Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:services:vpn:tinc:client [2023/10/29 00:57] – consolidate naming vgaetera | docs:guide-user:services:vpn:tinc:client [2023/11/03 05:07] – [4. VPN service] vgaetera | ||
|---|---|---|---|
| Line 28: | Line 28: | ||
| ==== 2. Key management ==== | ==== 2. Key management ==== | ||
| - | Generate and exchange | + | Generate and [[docs: |
| <code bash> | <code bash> | ||
| # Generate keys | # Generate keys | ||
| - | mkdir -p / | + | mkdir -p / |
| tinc -n ${VPN_IF} generate-rsa-keys < /dev/null | tinc -n ${VPN_IF} generate-rsa-keys < /dev/null | ||
| tinc -n ${VPN_IF} generate-ed25519-keys < /dev/null | tinc -n ${VPN_IF} generate-ed25519-keys < /dev/null | ||
| - | ln -f /etc/tinc/${VPN_IF}/ed25519_key.pub \ | + | VPN_SPUB=" |
| - | / | + | VPN_CPUB=" |
| </ | </ | ||
| Line 52: | Line 52: | ||
| uci set tinc.${VPN_IF}.Interface=" | uci set tinc.${VPN_IF}.Interface=" | ||
| uci set tinc.${VPN_IF}.Name=" | uci set tinc.${VPN_IF}.Name=" | ||
| + | uci set tinc.${VPN_IF}.ConnectTo=" | ||
| uci -q delete tinc.server | uci -q delete tinc.server | ||
| uci set tinc.server=" | uci set tinc.server=" | ||
| Line 57: | Line 58: | ||
| uci set tinc.server.net=" | uci set tinc.server.net=" | ||
| uci set tinc.server.Name=" | uci set tinc.server.Name=" | ||
| + | uci set tinc.server.PublicKey=" | ||
| + | uci set tinc.server.Ed25519PublicKey=" | ||
| uci set tinc.server.Address=" | uci set tinc.server.Address=" | ||
| uci set tinc.server.Port=" | uci set tinc.server.Port=" | ||
| Line 66: | Line 69: | ||
| uci set tinc.client.net=" | uci set tinc.client.net=" | ||
| uci set tinc.client.Name=" | uci set tinc.client.Name=" | ||
| + | uci set tinc.client.PublicKey=" | ||
| + | uci set tinc.client.Ed25519PublicKey=" | ||
| uci add_list tinc.client.Subnet=" | uci add_list tinc.client.Subnet=" | ||
| uci add_list tinc.client.Subnet=" | uci add_list tinc.client.Subnet=" | ||
| Line 83: | Line 88: | ||
| uci set network.${VPN_IF}.ip6addr=" | uci set network.${VPN_IF}.ip6addr=" | ||
| uci set network.${VPN_IF}.device=" | uci set network.${VPN_IF}.device=" | ||
| - | uci -q delete network.${VPN_IF}_ep | ||
| - | uci set network.${VPN_IF}_ep=" | ||
| - | uci set network.${VPN_IF}_ep.dest=" | ||
| - | uci set network.${VPN_IF}_ep.lookup=" | ||
| - | uci set network.${VPN_IF}_ep.priority=" | ||
| for IPV in 4 6 | for IPV in 4 6 | ||
| do case ${IPV} in | do case ${IPV} in | ||
| Line 99: | Line 99: | ||
| uci set network.${VPN_IF}_rt${IPV%4}.interface=" | uci set network.${VPN_IF}_rt${IPV%4}.interface=" | ||
| uci set network.${VPN_IF}_rt${IPV%4}.target=" | uci set network.${VPN_IF}_rt${IPV%4}.target=" | ||
| - | uci -q delete network.default${IPV%4} | + | uci -q delete network.lan_${VPN_IF}${IPV%4} |
| - | uci set network.default${IPV%4}=" | + | uci set network.lan_${VPN_IF}${IPV%4}=" |
| - | uci set network.default${IPV%4}.lookup=" | + | uci set network.lan_${VPN_IF}${IPV%4}.in=" |
| - | uci set network.default${IPV%4}.priority=" | + | uci set network.lan_${VPN_IF}${IPV%4}.lookup=" |
| + | uci set network.lan_${VPN_IF}${IPV%4}.priority=" | ||
| done | done | ||
| uci commit network | uci commit network | ||