{"id":15180347,"url":"https://github.com/bnhf/openvpn-admin-plus","last_synced_at":"2025-10-26T19:30:31.176Z","repository":{"id":40628876,"uuid":"468070685","full_name":"bnhf/openvpn-admin-plus","owner":"bnhf","description":"Docker-based web interface (with golang backend) for monitoring and admin of an OpenVPN TAP/TUN server setup with PiVPN or other OpenVPN server installations. This project has been renamed from pivpn-tap-web-ui, to reflect its new broader scope.","archived":false,"fork":false,"pushed_at":"2023-09-05T14:33:58.000Z","size":8976,"stargazers_count":142,"open_issues_count":7,"forks_count":23,"subscribers_count":6,"default_branch":"main","last_synced_at":"2024-09-28T16:03:40.560Z","etag":null,"topics":["bridge","docker","docker-image","openvpn","openvpn-admin","openvpn-configuration","openvpn-server","pivpn","pivpn-admin","pivpn-server","tap"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bnhf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2022-03-09T19:45:31.000Z","updated_at":"2024-09-14T18:22:39.000Z","dependencies_parsed_at":"2023-07-13T00:57:21.398Z","dependency_job_id":null,"html_url":"https://github.com/bnhf/openvpn-admin-plus","commit_stats":{"total_commits":147,"total_committers":2,"mean_commits":73.5,"dds":0.2108843537414966,"last_synced_commit":"454b12dce13d913ed20381d38546f5674e5dc8f9"},"previous_names":["bnhf/pivpn-tap-web-ui"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bnhf%2Fopenvpn-admin-plus","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bnhf%2Fopenvpn-admin-plus/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bnhf%2Fopenvpn-admin-plus/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bnhf%2Fopenvpn-admin-plus/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bnhf","download_url":"https://codeload.github.com/bnhf/openvpn-admin-plus/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":219862313,"owners_count":16555957,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bridge","docker","docker-image","openvpn","openvpn-admin","openvpn-configuration","openvpn-server","pivpn","pivpn-admin","pivpn-server","tap"],"created_at":"2024-09-27T16:03:54.557Z","updated_at":"2025-10-26T19:30:28.494Z","avatar_url":"https://github.com/bnhf.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OpenVPN-Admin-Plus\n\n## Summary\nOpenVPN TAP/bridge or TUN (host-based) server web administration interface in a Docker container. Intended for use with PiVPN (on amd64/arm64/armv7 versions of Debian or Ubuntu, or on ARM64/ARMv7 with Raspberry Pi OS). PiVPN should be installed first and OpenVPN 2.5.x or above required!\n\nHere's a post on setting PiVPN in TAP server mode. It's written for the Raspberry Pi, but the steps are the same on Debian or Ubuntu. One exception is your physical ethernet adapter, which will likely not be eth0 in the openvpn-bridge script:\n\nhttps://technologydragonslayer.com/2022/01/16/installing-an-openvpn-tap-server-on-a-raspberry-pi-using-pivpn/\n\nIMPORTANT: On Debian 11 and its derivations, the bridge-conf, bridge-start and bridge-stop scripts defined here work much better than the classic openvpn-bridge script for TAP installations:\n\n[bridge-scripts](https://gist.github.com/Belphemur/3b03eaad96172b2159fc)\n\nNo need to replace your openvpn@.service file, just insert the bridge-start and bridge-stop lines in the same relative locations in your existing file. build-client and server.conf are not needed either.\n\nGoal: create quick to deploy and easy to use solution that makes work with small OpenVPN environments a breeze.\n\nIf you have docker and Portainer installed, you can jump directly to [installation](#Prod).\n\n![Status page](https://user-images.githubusercontent.com/41088895/211678414-57d18b6e-0ba0-4f30-b7d5-deebdc592252.png)\n\nIf you have a functioning OpenVPN TAP or TUN Server on the same host as your Docker containers, you should be able to use this fork to monitor OpenVPN connections.