From f1f25f4764dd8d297a59765b0df85f55da2b39ee Mon Sep 17 00:00:00 2001 From: flu0r1ne Date: Mon, 19 Jul 2021 21:08:50 -0500 Subject: Init --- pages/_app.tsx | 24 ++++ pages/greeting.md | 13 ++ pages/index.tsx | 13 ++ pages/posts/index.tsx | 18 +++ pages/posts/nebula-on-debian/index.tsx | 12 ++ pages/posts/nebula-on-debian/nebula.md | 256 +++++++++++++++++++++++++++++++++ pages/posts/posts.md | 5 + 7 files changed, 341 insertions(+) create mode 100644 pages/_app.tsx create mode 100644 pages/greeting.md create mode 100644 pages/index.tsx create mode 100644 pages/posts/index.tsx create mode 100644 pages/posts/nebula-on-debian/index.tsx create mode 100644 pages/posts/nebula-on-debian/nebula.md create mode 100644 pages/posts/posts.md (limited to 'pages') diff --git a/pages/_app.tsx b/pages/_app.tsx new file mode 100644 index 0000000..7b7f22b --- /dev/null +++ b/pages/_app.tsx @@ -0,0 +1,24 @@ +import '../styles/reset.css'; +import '@fontsource/inconsolata/600.css'; +import '@fontsource/inconsolata'; +import '../styles/defaults.scss'; +import type { AppProps } from 'next/app'; +import Head from 'next/head'; +import 'highlight.js/styles/github.css'; + +function MyApp({ Component, pageProps }: AppProps) { + return ( + <> + + flu0r1ne.net + + + + + + + + ); +} + +export default MyApp; \ No newline at end of file diff --git a/pages/greeting.md b/pages/greeting.md new file mode 100644 index 0000000..7952c9b --- /dev/null +++ b/pages/greeting.md @@ -0,0 +1,13 @@ +## Hello, + +You’ve happened upon my homepage. I’m a student, developer, and engi-nerd pursuing a degree in computer engineering at Texas A&M University. + +- [Posts](/posts) +- [My public git projects](https://www.git.flu0r1ne.net) +- My PGP keys + + [Ascii Armored](/flu0r1ne.asc) + + [Binary](/flu0r1ne.pub) + +Best, + +\- Alex < flur01ne [at] flu0r1ne.net > diff --git a/pages/index.tsx b/pages/index.tsx new file mode 100644 index 0000000..8201dbf --- /dev/null +++ b/pages/index.tsx @@ -0,0 +1,13 @@ +import MarkdownPage from '../templates/MarkdownPage'; +// @ts-ignore +import md from './greeting.md'; + +export default function Home() { + return ( + <> + + + ) +} diff --git a/pages/posts/index.tsx b/pages/posts/index.tsx new file mode 100644 index 0000000..9cbc4bc --- /dev/null +++ b/pages/posts/index.tsx @@ -0,0 +1,18 @@ +import { Breadcrumbs, LinkCrumb } from '../../components/Breadcrumbs'; +import Link from 'next/link'; +import DefaultPage from '../../templates/Default'; +import Markdown from '../../components/Markdown'; +//@ts-ignore +import md from './posts.md'; + +export default function Posts() { + return( + + + + ); +} \ No newline at end of file diff --git a/pages/posts/nebula-on-debian/index.tsx b/pages/posts/nebula-on-debian/index.tsx new file mode 100644 index 0000000..9d3741d --- /dev/null +++ b/pages/posts/nebula-on-debian/index.tsx @@ -0,0 +1,12 @@ +// @ts-ignore +import md from './nebula.md'; +import MarkdownPage from '../../../templates/MarkdownPage'; + +export default function NebulaOnDebian() { + return ( + + ); +} \ No newline at end of file diff --git a/pages/posts/nebula-on-debian/nebula.md b/pages/posts/nebula-on-debian/nebula.md new file mode 100644 index 0000000..9f62040 --- /dev/null +++ b/pages/posts/nebula-on-debian/nebula.md @@ -0,0 +1,256 @@ +Nebula on Debian +================= + +> **Created:** 2021-07-18 **Last Updated:** 2021-07-19 + +I am close to concluding a multi-week endevor to package [Nebula](https://github.com/slackhq/nebula), a VPN-style network mesh networking overlay. If all goes well, it will be uploaded to `debian/unstable` within the next few days. This would also mean the package would be pulled into Ubuntu during the next merge window. + +Preemptively, I'm going to write up a set of install instructions specific to debian derivatives and briefly a few of the decisions made during the packaging process. + +Installation +------------ + +**Step one will currently fail. See [installing from unstable](#installing-from-unstable)** + +For the sake of simplicity, I'm going to assume that you're setting up a network with two nodes -- one lighthouse node and a node on your laptop. Once you understand the process, it easily scales to as many nodes as you wish. Pick your favorite virtualization provider in order to set up the lighthouse. The lighthouse requires minimal resources because it functions as a mutually-reachable node which synchronizes the address mappings. You could use a home server provided that you have a static ip (unlikely) or setup dynamic DNS. The latter may introduce some instability. I'm also assuming both clients are debian derivatives and have access to `apt`. + +If this is not the case, please consult the [upstream instructions](https://github.com/slackhq/nebula#user-content-getting-started-quickly) which will guide you through the processing of installing the binaries directly. + +#### 1. Install Nebula through Aptitude + +You'll need to install Nebula on both endpoints. + +```bash +sudo apt install nebula +``` + +#### 2. Creating a certificate authority + +The certificate authority is to "root of trust" for a Nebula network. Compromising the certificate authority's key file would compromise the integrity and security of the entire network. The upstream instructions recommend that you store the key file in a location with strong encryption [^1]. + +You can generate a `ca.key` and `ca.cert` file with the following command: +```bash +nebula-cert ca -name "Myorganization, Inc" +``` + +You will copy the `ca.crt` file to all the hosts. The `ca.key` file should remain secret. + +#### 4. Nebula host keys and certificates generated from that certificate authority + +With your `ca.key` file in hand, generate keys for each node. + +```bash +nebula-cert sign -name "lighthouse" -ip "192.168.100.1/24" +nebula-cert sign -name "laptop" -ip "192.168.100.2/24" +``` + +Repeate this process for each node. It is important that each is issued a unique internal ip. The IPs are specified in CIDR notation [^2]. This internal ip will be used to configure Nebula later. + +#### 4. Copy the configuration files to each host + +Each host requires the `host.key`, `host.crt`, and `ca.crt` files to be present on the system. By convention, these are located in the `/etc/nebula` directory. Make sure to copy them into this directory. + +For example, to copy the credentials to a lighthouse with ip `203.0.113.11` as `user` you may use sftp and ssh as follows: + +```bash +sftp user@203.0.113.11 </etc/apt/sources.list.d/99-tmp-nebula-overrides.list </etc/apt/preferences.d/99-tmp-nebula-prefer-stable <