diff --git a/docs/dn42.md b/docs/additional/dn42_interconnection.md similarity index 100% rename from docs/dn42.md rename to docs/additional/dn42_interconnection.md diff --git a/docs/additional/dns.md b/docs/additional/dns.md new file mode 100644 index 0000000..2a7e9b3 --- /dev/null +++ b/docs/additional/dns.md @@ -0,0 +1,126 @@ +# Servers + +HINT: This is currently a work in progress by @mark22k + +## Rekursiv + +| DNS | IP address | +| --- | --- | +| recur1.bandura.crxn | fd92:58b6:2b2::5353 | + +## Authoritiv + +# Resolve CRXN domains only + +Advantage: +- Very simple configuration + +Disadvantage: +- No more access to Clearnet domains +- Dependence on one server + +You can enter a recursive CRXN server as your DNS server in the operating system. + +The configuration of this differs depending on the operating system. For example, in Debian without NetworkManager, you can add the following to `/etc/resolv.conf`: +``` +nameserver fd92:58b6:2b2::5353 +``` + +# Run your own forwarder + +Advantage: +- Simple configuration + +Disadvantage: +- Dependence on one server + +With this method, you run a small DNS server of your own, which receives and forwards requests. This is suitable for one computer or very small networks. + +There are several software you can use for this. + +## Coredns + +This guide is for Debian based systems. +First you need to download Coredns. You can find the software at https://coredns.io/. As a download package you get a compressed file. Extract it and make the file `coredns` executable and copy it into the directory `/usr/local/bin`. +``` +$tar xvf coredns_1.10.0_linux_amd64.tgz +$chmod +x coredns +$sudo cp coredns /usr/local/bin/ +``` + +To start Coredns automatically you can create a Systemd unit: +``` +$ editor /etc/systemd/system/coredns.service +``` + +Paste the following: +``` +[Unit] +Description=CoreDNS DNS server +Documentation=https://coredns.io/ +After=network.target +After=alfis.service +After=meshnamed.service + +[Service] +PermissionsStartOnly=true +LimitNOFILE=1048576 +LimitNPROC=512 +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE +NoNewPrivileges=true +User=coredns +ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile +ExecReload=/bin/kill -SIGUSR1 $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +``` + +After that reload systemd: +``` +$sudo systemctl daemon-reload +``` + +To isolate Coredns, you create a new user: +``` +$sudo adduser --home /etc/coredns/ --disabled-password --disabled-login coredns +``` + +After that you can create and edit the Coredns configuration file `Corefile`: +``` +editor /etc/coredns/Corefile +``` + +Paste the following: +``` +crxn., d.f.ip6.arpa. { + loop + bind 127.0.0.1 ::1 + forward . fd92:58b6:2b2::5353 +} +``` +Replace `fd92:58b6:2b2::5353` with your preferred recursive server. +With `bind 127.0.0.1 ::1` you bind Coredns to your local machine only, so no one else can access it. If you want to create a network forwarder, you have to remove this line. If you want to restrict the forwarder access only to a specific network, you can use the [ACL Plugin](https://coredns.io/plugins/acl/). + +To resolve Clearnet domains, insert the following: +``` +. { + loop + bind 127.0.0.1 ::1 + forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 { + tls_servername 1dot1dot1dot1.cloudflare-dns.com + } +} + +``` + + + + + + + + + diff --git a/docs/otg/deavmi.md b/docs/additional/otg/deavmi.md similarity index 100% rename from docs/otg/deavmi.md rename to docs/additional/otg/deavmi.md diff --git a/docs/otg/index.md b/docs/additional/otg/index.md similarity index 93% rename from docs/otg/index.md rename to docs/additional/otg/index.md index 810d764..4b71170 100644 --- a/docs/otg/index.md +++ b/docs/additional/otg/index.md @@ -5,4 +5,4 @@ CRXN _On-the-go_ are a collection of services run by a few people on CRXN that h So far we have two people offering such services: -1. [Deavmi's OTG](deavmi.md) \ No newline at end of file +1. [Deavmi's OTG](deavmi) diff --git a/docs/dns/dns.md b/docs/dns/dns.md deleted file mode 100644 index 138521b..0000000 --- a/docs/dns/dns.md +++ /dev/null @@ -1,19 +0,0 @@ -CRXN DNS -======== - -![](dns/dns.png) - -**CRXN DNS** offers users the ability to map their CRXN IP address to human-readable names to make life easier. -The way DNS is managed on CRXN is via the [RecordDB](http://codeberg.org/CRXN/zones/src/branch/master/all) whereby -you make a pull request to add your entries and it gets approved by one of the network administrators. The time for -the new records to reflect is dependent on which root nameserver your choose to use. - -## Root nameservers - -1. **Deavmi's root nameserver**:`fd08:8441:e254::4` (`dns1.crxn`) - 1. This server updates records every 10 minutes - 2. Provides clearnet name resolution as well - -## Setting up your own root - -A tutorial on how to do so is currently in the works. \ No newline at end of file diff --git a/docs/dns/dns.png b/docs/dns/dns.png deleted file mode 100644 index 9c5e367..0000000 Binary files a/docs/dns/dns.png and /dev/null differ diff --git a/docs/dns/home.md b/docs/dns/home.md new file mode 100644 index 0000000..18e7611 --- /dev/null +++ b/docs/dns/home.md @@ -0,0 +1,124 @@ +# Servers + +## Rekursiv + +| DNS | IP address | +| --- | --- | +| recur1.bandura.crxn | fd92:58b6:2b2::5353 | + +## Authoritiv + +# Resolve CRXN domains only + +Advantage: +- Very simple configuration + +Disadvantage: +- No more access to Clearnet domains +- Dependence on one server + +You can enter a recursive CRXN server as your DNS server in the operating system. + +The configuration of this differs depending on the operating system. For example, in Debian without NetworkManager, you can add the following to `/etc/resolv.conf`: +``` +nameserver fd92:58b6:2b2::5353 +``` + +# Run your own forwarder + +Advantage: +- Simple configuration + +Disadvantage: +- Dependence on one server + +With this method, you run a small DNS server of your own, which receives and forwards requests. This is suitable for one computer or very small networks. + +There are several software you can use for this. + +## Coredns + +This guide is for Debian based systems. +First you need to download Coredns. You can find the software at https://coredns.io/. As a download package you get a compressed file. Extract it and make the file `coredns` executable and copy it into the directory `/usr/local/bin`. +``` +$tar xvf coredns_1.10.0_linux_amd64.tgz +$chmod +x coredns +$sudo cp coredns /usr/local/bin/ +``` + +To start Coredns automatically you can create a Systemd unit: +``` +$ editor /etc/systemd/system/coredns.service +``` + +Paste the following: +``` +[Unit] +Description=CoreDNS DNS server +Documentation=https://coredns.io/ +After=network.target +After=alfis.service +After=meshnamed.service + +[Service] +PermissionsStartOnly=true +LimitNOFILE=1048576 +LimitNPROC=512 +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE +NoNewPrivileges=true +User=coredns +ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile +ExecReload=/bin/kill -SIGUSR1 $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +``` + +After that reload systemd: +``` +$sudo systemctl daemon-reload +``` + +To isolate Coredns, you create a new user: +``` +$sudo adduser --home /etc/coredns/ --disabled-password --disabled-login coredns +``` + +After that you can create and edit the Coredns configuration file `Corefile`: +``` +editor /etc/coredns/Corefile +``` + +Paste the following: +``` +crxn., d.f.ip6.arpa. { + loop + bind 127.0.0.1 ::1 + forward . fd92:58b6:2b2::5353 +} +``` +Replace `fd92:58b6:2b2::5353` with your preferred recursive server. +With `bind 127.0.0.1 ::1` you bind Coredns to your local machine only, so no one else can access it. If you want to create a network forwarder, you have to remove this line. If you want to restrict the forwarder access only to a specific network, you can use the [ACL Plugin](https://coredns.io/plugins/acl/). + +To resolve Clearnet domains, insert the following: +``` +. { + loop + bind 127.0.0.1 ::1 + forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 { + tls_servername 1dot1dot1dot1.cloudflare-dns.com + } +} + +``` + + + + + + + + + diff --git a/docs/dns/server.md b/docs/dns/server.md new file mode 100644 index 0000000..18e7611 --- /dev/null +++ b/docs/dns/server.md @@ -0,0 +1,124 @@ +# Servers + +## Rekursiv + +| DNS | IP address | +| --- | --- | +| recur1.bandura.crxn | fd92:58b6:2b2::5353 | + +## Authoritiv + +# Resolve CRXN domains only + +Advantage: +- Very simple configuration + +Disadvantage: +- No more access to Clearnet domains +- Dependence on one server + +You can enter a recursive CRXN server as your DNS server in the operating system. + +The configuration of this differs depending on the