GitHub Action for connecting to OpenVPN server.
| Name | Description | Required |
|---|---|---|
config_file |
Location of OpenVPN client config file | yes |
echo_config |
Echo OpenVPN config file to the log | no |
Supported authentication methods:
- Username & password auth
- Client certificate auth
- Both of them
| Name | Description | Required when |
|---|---|---|
username |
Username | Username-password auth |
password |
Password | Username-password auth |
client_key |
Local peer's private key | Client certificate auth |
tls_auth_key |
Pre-shared group key for TLS Auth | Optional |
tls_crypt_key |
Pre-shared group key for TLS Crypt | Optional |
tls_crypt_v2_key |
Per-client key for TLS Crypt V2 | Optional |
Note: It is strongly recommended that you provide all credentials via encrypted secrets.
When providing TLS keys, you should provide only one of either tls_auth_key, tls_crypt_key or tls_crypt_v2_key.
You can determine which by checking the value of your key and looking in the header line.
See the docs for more info about TLS in OpenVPN
- Create client configuration file based on the official sample. It is recommended to use inline certificates to include them directly in configuration file like this.
- Usage in your workflow is like following:
- name: Checkout
uses: actions/checkout@v3
- name: Install OpenVPN
run: |
sudo apt update
sudo apt install -y openvpn openvpn-systemd-resolved
- name: Connect to VPN
uses: "kota65535/github-openvpn-connect-action@v2"
with:
config_file: .github/workflows/client.ovpn
username: ${{ secrets.OVPN_USERNAME }}
password: ${{ secrets.OVPN_PASSWORD }}
client_key: ${{ secrets.OVPN_CLIENT_KEY }}
tls_auth_key: ${{ secrets.OVPN_TLS_AUTH_KEY }}
- name: Build something
run: ./gradlew clean build
# The openvpn process is automatically terminated in post-action phase