.gitlab-ci.yml | ||
candidates.md | ||
config-lighthouse.yaml | ||
config-node.yaml | ||
docker-compose.yaml | ||
docker-entrypoint.sh | ||
Dockerfile | ||
README.md | ||
TODO.md |
InfraNet
Distributed & E2EE self-hosting. The goal is to have nodes voluntarily join the mesh and participate in the network providing compute and storage.
Tenets
-
End-to-end encrypted
E2EE is a requirement for privacy.
-
Collabrative
Members of the network are expected to cooperate to the best of their abilities, whether it's technical, financial or resources.
-
Distributed, resilient, reliable and dynamic
Nodes should be able to join and leave without too much disruption. Bootstrapping, joining and autodiscovery should be as easy as possible, allowing for easy scaling across all members of the network.
-
Free and open
All components should be free and open.
-
Shared responsibility
Knowledge of components will be documented and shared and responsibility for the uptime and maintainence should be shared where possible.
Design principles
-
Tested
All components and goals should be testable to ensure changes don't impact existing functionality or reliabilty.
-
Monitored
All components should be monitored and raise appropriate alerts to ensure good health and early detection of potential problems.
-
Containerised
Simple, versioned components that can be resource constrained, when required, would be of great benefit.
-
IPv6
Avoiding issues with IPv4 NAT, etc. would be desirable.
-
Multi-architecture
The underlaying hardware type shouldn't be a constraint, within reason.
Node installation
- Clone the repo.
- Create a directory to hold the config and certificates.
- Copy
node-config.yaml
asconfig.yaml
in the new directory. - Update the
docker-compose.yaml
to...- Set the
hostname
value. - Bind mount the newly created directory to
/etc/nebula
.
- Set the
- Run the container with
docker-compose up -d
. This will create two files,host.key
andhost.csr
. - Send the contents of the
host.csr
file and your chosen hostname to a cluster admin to sign. - The signed certificate should go alongside the
host.csr
file and be called,host.crt
. - Start the container again and it should find the config and certificates and then connect to the existing cluster.