operating system. For example, in Debian without NetworkManager, you can add the following to `/etc/resolv.conf`: +``` +nameserver fd92:58b6:2b2::5353 +``` + +# Run your own forwarder + +Advantage: +- Simple configuration + +Disadvantage: +- Dependence on one server + +With this method, you run a small DNS server of your own, which receives and forwards requests. This is suitable for one computer or very small networks. + +There are several software you can use for this. + +## Coredns + +This guide is for Debian based systems. +First you need to download Coredns. You can find the software at https://coredns.io/. As a download package you get a compressed file. Extract it and make the file `coredns` executable and copy it into the directory `/usr/local/bin`. +``` +$tar xvf coredns_1.10.0_linux_amd64.tgz +$chmod +x coredns +$sudo cp coredns /usr/local/bin/ +``` + +To start Coredns automatically you can create a Systemd unit: +``` +$ editor /etc/systemd/system/coredns.service +``` + +Paste the following: +``` +[Unit] +Description=CoreDNS DNS server +Documentation=https://coredns.io/ +After=network.target +After=alfis.service +After=meshnamed.service + +[Service] +PermissionsStartOnly=true +LimitNOFILE=1048576 +LimitNPROC=512 +CapabilityBoundingSet=CAP_NET_BIND_SERVICE +AmbientCapabilities=CAP_NET_BIND_SERVICE +NoNewPrivileges=true +User=coredns +ExecStart=/usr/local/bin/coredns -conf=/etc/coredns/Corefile +ExecReload=/bin/kill -SIGUSR1 $MAINPID +Restart=on-failure + +[Install] +WantedBy=multi-user.target +``` + +After that reload systemd: +``` +$sudo systemctl daemon-reload +``` + +To isolate Coredns, you create a new user: +``` +$sudo adduser --home /etc/coredns/ --disabled-password --disabled-login coredns +``` + +After that you can create and edit the Coredns configuration file `Corefile`: +``` +editor /etc/coredns/Corefile +``` + +Paste the following: +``` +crxn., d.f.ip6.arpa. { + loop + bind 127.0.0.1 ::1 + forward . fd92:58b6:2b2::5353 +} +``` +Replace `fd92:58b6:2b2::5353` with your preferred recursive server. +With `bind 127.0.0.1 ::1` you bind Coredns to your local machine only, so no one else can access it. If you want to create a network forwarder, you have to remove this line. If you want to restrict the forwarder access only to a specific network, you can use the [ACL Plugin](https://coredns.io/plugins/acl/). + +To resolve Clearnet domains, insert the following: +``` +. { + loop + bind 127.0.0.1 ::1 + forward . tls://1.1.1.1 tls://1.0.0.1 tls://2606:4700:4700::1111 tls://2606:4700:4700::1001 { + tls_servername 1dot1dot1dot1.cloudflare-dns.com + } +} + +``` + + + + + + + + + diff --git a/docs/getting-started.md b/docs/getting-started/index.md similarity index 60% rename from docs/getting-started.md rename to docs/getting-started/index.md index 90d63fe..e380f02 100644 --- a/docs/getting-started.md +++ b/docs/getting-started/index.md @@ -1,5 +1,4 @@ -Getting started -=============== +# Getting started Firstly we'd like to say that we're glad you'd like to join our network and greater community! This document will provide you with the directions you @@ -11,24 +10,23 @@ Below you can follow the steps one-by-one to get yourself familiar with our practices and inner-workings and by the end you should have all the information and configuration details needed to get connected! -1. [Rules](rules.md) +1. [Rules](rules) * We have **few** but **strict** rules nonetheless * Zero-tolerance for breaking them -2. [Requirements](requirements.md) -3. Registration - * [Adding your prefix to EntityDB](registration/entitydb.md) +2. [Requirements](requirements) +3. [Registration](registration) 4. Setting up routing - 1. [Forwarding](routing/bird/forwarding.md) - 2. [Setting up Bird](routing/bird/bird.md) + 1. [Forwarding](routing/bird/forwarding) + 2. [Setting up Bird](routing/bird/bird) 5. Tunneling - * [Fastd tunneling](tunneling/fastd.md) + * [Fastd tunneling](tunneling/fastd) 6. Setting up your home network * Configuring your hosts 1. Automatically with SLAAC and radv - 1. [Setting up radv (router)](radv/index.md) - 2. [Setting up SLAAC (hosts)](slaac/slaac.md) - * [CRXN DNS](dns/dns.md) + 1. [Setting up radv (router)](radv/index) + 2. [Setting up SLAAC (hosts)](slaac/slaac) + * [DNS](dns/home) ## What's next? -Once you're connected there are various things you can do on the network, take a look at [some of he