From 41d8d97b9edf1bac137191706a68c4ec35457a94 Mon Sep 17 00:00:00 2001
From: Shubhada <shpaitha@redhat.com>
Date: Thu, 3 Oct 2024 16:45:07 -0700
Subject: [PATCH] migrate VPN service to Docker Compos

---
 Dockerfile.vpn              |  8 ++++++++
 Dockerfile.vpn.dockerignore |  2 ++
 Makefile                    | 10 ++++++++++
 docker-compose.yml          | 20 ++++++++++++++++++++
 4 files changed, 40 insertions(+)
 create mode 100644 Dockerfile.vpn
 create mode 100644 Dockerfile.vpn.dockerignore
 create mode 100644 docker-compose.yml

diff --git a/Dockerfile.vpn b/Dockerfile.vpn
new file mode 100644
index 00000000000..a2ab858b62f
--- /dev/null
+++ b/Dockerfile.vpn
@@ -0,0 +1,8 @@
+# Use a Microsoft-approved image
+FROM mcr.microsoft.com/azure-cli:2.61.0 AS base
+
+# Install OpenVPN
+USER root
+RUN apk add --no-cache openvpn || tdnf install -y openvpn || dnf install -y openvpn
+
+ENTRYPOINT openvpn
\ No newline at end of file
diff --git a/Dockerfile.vpn.dockerignore b/Dockerfile.vpn.dockerignore
new file mode 100644
index 00000000000..4ee7adaddb8
--- /dev/null
+++ b/Dockerfile.vpn.dockerignore
@@ -0,0 +1,2 @@
+# ignore everything
+*
diff --git a/Makefile b/Makefile
index 0ab96cab914..7a7b28f4da9 100644
--- a/Makefile
+++ b/Makefile
@@ -539,3 +539,13 @@ run-rp: ci-rp podman-secrets
 		--secret proxy-client.crt,target=/app/secrets/proxy-client.crt \
 		--secret proxy.crt,target=/app/secrets/proxy.crt \
 		$(LOCAL_ARO_RP_IMAGE):$(VERSION) rp
+
+.PHONY: vpn
+vpn:
+	docker compose build vpn
+
+.PHONY: run-vpn
+run-vpn:
+	docker compose rm -sf vpn
+	docker compose up vpn
+	docker compose logs --follow vpn
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 00000000000..7bf8499d0c5
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,20 @@
+version: '3.8'
+
+services:
+  vpn:
+    image: vpn:${VERSION}
+    build:
+      context: .
+      dockerfile: Dockerfile.vpn
+    container_name: vpn
+    privileged: true
+    volumes:
+      - ${PWD}/secrets:/secrets:z
+    entrypoint: "openvpn"
+    command: ["/secrets/vpn-eastus.ovpn"]
+    healthcheck:
+      test: ["CMD", "pidof", "openvpn"]
+      start_period: 20s
+      interval: 20s
+      timeout: 3s
+      retries: 3
\ No newline at end of file