\n\nCertificate generation and management is also available, and should be compatible with PiVPN. You can use either this web-ui to create client certificates, or use PiVPN from the commandline. Use PiVPN from the commandline (with elevated privileges) to revoke certificates.\n\n## Motivation\n\n* to create a version of this project that will work with OpenVPN TAP and TUN servers created using PiVPN (amd64, arm64 or ARMv7 )\n\n## Features\n\n* status page that shows server statistics and list of connected clients\n* easy creation of client certificates\n* ability to download client certificates as a zip package with client configuration inside or as a single .ovpn file\n* log preview\n* modification of OpenVPN configuration file through web interface\n* this fork is especially designed to use an external version of OpenVPN configured for TAP (bridge) -- which is probably not possible via Docker\n* works with host-based PiVPN TUN servers now too!\n\n## Screenshots\n\n![screenshot-nuc10-pc2 localdomain-2023 01 10-14_51_43](https://user-images.githubusercontent.com/41088895/211678711-b41de1c8-590f-45c0-9048-091ed1265211.png)\n\n![screenshot-nuc10-pc2 localdomain_8080-2023 01 10-15_11_54](https://user-images.githubusercontent.com/41088895/211678760-ed8a8425-21db-4f28-b6f0-51078450d2d8.png)\n\n![screenshot-nuc10-pc2 localdomain-2023 01 10-14_45_55](https://user-images.githubusercontent.com/41088895/211678922-c107f5d8-b642-40f3-8f5a-ae3a2cd6d662.png)\n\n![Screenshot 2022-02-26 113822](https://user-images.githubusercontent.com/41088895/155858448-cced00d9-b931-4e85-a77f-f0f220ac0afc.png)\n\n[Screenshots](docs/screenshots.md)\n\n## Usage\n\nAfter startup web service is visible on port 8080. To login use the following default credentials:\n\n* username: admin\n* password: b3secure\n\nPlease change password to your own immediately!\n\n### Prod\n\nRequirements:\n* Docker, Portainer, PiVPN, Debian or Ubuntu\n* on firewall open ports: 8080/tcp\n\nSetup your Portainer Stacks page as shown on an amd64/arm64/armv7 machine running Debian or its derivations, inserting environment variables for creating certificates. Also, you'll need the unique ID assigned by PiVPN to the server (the name used for the server certificate and key, which is the hostname followed by a series of numbers, letters and dashes). And finally, you'll need to supply the name of the server configuration file you'd like to use (usually server.conf):\n\n![screencapture-brix-pc2-9000-2023-02-04-14_15_54](https://user-images.githubusercontent.com/41088895/216790336-32dbaebe-7f6d-4c82-8b13-db55fc59c7d6.png)\n\nCopy and paste this into the Portainer Environment variables section in Advanced Mode, then switch to Simple mode to input your values. Replace the ${variable} with your actual values, and remove the comment portions that begin with #. Leave USERNAME and PASSWORD default values, as you'll change those after you login for the first time by clicking on Admistrator - Profile:\n\n```yml\n OPENVPN_ADMIN_USERNAME=admin # Leave this default as-is and update on first-run\n OPENVPN_ADMIN_PASSWORD=b3secure # Leave this default as-is and update on first-run\n COUNTRY=${COUNTRY} # Two character country code. Country, Province, City, Org and OU are used by EasyRSA\n PROVINCE=${PROVINCE} # Province or State\n CITY=${CITY}\n ORG=${ORG} # Organization - Use your company name here or make one up\n EMAIL=${EMAIL}\n OU=${OU} # Organizational Unit - Use your company department name or make one up\n PIVPN_SERVER=${PIVPN_SERVER} # The unique name used for your server's certificate and key. Found in the /etc/openvpn/server.conf file.\n PIVPN_CONF=${PIVPN_CONF} # Filename for your OpenVPN server configuration - usually server.conf\n TZ=${TZ} # Your OpenVPN server's timezone\n```\n\nThis fork uses a single docker container with the OpenVPNAdmin web application. Through a docker volume it creates following directory structure for the database, but otherwise links to /etc/openvpn in the host. The intention is for PiVPN to be able to operate as usual, with PiVPN commanline options still available:\n\n    .