things](services/) you can do. \ No newline at end of file +Once you're connected there are various things you can do on the network, take a look at [some of the things](services/) you can do. diff --git a/docs/registration/entitydb.md b/docs/getting-started/registration.md similarity index 95% rename from docs/registration/entitydb.md rename to docs/getting-started/registration.md index e9c8a3c..ba2952e 100644 --- a/docs/registration/entitydb.md +++ b/docs/getting-started/registration.md @@ -1,5 +1,4 @@ -Prefix allocation and registration -================================== +# Prefix allocation and registration To simply forward IPv6 traffic on CRXN one only needs an IPv6 link-local address which is always guaranteed to be assigned (most of the time), however normally people join CRXN so that they can _also_ host services (and access others) on the inter-network. Therefore, one needs to allocate a prefix and register it to be able to make use of the network in such a manner. @@ -15,4 +14,4 @@ You can generate your ULA you would like to use for CRXN using a tool such as [U Once you have your prefix generated you then are required to register the prefix. This entails adding your prefix to a database known as _EntityDB_ which holds all such entries. This is done in order to ensure there are no clashes with addresses and also doubles as a source of truth in terms of what networks _should_ be available on CRXN along with some information about available services. -To register your prefix on EntityDB please visit the repository [here](https://codeberg.org/CRXN/entitydb), fork the repository, then follow the [`README.md`](https://codeberg.org/CRXN/entitydb/src/branch/master/README.md) on how to format your entry, create a pull request and wait for approval from a network administrator. Only then will you be allowed to continue with this tutorial. \ No newline at end of file +To register your prefix on EntityDB please visit the repository [here](https://codeberg.org/CRXN/entitydb), fork the repository, then follow the [`README.md`](https://codeberg.org/CRXN/entitydb/src/branch/master/README.md) on how to format your entry, create a pull request and wait for approval from a network administrator. Only then will you be allowed to continue with this tutorial. diff --git a/docs/requirements.md b/docs/getting-started/requirements.md similarity index 100% rename from docs/requirements.md rename to docs/getting-started/requirements.md diff --git a/docs/rules.md b/docs/getting-started/rules.md similarity index 94% rename from docs/rules.md rename to docs/getting-started/rules.md index 9016fc6..191eba6 100644 --- a/docs/rules.md +++ b/docs/getting-started/rules.md @@ -31,4 +31,4 @@ We really don't want the scum of internet degeneracy on here (see first subpoint You break the rules, you're going to get removed. We don't take shit here. -**You will be reported to the authorities** \ No newline at end of file +**You will be reported to the authorities** diff --git a/docs/home_network/dns.md b/docs/home_network/dns.md new file mode 100644 index 0000000..0051684 --- /dev/null +++ b/docs/home_network/dns.md @@ -0,0 +1,3 @@ +# DNS + +TODO: Add documentation @mark22k diff --git a/docs/home_network/index.md b/docs/home_network/index.md new file mode 100644 index 0000000..8a78e38 --- /dev/null +++ b/docs/home_network/index.md @@ -0,0 +1,3 @@ + +- [Setting up radv (router)](radv.html) +- [Setting up SLAAC (hosts)](slaac.html) diff --git a/docs/radv/index.md b/docs/home_network/radv.md similarity index 100% rename from docs/radv/index.md rename to docs/home_network/radv.md diff --git a/docs/slaac/slaac.md b/docs/home_network/slaac.md similarity index 76% rename from docs/slaac/slaac.md rename to docs/home_network/slaac.md index 849a887..bf2f7ea 100644 --- a/docs/slaac/slaac.md +++ b/docs/home_network/slaac.md @@ -9,36 +9,36 @@ Configuring your hosts for automatic IP network and address assignment, DNS and For NetworkManager-based systems do the following. Open up `nm-connection-editor` and you should have a screen appear like this: -![](nm-connection-editor.png) +![](../img/slaac/nm-connection-editor.png) Then double click on the wifi or ethernet connection you have active of which connects you to the same LAN as your router and you should see a window like this popup: -![](nm-connection-window.png) +![](../img/slaac/nm-connection-window.png) Then