/etc/strongswan.d/vti.conf:ro"
  bird:
    image: pierky/bird
    network_mode: service:vpn
    cap_add:
      - NET_ADMIN
      - NET_BROADCAST
      - NET_RAW
    privileged: true
    volumes:
      - "/var/lib/docker-compose/onprem/bird/bird.conf:/etc/bird/bird.conf:ro"