2.1 KiB
2.1 KiB
Retiolum tinc keys and hosts
Contents
VPN Setup
-
Install tinc (e.g. Ubuntu :
sudo apt install tinc
, MacOS:brew install tinc --devel
) -
Create the appropriate directory and perform the initial tinc startup
$ sudo mkdir /etc/tinc/retiolum
$ sudo tincd -K -n retiolum
$ sudo systemctl enable --now tinc@retiolum
-
Provide the key generated in the previous step along with {your_name} (unique name for the machine) to @Mic92. You will get your respective IP addresses in return.
-
Create the tinc-up executable in the /etc/tinc/retiolum folder
$ echo '#!/usr/bin/env bash
curl https://retiolum.thalheim.io/tinc-hosts.tar.bz2 | tar -xjvf - -C /etc/tinc/retiolum/ || true
ip link set $INTERFACE up
ip addr add "Provided_IPv4_from_Step_3"/12 dev $INTERFACE
ip addr add "Provided_IPv6_from_Step_3"/16 dev $INTERFACE' > /etc/tinc/retiolum/tinc-up
$ chmod +x /etc/tinc/retiolum/tinc-up
- Create (if it does not exist) the tinc configuration file
$ echo 'DeviceType = tun
Interface = tinc.retiolum
Name = {your_name_from_Step_3}
LocalDiscovery = yes
ConnectTo = gum
ConnectTo = ni
ConnectTo = prism
ConnectTo = eve
ConnectTo = eva
AutoConnect = yes' > /etc/tinc/retiolum/tinc.conf
- Restart the vpn service
$ systemctl restart tinc@retiolum
You should retrieve hosts' information after the restart. The hosts folder should appear in /etc/tinc/retiolum The list of the hosts is also available here : https://retiolum.thalheim.io/etc.hosts
SSH Setup
- Generate an ssh key-pair or provide an already existing public ssh key to one of the authorised users.
- One of the authorised users should add/modify the user's information in /modules/users.nix (https://github.com/Mic92/doctor-cluster-config)
- Push the change to the repository
- Log in to rose, pull the update(s) (if it's not done in the machine itelf)
- Get in /etc/nixos/ directory and run the script ./update-all.sh
$ cd /etc/nixos
$ ./update-all.sh