go to the `IPv6` tab and you should see this: -![](ipv6-nm-connection.png) +![](../img/slaac/ipv6-nm-connection.png) Now make sure that this part is set to `Automatic`: -![](address_acquisition_automatic.png) +![](../img/slaac/address_acquisition_automatic.png) And then for the bottom two parts you can choose whatever option you want in these dropdowns: -![](whatever_you_want.png) +![](../img/slaac/whatever_you_want.png) Once you have configured that, then hit save and close all those windows: -![](save_connection.png) +![](../img/slaac/save_connection.png) What you want to do now is to open `nmtui` (in your terminal) and reactivate that connection, first go to _Activate a connection_: -![](nmtui_main_menu.png) +![](../img/slaac/nmtui_main_menu.png) Now reactivate the connection. You can do this by deactivating it and activating it again (unplugging and replugging won't reactivate it - it doesn't reload the profile). -![](connection_reactivate.png) +![](../img/slaac/connection_reactivate.png) --- -And that is it, now you should be connected to CRXN on your laptop via your router. \ No newline at end of file +And that is it, now you should be connected to CRXN on your laptop via your router. diff --git a/docs/logo.png b/docs/img/logo.png similarity index 100% rename from docs/logo.png rename to docs/img/logo.png diff --git a/docs/map.png b/docs/img/map.png similarity index 100% rename from docs/map.png rename to docs/img/map.png diff --git a/docs/people/deavmi.jpg b/docs/img/people/deavmi.jpg similarity index 100% rename from docs/people/deavmi.jpg rename to docs/img/people/deavmi.jpg diff --git a/docs/registration/generated_prefix.png b/docs/img/registration/generated_prefix.png similarity index 100% rename from docs/registration/generated_prefix.png rename to docs/img/registration/generated_prefix.png diff --git a/docs/registration/homepage_ungleich.png b/docs/img/registration/homepage_ungleich.png similarity index 100% rename from docs/registration/homepage_ungleich.png rename to docs/img/registration/homepage_ungleich.png diff --git a/docs/registration/prefix_page_ungleich.png b/docs/img/registration/prefix_page_ungleich.png similarity index 100% rename from docs/registration/prefix_page_ungleich.png rename to docs/img/registration/prefix_page_ungleich.png diff --git a/docs/slaac/Screenshot from 2021-06-03 11-14-34.png b/docs/img/slaac/Screenshot from 2021-06-03 11-14-34.png similarity index 100% rename from docs/slaac/Screenshot from 2021-06-03 11-14-34.png rename to docs/img/slaac/Screenshot from 2021-06-03 11-14-34.png diff --git a/docs/slaac/address_acquisition_automatic.png b/docs/img/slaac/address_acquisition_automatic.png similarity index 100% rename from docs/slaac/address_acquisition_automatic.png rename to docs/img/slaac/address_acquisition_automatic.png diff --git a/docs/slaac/connection_reactivate.png b/docs/img/slaac/connection_reactivate.png similarity index 100% rename from docs/slaac/connection_reactivate.png rename to docs/img/slaac/connection_reactivate.png diff --git a/docs/slaac/ipv6-nm-connection.png b/docs/img/slaac/ipv6-nm-connection.png similarity index 100% rename from docs/slaac/ipv6-nm-connection.png rename to docs/img/slaac/ipv6-nm-connection.png diff --git a/docs/slaac/nm-connection-editor.png b/docs/img/slaac/nm-connection-editor.png similarity index 100% rename from docs/slaac/nm-connection-editor.png rename to docs/img/slaac/nm-connection-editor.png diff --git a/docs/slaac/nm-connection-window.png b/docs/img/slaac/nm-connection-window.png similarity index 100% rename from docs/slaac/nm-connection-window.png rename to docs/img/slaac/nm-connection-window.png diff --git a/docs/slaac/nmtui_main_menu.png b/docs/img/slaac/nmtui_main_menu.png similarity index 100% rename from docs/slaac/nmtui_main_menu.png rename to docs/img/slaac/nmtui_main_menu.png diff --git a/docs/slaac/save_connection.png b/docs/img/slaac/save_connection.png similarity index 100% rename from docs/slaac/save_connection.png rename to docs/img/slaac/save_connection.png diff --git a/docs/slaac/whatever_you_want.png b/docs/img/slaac/whatever_you_want.png similarity index 100% rename from docs/slaac/whatever_you_want.png rename to docs/img/slaac/whatever_you_want.png diff --git a/docs/index.md b/docs/index.md index c056930..07f2123 100644 --- a/docs/index.md +++ b/docs/index.md @@ -1,16 +1,7 @@ -