\n    ├── docker-compose.yml\n    └── openvpn-data\n         └── db\n            └── data.db\n\n### User\n\nRequirements:\n* [docker](https://docs.docker.com/engine/install/debian/#install-using-the-convenience-script)\n\nOptional, but highly recommended:\n* [Portainer](https://docs.portainer.io/v/ce-2.9/start/install/server/docker/linux)\n* [cockpit-project](https://cockpit-project.org)\n* [cockpit-navigator plugin](https://cockpit-project.org/applications)\n* [organizr-Docker](https://hub.docker.com/r/organizr/organizr)\n* [watchtower](https://hub.docker.com/r/containrrr/watchtower)\n\nPortainer, Cockpit and pivpn-tap-web-ui can all be added as \"vertical\" tabs in organizr, for a clean single tab in your browser. All are iFrame compatible when accessed via http:// -- it'll work with https:// too, but not in the iFrame (new tab will open). watchtower can be setup to run once and then stop, updating all of your containers (including Portainer and watchtower itself).\n\n![screenshot-brix-pc2-2022 03 09-14_50_38](https://user-images.githubusercontent.com/41088895/157542989-5f13f2e5-8b69-4958-a3dc-95270485efc0.png)\n\n### Dev\n\nRequirements:\n* [golang environments](https://www.digitalocean.com/community/tutorial_series/how-to-code-in-go)\n* [beego](https://beego.vip/)\n* [bee](https://github.com/beego/bee)\n* [docker](https://docs.docker.com/engine/install/debian/#install-using-the-convenience-script)\n\nOptional, but recommended:\n\n* [Portainer](https://docs.portainer.io/v/ce-2.9/start/install/server/docker/linux)\n* [GitHub Desktop for Linux](https://gist.github.com/berkorbay/6feda478a00b0432d13f1fc0a50467f1)\n* [Visual Studio Code](https://code.visualstudio.com/download)\n\nExecute commands:\n\n    go get github.com/bnhf/openvpn-admin-plus\n    cd $GOPATH/src/github.com/bnhf/openvpn-admin-plus\n    go mod tidy\n    bee run -gendoc=true\n    bee pack -exr='^vendor|^data.db|^build|^README.md|^docs'\n    cd build\n    ./build.sh\n    \nFor building on ARM64 or ARMv7:\n\n    In the dockerfile inside the build folder, comment out debian:bullseye as a source,\n    and uncomment balenalib/raspberry-pi-debian:latest (ARMv7 only)\n    In build.sh, change the docker build to \u003cyour-docker-hub-repo-here\u003e/pivpn-tap-web-ui:arm64 (or armv7)\n    It's highly recommended that you use Visual Studio Code with the \"Remote - SSH\" extension\n    (in addition to the \"Go\" extension of course) from a more powerful machine\n    \n\n## Todo\n\n* Test with TUN and TAP running concurrently\n\n## License\n\nThis project uses [MIT license](LICENSE)\n\n\n## Remarks\n\nNumerous things have been updated to bring this project forward from its 2017 roots. It's now based on Debian 11 (in the container build), and is using the latest OpenVPN and EasyRSA, thanks to PiVPN. All of the project dependencies (vendoring) have been updated to current levels in 2022.\n\nCourtsey of @tyzbit, the ability to specify DNS servers, and additional client/server options have been added. Also @mendoza-conicet contributed code for being able to download a single .ovpn file. Many issues have been addressed related to adapting this package for use with a host-based server, and related to all of the latest versions of the dependencies.\n\nAnd, of course, many thanks to @adamwalach for his excellent original work to create this project!\n\n\n### Template\nAdminLTE - dashboard \u0026 control panel theme. Built on top of Bootstrap 3.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbnhf%2Fopenvpn-admin-plus","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbnhf%2Fopenvpn-admin-plus","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbnhf%2Fopenvpn-admin-plus/lists"}