mirror of https://codeberg.org/CRXN/docs.git
Refactored OTG documentation
Added details for Rany's OTG
This commit is contained in:
parent
61ef80ff53
commit
3f1de43457
|
@ -0,0 +1,91 @@
|
||||||
|
Deavmi's _on-the-go_
|
||||||
|
====================
|
||||||
|
|
||||||
|
## What is this?
|
||||||
|
|
||||||
|
Deavmi runs a Wireguard tunneling service for client-only (meaning you won't route other's traffic) access to CRXN.
|
||||||
|
|
||||||
|
The service is made available over the following networks:
|
||||||
|
|
||||||
|
* Clearnet IPv6
|
||||||
|
* This means you can connect your Wireguard endpoint to an IPV6 host (my server)
|
||||||
|
* Endpoint address: `2a04:5b81:2010::65`
|
||||||
|
* Yggdrasil
|
||||||
|
* This means you can run the [Yggdrasil software](http://yggdrasil-network.github.io) and use an Yggdrasil IPv6 address as the Wireguard endpoint
|
||||||
|
* Endpoint address: `301:754:2ca2:57f8::1`
|
||||||
|
|
||||||
|
## Setup procedure
|
||||||
|
|
||||||
|
### Generate the private key
|
||||||
|
|
||||||
|
You need to generate a private-public key pair for your Wireguard instance.
|
||||||
|
|
||||||
|
```
|
||||||
|
wg genkey | sudo tee /etc/systemd/network/crxn0-private.key
|
||||||
|
chmod 600 /etc/systemd/network/crxn0-private.key
|
||||||
|
```
|
||||||
|
|
||||||
|
### Fetch the public key
|
||||||
|
|
||||||
|
Get the public key from it (you will need to send that to deavmi):
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo cat /etc/systemd/network/crxn0-private.key | wg pubkey
|
||||||
|
```
|
||||||
|
|
||||||
|
You can then send this to `deavmi` on [BNET](/projects/bonobonet) in the `#crxn` channel. You can also shoot him an email via `deavmi@redxen.eu`.
|
||||||
|
|
||||||
|
### Configure a new wireguard device
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo cat > /etc/systemd/network/crxn0.netdev <<EOF
|
||||||
|
[NetDev]
|
||||||
|
Name = crxn0
|
||||||
|
Kind = wireguard
|
||||||
|
Description = wg peering with crxn over yggdrasil
|
||||||
|
|
||||||
|
[WireGuard]
|
||||||
|
PrivateKeyFile = /etc/systemd/network/crxn0-private.key
|
||||||
|
ListenPort = 51820
|
||||||
|
|
||||||
|
[WireGuardPeer]
|
||||||
|
PublicKey = e0zNJwCyP+sD5oiF0QAkzrM3rJpmg1NeGxEHVCfBClM=
|
||||||
|
AllowedIPs = fd00::/8
|
||||||
|
|
||||||
|
# Depending on how you want to connect change the endpoint here (port remains constant)
|
||||||
|
Endpoint = [301:754:2ca2:57f8::1]:51820
|
||||||
|
EOF
|
||||||
|
```
|
||||||
|
|
||||||
|
### Create the crxn network configuration file
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo cat > /etc/systemd/network/20-crxn0.network <<EOF
|
||||||
|
[Match]
|
||||||
|
Name=crxn0
|
||||||
|
|
||||||
|
[Network]
|
||||||
|
IPv6AcceptRA=false
|
||||||
|
|
||||||
|
[Address]
|
||||||
|
## Uncomment and change this to your IP address
|
||||||
|
# Address=fdf1:1dc1:f54d:0001::1/64 # CHANGE THIS !!!!
|
||||||
|
## Uncomment to route packets from another interface, ie eth0
|
||||||
|
# AddPrefixRoute=false
|
||||||
|
|
||||||
|
[Route]
|
||||||
|
Destination=fd00::/8
|
||||||
|
EOF
|
||||||
|
```
|
||||||
|
|
||||||
|
### Restart
|
||||||
|
|
||||||
|
Restart the service to apply all changes
|
||||||
|
|
||||||
|
```
|
||||||
|
sudo systemctl restart systemd-networkd
|
||||||
|
```
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
I would like to thank zhoreeq for providing the configuration files above.
|
|
@ -0,0 +1,9 @@
|
||||||
|
CRXN _On-the-go_ ™️
|
||||||
|
==================
|
||||||
|
|
||||||
|
CRXN _On-the-go_ are a collection of services run by a few people on CRXN that have decided to lease out client-only access (meaning no bird, no routing) access to CRXN via one of their routers. Normally this will be in the form of a Wireguard endpoint that they make available to you.
|
||||||
|
|
||||||
|
So far we have two people offering such services:
|
||||||
|
|
||||||
|
1. [Deavmi's OTG](deavmi.md)
|
||||||
|
2. [Rany's OTG](rany.md)
|
|
@ -0,0 +1,31 @@
|
||||||
|
Rany's _on-the-go_
|
||||||
|
====================
|
||||||
|
|
||||||
|
## How to use it
|
||||||
|
|
||||||
|
All you need to do to get setup with Rany's On-the-go is the following (run it in your terminal):
|
||||||
|
|
||||||
|
```bash
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
privkey=$(wg genkey)
|
||||||
|
pubkey=$(printf %s "$privkey" | wg pubkey)
|
||||||
|
|
||||||
|
ret=$(curl -s "-Fpubkey=$pubkey" rany1.duckdns.org:5000)
|
||||||
|
|
||||||
|
myaddr=$(printf %s "$ret" | jq -rc .client_address)
|
||||||
|
serveraddr=$(printf %s "$ret" | jq -rc .server_address)
|
||||||
|
serverpubkey=$(printf %s "$ret" | jq -rc .server_pubkey)
|
||||||
|
|
||||||
|
cat <<EOF
|
||||||
|
[Interface]
|
||||||
|
PrivateKey = $privkey
|
||||||
|
Address = $myaddr/8
|
||||||
|
MTU = 1280
|
||||||
|
|
||||||
|
[Peer]
|
||||||
|
PublicKey = $serverpubkey
|
||||||
|
AllowedIPs = fd00::/8
|
||||||
|
Endpoint = $serveraddr
|
||||||
|
EOF
|
||||||
|
```
|
|
@ -28,7 +28,10 @@ nav:
|
||||||
- Setting up SLAAC (hosts): slaac/slaac.md
|
- Setting up SLAAC (hosts): slaac/slaac.md
|
||||||
- CRXN DNS: dns/dns.md
|
- CRXN DNS: dns/dns.md
|
||||||
- Additional:
|
- Additional:
|
||||||
- On-the-go CRXN: onthego.md
|
- On-the-go CRXN:
|
||||||
|
- What is it?: otg/index.md
|
||||||
|
- Deavmi's OTG: otg/deavmi.md
|
||||||
|
- Rany's OTG: otg/rany.md
|
||||||
- Peers: peers.md
|
- Peers: peers.md
|
||||||
- Services: services.md
|
- Services: services.md
|
||||||
- People: people/people.md
|
- People: people/people.md
|
Loading…
Reference in New Issue