lare/autopeering
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[docs] add some installation instructions

Browse source
This commit is contained in:
lare 2023-01-16 16:55:56 +01:00
parent 018f45bb9e
commit c17ddf1a03
4 changed files with 95 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

65
installation.md
View file

@ -1,4 +1,5 @@
# Installation # Installation
> Note: in this configuration example the username `dn42` and "default" directories are used, if you want to use other change these in the examples.
## Server ## Server
@ -12,5 +13,67 @@
3. remove comments in config file 3. remove comments in config file
6. run the server: `python backend/main.py` 6. run the server: `python backend/main.py`
to enable automatic start of this service on boot you can use this systemd .service file
```
$ cat /lib/systemd/system/dn42-autopeer-web.service
[Unit]
Description=dn42 autopeering web frontend
[Service]
# It should _not_ be run as root
User=dn42
Group=dn42
Type=simple
Restart=on-failure
RestartSec=5s
WorkingDirectory=</path/to/autopeering/>web
ExecStart=start.sh
[Install]
WantedBy=multi-user.target
```
## Nodes ## Nodes
#todo
1. clone repository to the node(s) or copy "nodes" directory to the nodes
2. change directory into `nodes`
3. create VirtualEnv: run `python3 -m venv venv` then `source venv/bin/activate`
4. install dependencies: `pip install -r requirement.txt`
5. create config file:
1. `cp node.config.example.json config.json`
2. edit example config to represent your situation
3. remove comments in config file
6. update the templates to represent the settings of the node
7. setup file permissions for wireguard and bird config files:
- bird:
- add the dn42 user to the bird group: `usermod -a -G bird dn42`
- allow the bird group to edit config files: `chmod ug+rwx /etc/bird/peers/`
- allow user+group bird to edit peers configs `chmod ug+rw /etc/bird/peers/ -R`
- `chown bird:bird /etc/bird/peers -R`
- wireguard:
- `chown root:dn42 /etc/wireguard`
- `chmod ug+rw /etc/wireguard/*`
- `chmod 600 /etc/wireguard/dn42.priv`
8. allow `dn42` user to start/stop/enable/disable wireguard tunnels:
- add the `wg-services.sh` script to `/etc/sudoers` using `visudo` <br> `Cmnd_Alias WG_SERVICES = /path/to/autopeering/nodes/wg-services.sh` <br> `dn42 ALL=(ALL) NOPASSWD:WG_SERVICES`
9. run the server: `python backend/main.py`
to enable automatic start of this service on boot you can use this systemd .service file
```
$ cat /lib/systemd/system/dn42-autopeer-node.service
[Unit]
Description=dn42 autopeering node daemon
[Service]
# It should _not_ be run as root
User=dn42
Group=dn42
Type=simple
Restart=on-failure
RestartSec=5s
WorkingDirectory=</path/to/autopeering>/nodes
ExecStart=start.sh
[Install]
WantedBy=multi-user.target
```

3
nodes/start.sh Normal file
View file

@ -0,0 +1,3 @@
#! /bin/bash
source venv/bin/activate
python main.py

25
nodes/wg-services.sh Normal file
View file

@ -0,0 +1,25 @@
#!/bin/bash
ACTION=$1
case $ACTION in
enable)
systemctl enable "wg-quick@dn42_$2";
;;
disable)
systemctl disable "wg-quick@dn42_$2"
;;
start)
systemctl start "wg-quick@dn42_$2"
;;
stop)
systemctl stop "wg-quick@dn42_$2"
;;
*)
echo “User Selected Choice not present”
exit 1
esac

3
web/start.sh Normal file
View file

@ -0,0 +1,3 @@
#! /bin/bash
source venv/bin/activate
python backend/main.py