SSTP VPN Docker Container
A lightweight Alpine Linux Docker container for establishing SSTP VPN connections. Built for ARM64 but works on other architectures.
Features
- Alpine Linux based (minimal footprint)
- SSTP client built from source
- PPP with MSCHAPv2 authentication
- Selective routing (only specified subnets through tunnel)
- Auto-reconnect on connection loss
- Includes sample Bun HTTP server for connectivity testing
Prerequisites
- Docker
- Linux kernel with PPP support
Loading PPP Kernel Modules
modprobe ppp_generic modprobe ppp_async modprobe ppp_mppe # Create /dev/ppp if missing [ -e /dev/ppp ] || mknod /dev/ppp c 108 0
Quick Start
-
Configure credentials:
cp credentials.env.example credentials.env # Edit credentials.env with your SSTP server details -
Build:
docker build -t sstp-docker . -
Run:
docker run -d \ --name sstp-vpn \ --network host \ --cap-add NET_ADMIN \ --device /dev/ppp \ --env-file credentials.env \ sstp-docker
Configuration
Environment Variables
| Variable | Description |
|---|---|
SSTP_SERVER |
SSTP server hostname or IP |
SSTP_USER |
VPN username |
SSTP_PASS |
VPN password |
Docker Options
| Option | Purpose |
|---|---|
--network host |
Required for PPP interface creation |
--cap-add NET_ADMIN |
Required for routing/interface config |
--device /dev/ppp |
Required for PPP tunnel |
Routing
By default, only 10.11.13.0/24 is routed through the tunnel. Modify entrypoint.sh to change:
ip route add YOUR_SUBNET/MASK dev ppp0
Logs
Test Server
The included Bun server (port 3000) provides:
| Endpoint | Description |
|---|---|
/ |
Status |
/ip |
External IP |
/health |
Health check |
License
MIT