Script for start VPN
This commit is contained in:
parent
8d786121a5
commit
c498482b2e
|
@ -1,4 +1,9 @@
|
||||||
|
|
||||||
|
0.3.0 [28-Ene-2021]
|
||||||
|
---------------------
|
||||||
|
- Script para iniciar VPN de soporte.
|
||||||
|
|
||||||
|
|
||||||
0.2.0 [28-Ene-2021]
|
0.2.0 [28-Ene-2021]
|
||||||
---------------------
|
---------------------
|
||||||
- Script para respaldar localmente la base de datos.
|
- Script para respaldar localmente la base de datos.
|
||||||
|
|
|
@ -61,9 +61,7 @@ def _backup():
|
||||||
|
|
||||||
path = _join(PATH_BK, f'{f}.bk')
|
path = _join(PATH_BK, f'{f}.bk')
|
||||||
_call(cmd.format(f, path))
|
_call(cmd.format(f, path))
|
||||||
log.info('\t\tRespaldado localmente...')
|
log.info('\t\tRespaldada localmente...')
|
||||||
|
|
||||||
# ~ _send_to_seafile(f, path)
|
|
||||||
|
|
||||||
msg = 'Base de datos respaldadas...'
|
msg = 'Base de datos respaldadas...'
|
||||||
log.info(msg)
|
log.info(msg)
|
||||||
|
|
|
@ -0,0 +1,5 @@
|
||||||
|
-----BEGIN NEBULA CERTIFICATE-----
|
||||||
|
Cj4KDFB1cm9zIEN1YXRlcyjxovf9BTDxifyMBjogcMShrWfz7wXDt0dmXbqcPK/I
|
||||||
|
SXTxf0mBkaj8vmeb9RVAARJAVvXIiNLhz8Q/G/IvIHnbKpPUuKDbaGPd2ZQPGj8b
|
||||||
|
Hdc8qYR3N6kixeZM5AtWOnzGRcf+JR9NVDcNEwNknp+FBA==
|
||||||
|
-----END NEBULA CERTIFICATE-----
|
|
@ -0,0 +1,90 @@
|
||||||
|
pki:
|
||||||
|
# every node needs a copy of the CA certificate,
|
||||||
|
# and its own certificate and key, ONLY.
|
||||||
|
ca: /home/empresa/util/bin/ca.crt
|
||||||
|
cert: /home/empresa/util/bin/empresalibre.crt
|
||||||
|
key: /home/empresa/util/bin/empresalibre.key
|
||||||
|
|
||||||
|
static_host_map:
|
||||||
|
# how to find one or more lighthouse nodes
|
||||||
|
# you do NOT need every node to be listed here!
|
||||||
|
#
|
||||||
|
# format "Nebula IP": ["public IP or hostname:port"]
|
||||||
|
#
|
||||||
|
"174.174.74.1": ["164.68.124.143:4242"]
|
||||||
|
|
||||||
|
lighthouse:
|
||||||
|
interval: 60
|
||||||
|
|
||||||
|
# if you're a lighthouse, say you're a lighthouse
|
||||||
|
#
|
||||||
|
am_lighthouse: false
|
||||||
|
|
||||||
|
hosts:
|
||||||
|
# If you're a lighthouse, this section should be EMPTY
|
||||||
|
# or commented out. If you're NOT a lighthouse, list
|
||||||
|
# lighthouse nodes here, one per line, in the following
|
||||||
|
# format:
|
||||||
|
#
|
||||||
|
- "174.174.74.1"
|
||||||
|
|
||||||
|
listen:
|
||||||
|
# 0.0.0.0 means "all interfaces," which is probably what you want
|
||||||
|
#
|
||||||
|
host: 0.0.0.0
|
||||||
|
port: 4242
|
||||||
|
|
||||||
|
# "punchy" basically means "send frequent keepalive packets"
|
||||||
|
# so that your router won't expire and close your NAT tunnels.
|
||||||
|
#
|
||||||
|
punchy: true
|
||||||
|
|
||||||
|
# "punch_back" allows the other node to try punching out to you,
|
||||||
|
# if you're having trouble punching out to it. Useful for stubborn
|
||||||
|
# networks with symmetric NAT, etc.
|
||||||
|
#
|
||||||
|
punch_back: true
|
||||||
|
|
||||||
|
tun:
|
||||||
|
# sensible defaults. don't monkey with these unless
|
||||||
|
# you're CERTAIN you know what you're doing.
|
||||||
|
#
|
||||||
|
dev: nebula1
|
||||||
|
drop_local_broadcast: false
|
||||||
|
drop_multicast: false
|
||||||
|
tx_queue: 500
|
||||||
|
mtu: 1300
|
||||||
|
routes:
|
||||||
|
|
||||||
|
logging:
|
||||||
|
level: info
|
||||||
|
format: text
|
||||||
|
|
||||||
|
# you NEED this firewall section.
|
||||||
|
#
|
||||||
|
# Nebula has its own firewall in addition to anything
|
||||||
|
# your system has in place, and it's all default deny.
|
||||||
|
#
|
||||||
|
# So if you don't specify some rules here, you'll drop
|
||||||
|
# all traffic, and curse and wonder why you can't ping
|
||||||
|
# one node from another.
|
||||||
|
#
|
||||||
|
firewall:
|
||||||
|
conntrack:
|
||||||
|
tcp_timeout: 120h
|
||||||
|
udp_timeout: 3m
|
||||||
|
default_timeout: 10m
|
||||||
|
max_connections: 100000
|
||||||
|
|
||||||
|
# since everything is default deny, all rules you
|
||||||
|
# actually SPECIFY here are allow rules.
|
||||||
|
#
|
||||||
|
outbound:
|
||||||
|
- port: any
|
||||||
|
proto: any
|
||||||
|
host: any
|
||||||
|
|
||||||
|
inbound:
|
||||||
|
- port: any
|
||||||
|
proto: any
|
||||||
|
host: any
|
|
@ -0,0 +1,6 @@
|
||||||
|
-----BEGIN NEBULA CERTIFICATE-----
|
||||||
|
CmoKDGVtcHJlc2FsaWJyZRIK5ZS59QqA/v//Dyihp8yABjDwifyMBjogW+IthhEK
|
||||||
|
JpJGPqUgl/MtbwGic3OWcEnoTk0yAk8bBWRKIMbv+ybW+mYKcuwusijL/nG8Dnom
|
||||||
|
zwF6BtK1okHNEMobEkAM+P/jhkCX5PEVh0gb/BDClS+XwdDBedHxaLPMdqErh3gd
|
||||||
|
9X9EBUo3M6xE4CngZO8OJN5/EVKaykoofD9TMwcE
|
||||||
|
-----END NEBULA CERTIFICATE-----
|
|
@ -0,0 +1,3 @@
|
||||||
|
-----BEGIN NEBULA X25519 PRIVATE KEY-----
|
||||||
|
uuTFSbPr/LvsyUJc3rKs5UW9ENUoAhl9JOfIsT9/Tq4=
|
||||||
|
-----END NEBULA X25519 PRIVATE KEY-----
|
Binary file not shown.
|
@ -0,0 +1,3 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
sudo ~/util/bin/nebula -config ~/util/bin/config.yml
|
Loading…
Reference in New Issue