Nebula, the open source global overlay network VPN solution

2 Likes

Hey Tom – thanks a lot for putting the NAT issue up front and center. Dumb me would have been trying things and asking myself – why the H***** ISN’T THIS WORKING!!!

I’ll keep an eye out for when the NAT issues have been worked out. Really great demo and the speed seems lightening quick.

hello,
can i have your config file to create the service for nebula ?
thanks

This is what I used in the video, it’s really basic but sure.

./nebula-cert ca -name "Nebula Demo"


./nebula-cert sign -name "oceanlighthouse" -ip "10.0.0.1/24"
./nebula-cert sign -name "home" -ip "10.0.0.2/24"
./nebula-cert sign -name "tomdesktop" -ip "10.0.0.9/24"
./nebula-cert sign -name "london" -ip "10.0.0.44/24"

scp oceanlighthouse.key oceanlighthouse:/etc/nebula/
scp oceanlighthouse.crt oceanlighthouse:/etc/nebula/
scp ca.crt oceanlighthouse:/etc/nebula/

scp home.key nebulahome:/home/lts/
scp home.crt nebulahome:/home/lts/
scp ca.crt nebulahome:/home/lts/

scp london.key london-Nebula:/etc/nebula/
scp london.crt london-Nebula:/etc/nebula/
scp ca.crt london-Nebula:/etc/nebula/

did you created a service for nebula like service “systemctl start nebbula” ?
right now i use nebula brew on my mac and nebula snap implementation on my vps because with the command “./nebula” i need to keep the terminal open for it to work !
i don’t know how to create a service for it to enable it !

In Linux you can create a file here /etc/systemd/system/ called nebula.service

Put this into that file:

[Unit]
Description=nebula
Wants=basic.target
After=basic.target network.target

[Service]
SyslogIdentifier=nebula
StandardOutput=syslog
StandardError=syslog
ExecReload=/bin/kill -HUP $MAINPID
ExecStart=/usr/local/bin/nebula -config /etc/nebula/config.yml
Restart=always

[Install]
WantedBy=multi-user.target

Then make it executable
chmod +x nebula.service

Then it will be a service you can enable
systemctl enable nebula.service

There is also this Ansible deployment script. I have not tested it but it does look interesting.

thanks ! it was indead in the github repo ! didn’t look enough !