Hey Tom – thanks a lot for putting the NAT issue up front and center. Dumb me would have been trying things and asking myself – why the H***** ISN’T THIS WORKING!!!
I’ll keep an eye out for when the NAT issues have been worked out. Really great demo and the speed seems lightening quick.
can i have your config file to create the service for nebula ?
This is what I used in the video, it’s really basic but sure.
./nebula-cert ca -name "Nebula Demo" ./nebula-cert sign -name "oceanlighthouse" -ip "10.0.0.1/24" ./nebula-cert sign -name "home" -ip "10.0.0.2/24" ./nebula-cert sign -name "tomdesktop" -ip "10.0.0.9/24" ./nebula-cert sign -name "london" -ip "10.0.0.44/24" scp oceanlighthouse.key oceanlighthouse:/etc/nebula/ scp oceanlighthouse.crt oceanlighthouse:/etc/nebula/ scp ca.crt oceanlighthouse:/etc/nebula/ scp home.key nebulahome:/home/lts/ scp home.crt nebulahome:/home/lts/ scp ca.crt nebulahome:/home/lts/ scp london.key london-Nebula:/etc/nebula/ scp london.crt london-Nebula:/etc/nebula/ scp ca.crt london-Nebula:/etc/nebula/
did you created a service for nebula like service “systemctl start nebbula” ?
right now i use nebula brew on my mac and nebula snap implementation on my vps because with the command “./nebula” i need to keep the terminal open for it to work !
i don’t know how to create a service for it to enable it !
In Linux you can create a file here
Put this into that file:
[Unit] Description=nebula Wants=basic.target After=basic.target network.target [Service] SyslogIdentifier=nebula StandardOutput=syslog StandardError=syslog ExecReload=/bin/kill -HUP $MAINPID ExecStart=/usr/local/bin/nebula -config /etc/nebula/config.yml Restart=always [Install] WantedBy=multi-user.target
Then make it executable
chmod +x nebula.service
Then it will be a service you can enable
systemctl enable nebula.service
There is also this Ansible deployment script. I have not tested it but it does look interesting.
thanks ! it was indead in the github repo ! didn’t look enough !