Nebula, the open source global overlay network VPN solution

LTS_Tom · January 15, 2021, 12:36am

kevdog · January 15, 2021, 3:03pm

Hey Tom – thanks a lot for putting the NAT issue up front and center. Dumb me would have been trying things and asking myself – why the H***** ISN’T THIS WORKING!!!

I’ll keep an eye out for when the NAT issues have been worked out. Really great demo and the speed seems lightening quick.

gpconnect · January 16, 2021, 2:03am

hello,
can i have your config file to create the service for nebula ?
thanks

LTS_Tom · January 16, 2021, 11:00am

This is what I used in the video, it’s really basic but sure.

./nebula-cert ca -name "Nebula Demo"


./nebula-cert sign -name "oceanlighthouse" -ip "10.0.0.1/24"
./nebula-cert sign -name "home" -ip "10.0.0.2/24"
./nebula-cert sign -name "tomdesktop" -ip "10.0.0.9/24"
./nebula-cert sign -name "london" -ip "10.0.0.44/24"

scp oceanlighthouse.key oceanlighthouse:/etc/nebula/
scp oceanlighthouse.crt oceanlighthouse:/etc/nebula/
scp ca.crt oceanlighthouse:/etc/nebula/

scp home.key nebulahome:/home/lts/
scp home.crt nebulahome:/home/lts/
scp ca.crt nebulahome:/home/lts/

scp london.key london-Nebula:/etc/nebula/
scp london.crt london-Nebula:/etc/nebula/
scp ca.crt london-Nebula:/etc/nebula/

gpconnect · January 16, 2021, 5:36pm

did you created a service for nebula like service “systemctl start nebbula” ?
right now i use nebula brew on my mac and nebula snap implementation on my vps because with the command “./nebula” i need to keep the terminal open for it to work !
i don’t know how to create a service for it to enable it !

LTS_Tom · January 16, 2021, 6:20pm

In Linux you can create a file here /etc/systemd/system/ called nebula.service

Put this into that file:

[Unit]
Description=nebula
Wants=basic.target
After=basic.target network.target

[Service]
SyslogIdentifier=nebula
StandardOutput=syslog
StandardError=syslog
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/nebula -config /etc/nebula/config.yml
Restart=always

[Install]
WantedBy=multi-user.target

Then make it executable
chmod +x nebula.service

Then it will be a service you can enable
systemctl enable nebula.service

LTS_Tom · January 17, 2021, 10:41pm

There is also this Ansible deployment script. I have not tested it but it does look interesting.

gpconnect · January 18, 2021, 5:06pm

thanks ! it was indead in the github repo ! didn’t look enough !