nebula组网
nebula是一款开源P2P VPN,只需要有一个中心节点(Lighthouse),其余edge节点通过中心节点建立一次连接之后,edge之间会自己进行fullmesh,从而达到一个P2P的一个使用情况,当遇到无法P2P的时候,也可通过中心节点进行relay
github地址:https://github.com/slackhq/nebula
pki:
ca: |
-----BEGIN NEBULA CERTIFICATE-----
CjUKA3Zwbijv0uHDBjDvuebSBjogGwsKyWBs00TZHvoFDdEQH15IbPU79/M8MZeH
qi8Sz6JAARJA1skJE17fSIvvSuwqy+Zkk+vV/lbwDFUJ7UanChGODm71M33Rm+ly
Vlkcgy08GKLAcGMMMSHrq0NKoeEV6tAeDg==
-----END NEBULA CERTIFICATE-----
cert: |
-----BEGIN NEBULA CERTIFICATE-----
CmIKBHRlc3QSCoHQoIUMgP7//w8o99PhwwYw7rnm0gY6IOu/0tXbrv7mG0GSYeo7
vlHbt6UU+2KdqlvPFx/Py517SiA7dMDbiedhrgsAQMwJo9mm/cKrrFZId5f8StUO
uj1RaBJA0TgbxI1oOiAtSqojPLxFSjuPcfLH52griyH9PYuKzfaNpWCPEMMMoonW
bz0KHMWknPMiJvxi4KxgjY/y8tzHDA==
-----END NEBULA CERTIFICATE-----
key: |
-----BEGIN NEBULA X25519 PRIVATE KEY-----
MP+DbZASkxlMUkG+iiUxe8IKotJl5E/3HtNidM669p4=
-----END NEBULA X25519 PRIVATE KEY-----
lighthouse:
am_lighthouse: true # 启用灯塔角色
listen:
host: "::"
port: 14142 #nebula端口 记得在主路由设置端口映射
punchy:
punch: true
relay:
am_relay: true
firewall:
inbound:
- port: any
proto: any
host: any
outbound:
- port: any
proto: any
host: any
tun:
dev: nebula
drop_local_broadcast: false
drop_external_multicast: false
tx_queue: 500
mtu: 1300
sshd:
enabled: true
listen: 127.0.0.1:2222
host_key: /etc/nebula/ssh_host_ed25519_key
authorized_users:
- user: root
keys:
- 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC7wWNqkTg6Gs4hRHy6KWrPCHVYdVynmpRfa3qwWcsDgACaW7182BNA3g173L9CTAEebeXxMyalYcpGDiqu5xOLF6BDLiRK2GcN5ekTuwev8Qv2AVXMso1wrYGfEBk5ZF43kiByQMNN6heEyoWycH+0lYr1C4I+JKuV/3pb6cBNNaWyJzBymrH7C6mWIKZ0eVW9QyQW3ofRjG/Kt0w7nei6JoT3ia3Gewgii779fgHObT6kEdQbQIC5TKe5XfW/giSEPdjI8V1myayOrUMTKGy/LSYoubPyWOffV2QZjTHzTBosE9t6UPiZ6cK0R664K3SdfHusJImhM/8hIu45JxiKc7GoGok+FnmThFbJHSjuRlKHkuEMSkgIMJMSa1kFWgwy1gv6zDpeTFVCZjyi/i5z9wkVh+tkSiTmImOKSIFa67VUnb7EMdGwhleFJmFFSLNZX1DQGAN8CeJpCujmnIHWPbQSxwdf9WipmKtj8YHoiLQyaacenB6ARmlhnRA1UCk= root@AliCloud'
pki:
ca: |
-----BEGIN NEBULA CERTIFICATE-----
CjUKA3Zwbijv0uHDBjDvuebSBjogGwsKyWBs00TZHvoFDdEQH15IbPU79/M8MZeH
qi8Sz6JAARJA1skJE17fSIvvSuwqy+Zkk+vV/lbwDFUJ7UanChGODm71M33Rm+ly
Vlkcgy08GKLAcGMMMSHrq0NKoeEV6tAeDg==
-----END NEBULA CERTIFICATE-----
cert: |
-----BEGIN NEBULA CERTIFICATE-----
CmYKCHRlc3Rob21lEgqC0KCFDID+//8PKP7T4cMGMO655tIGOiDWZBzZ3tww0oPr
Ibl/FPIRqSb/V+IVgI7Z/qS8rNKIFkogO3TA24nnYa4LAEDMCaPZpv3Cq6xWSHeX
/ErVDro9UWgSQBcwsCf0U3zeo6Tg/2LnV+J/3MSJpSCvee1drelPXVi3hi9xVvPc
FVrszIkXYdn3UXoLkxeLGnb4QVdHk2S/Jws=
-----END NEBULA CERTIFICATE-----
key: |
-----BEGIN NEBULA X25519 PRIVATE KEY-----
jRX5kyCu3sLKUQ32WPLqq98P1Ea5+F5QpMlfhGCOoRg=
-----END NEBULA X25519 PRIVATE KEY-----
lighthouse:
am_lighthouse: false
hosts:
- "192.168.40.1"
static_host_map:
"192.168.40.1": ["8.210.169.56:14142"]
punchy:
punch: true
relay:
relays:
- 192.168.40.1
am_relay: false
use_relays: true
firewall:
inbound:
- port: any
proto: any
host: any
outbound:
- port: any
proto: any
host: any
tun:
dev: nebula
drop_local_broadcast: false
drop_external_multicast: false
tx_queue: 500
mtu: 1300
pki:
ca: |
-----BEGIN NEBULA CERTIFICATE-----
CjUKA3Zwbijv0uHDBjDvuebSBjogGwsKyWBs00TZHvoFDdEQH15IbPU79/M8MZeH
qi8Sz6JAARJA1skJE17fSIvvSuwqy+Zkk+vV/lbwDFUJ7UanChGODm71M33Rm+ly
Vlkcgy08GKLAcGMMMSHrq0NKoeEV6tAeDg==
-----END NEBULA CERTIFICATE-----
cert: |
-----BEGIN NEBULA CERTIFICATE-----
CmQKBmF6dGVzdBIKg9CghQyA/v//DyiD9+bDBjDuuebSBjogdM+5NpROSqsyOUJN
UxLxX/1kpHxP5pXb0xSrobKdZn9KIDt0wNuJ52GuCwBAzAmj2ab9wqusVkh3l/xK
1Q66PVFoEkDvj9voYSLXrwGCBgfyuf+1SgXOHyk/THzS17OQK3YJSTtSJx7Jv2oJ
rhgfG3+l5taz45dAjGv0vNSJrT1iNMEI
-----END NEBULA CERTIFICATE-----
key: |
-----BEGIN NEBULA X25519 PRIVATE KEY-----
Hxd4aNFyjAb9iDU/eVJW4JDmS8g9iyKyJIuLeeJMnrc=
-----END NEBULA X25519 PRIVATE KEY-----
lighthouse:
am_lighthouse: false
hosts:
- "192.168.40.1"
static_host_map:
"192.168.40.1": ["8.210.169.56:14142"]
punchy:
punch: true
relay:
relays:
- 192.168.40.1
firewall:
inbound:
- port: any
proto: any
host: any
outbound:
- port: any
proto: any
host: any
tun:
dev: nebula
drop_local_broadcast: false
drop_external_multicast: false
tx_queue: 500
mtu: 1300
转载请注明来源
