add new lighthouse in marks 1984 VPS
This commit is contained in:
parent
b884d22faf
commit
c6c2a7c8e7
117
config-node.yaml
117
config-node.yaml
|
@ -24,6 +24,7 @@ pki:
|
|||
# "{nebula ip}": ["{routable ip/dns name}:{routable port}"]
|
||||
static_host_map:
|
||||
"10.10.100.1": ["185.112.144.69:4242"]
|
||||
"10.10.100.21": ["93.95.230.219:4242"]
|
||||
|
||||
lighthouse:
|
||||
# am_lighthouse is used to enable lighthouse functionality for a node. This should ONLY be true on nodes
|
||||
|
@ -33,9 +34,9 @@ lighthouse:
|
|||
# delegated to for resolution
|
||||
#serve_dns: false
|
||||
#dns:
|
||||
# The DNS host defines the IP to bind the dns listener to. This also allows binding to the nebula node IP.
|
||||
#host: 0.0.0.0
|
||||
#port: 53
|
||||
# The DNS host defines the IP to bind the dns listener to. This also allows binding to the nebula node IP.
|
||||
#host: 0.0.0.0
|
||||
#port: 53
|
||||
# interval is the number of seconds between updates from this node to a lighthouse.
|
||||
# during updates, a node sends information about its current IP addresses to each node.
|
||||
interval: 60
|
||||
|
@ -53,21 +54,21 @@ lighthouse:
|
|||
# "deny" rules are present, then you MUST set a rule for "0.0.0.0/0" as the
|
||||
# default.
|
||||
#remote_allow_list:
|
||||
# Example to block IPs from this subnet from being used for remote IPs.
|
||||
#"172.16.0.0/12": false
|
||||
# Example to block IPs from this subnet from being used for remote IPs.
|
||||
#"172.16.0.0/12": false
|
||||
|
||||
# A more complicated example, allow public IPs but only private IPs from a specific subnet
|
||||
#"0.0.0.0/0": true
|
||||
#"10.0.0.0/8": false
|
||||
#"10.42.42.0/24": true
|
||||
# A more complicated example, allow public IPs but only private IPs from a specific subnet
|
||||
#"0.0.0.0/0": true
|
||||
#"10.0.0.0/8": false
|
||||
#"10.42.42.0/24": true
|
||||
|
||||
# EXPERIMENTAL: This option my change or disappear in the future.
|
||||
# Optionally allows the definition of remote_allow_list blocks
|
||||
# specific to an inside VPN IP CIDR.
|
||||
#remote_allow_ranges:
|
||||
# This rule would only allow only private IPs for this VPN range
|
||||
#"10.42.42.0/24":
|
||||
#"192.168.0.0/16": true
|
||||
# This rule would only allow only private IPs for this VPN range
|
||||
#"10.42.42.0/24":
|
||||
#"192.168.0.0/16": true
|
||||
|
||||
# local_allow_list allows you to filter which local IP addresses we advertise
|
||||
# to the lighthouses. This uses the same logic as `remote_allow_list`, but
|
||||
|
@ -77,12 +78,12 @@ lighthouse:
|
|||
# the inverse). CIDR rules are matched after interface name rules.
|
||||
# Default is all local IP addresses.
|
||||
#local_allow_list:
|
||||
# Example to block tun0 and all docker interfaces.
|
||||
#interfaces:
|
||||
#tun0: false
|
||||
#'docker.*': false
|
||||
# Example to only advertise this subnet to the lighthouse.
|
||||
#"10.0.0.0/8": true
|
||||
# Example to block tun0 and all docker interfaces.
|
||||
#interfaces:
|
||||
#tun0: false
|
||||
#'docker.*': false
|
||||
# Example to only advertise this subnet to the lighthouse.
|
||||
#"10.0.0.0/8": true
|
||||
|
||||
# Port Nebula will be listening on. The default here is 4242. For a lighthouse node, the port should be defined,
|
||||
# however using port 0 will dynamically assign a port and is recommended for roaming nodes.
|
||||
|
@ -133,19 +134,19 @@ punchy:
|
|||
|
||||
# sshd can expose informational and administrative functions via ssh this is a
|
||||
#sshd:
|
||||
# Toggles the feature
|
||||
#enabled: true
|
||||
# Host and port to listen on, port 22 is not allowed for your safety
|
||||
#listen: 127.0.0.1:2222
|
||||
# A file containing the ssh host private key to use
|
||||
# A decent way to generate one: ssh-keygen -t ed25519 -f ssh_host_ed25519_key -N "" < /dev/null
|
||||
#host_key: ./ssh_host_ed25519_key
|
||||
# A file containing a list of authorized public keys
|
||||
#authorized_users:
|
||||
#- user: steeeeve
|
||||
# keys can be an array of strings or single string
|
||||
#keys:
|
||||
#- "ssh public key string"
|
||||
# Toggles the feature
|
||||
#enabled: true
|
||||
# Host and port to listen on, port 22 is not allowed for your safety
|
||||
#listen: 127.0.0.1:2222
|
||||
# A file containing the ssh host private key to use
|
||||
# A decent way to generate one: ssh-keygen -t ed25519 -f ssh_host_ed25519_key -N "" < /dev/null
|
||||
#host_key: ./ssh_host_ed25519_key
|
||||
# A file containing a list of authorized public keys
|
||||
#authorized_users:
|
||||
#- user: steeeeve
|
||||
# keys can be an array of strings or single string
|
||||
#keys:
|
||||
#- "ssh public key string"
|
||||
|
||||
# Configure the private interface. Note: addr is baked into the nebula certificate
|
||||
tun:
|
||||
|
@ -178,7 +179,6 @@ tun:
|
|||
# mtu: 1300
|
||||
# metric: 100
|
||||
|
||||
|
||||
# TODO
|
||||
# Configure logging level
|
||||
logging:
|
||||
|
@ -198,39 +198,38 @@ logging:
|
|||
#timestamp_format: "2006-01-02T15:04:05.000Z07:00"
|
||||
|
||||
#stats:
|
||||
#type: graphite
|
||||
#prefix: nebula
|
||||
#protocol: tcp
|
||||
#host: 127.0.0.1:9999
|
||||
#interval: 10s
|
||||
#type: graphite
|
||||
#prefix: nebula
|
||||
#protocol: tcp
|
||||
#host: 127.0.0.1:9999
|
||||
#interval: 10s
|
||||
|
||||
#type: prometheus
|
||||
#listen: 127.0.0.1:8080
|
||||
#path: /metrics
|
||||
#namespace: prometheusns
|
||||
#subsystem: nebula
|
||||
#interval: 10s
|
||||
#type: prometheus
|
||||
#listen: 127.0.0.1:8080
|
||||
#path: /metrics
|
||||
#namespace: prometheusns
|
||||
#subsystem: nebula
|
||||
#interval: 10s
|
||||
|
||||
# enables counter metrics for meta packets
|
||||
# e.g.: `messages.tx.handshake`
|
||||
# NOTE: `message.{tx,rx}.recv_error` is always emitted
|
||||
#message_metrics: false
|
||||
# enables counter metrics for meta packets
|
||||
# e.g.: `messages.tx.handshake`
|
||||
# NOTE: `message.{tx,rx}.recv_error` is always emitted
|
||||
#message_metrics: false
|
||||
|
||||
# enables detailed counter metrics for lighthouse packets
|
||||
# e.g.: `lighthouse.rx.HostQuery`
|
||||
#lighthouse_metrics: false
|
||||
# enables detailed counter metrics for lighthouse packets
|
||||
# e.g.: `lighthouse.rx.HostQuery`
|
||||
#lighthouse_metrics: false
|
||||
|
||||
# Handshake Manager Settings
|
||||
#handshakes:
|
||||
# Handshakes are sent to all known addresses at each interval with a linear backoff,
|
||||
# Wait try_interval after the 1st attempt, 2 * try_interval after the 2nd, etc, until the handshake is older than timeout
|
||||
# A 100ms interval with the default 10 retries will give a handshake 5.5 seconds to resolve before timing out
|
||||
#try_interval: 100ms
|
||||
#retries: 20
|
||||
# trigger_buffer is the size of the buffer channel for quickly sending handshakes
|
||||
# after receiving the response for lighthouse queries
|
||||
#trigger_buffer: 64
|
||||
|
||||
# Handshakes are sent to all known addresses at each interval with a linear backoff,
|
||||
# Wait try_interval after the 1st attempt, 2 * try_interval after the 2nd, etc, until the handshake is older than timeout
|
||||
# A 100ms interval with the default 10 retries will give a handshake 5.5 seconds to resolve before timing out
|
||||
#try_interval: 100ms
|
||||
#retries: 20
|
||||
# trigger_buffer is the size of the buffer channel for quickly sending handshakes
|
||||
# after receiving the response for lighthouse queries
|
||||
#trigger_buffer: 64
|
||||
|
||||
# Nebula security group configuration
|
||||
firewall:
|
||||
|
|
Loading…
Reference in a new issue