README
¶
Shieldoo Mesh Lighthouse
The Shieldoo Mesh Lighthouse is a core component of the Shieldoo platform, specifically designed for the creation and management of Nebula-based networks. Built upon the robust foundations of the open-source Nebula project, the Lighthouse serves as the primary host tracker within a Managed Nebula network.
What is Lighthouse?
In a Nebula network, a Lighthouse is responsible for keeping track of all other hosts and aiding them in discovering each other within the network, regardless of their geographic location. By design, the Lighthouse is the only node within a Managed Nebula network whose IP address should remain constant.
Operating with minimal compute resources, the Lighthouse can easily be deployed using the most cost-effective options from cloud hosting providers. It is crucial to note that a UDP port (defaulted to 4242 but can be customized when setting up the Lighthouse) should be made accessible to the internet. This enables hosts to effectively communicate with the Lighthouse, ensuring the seamless operation of the network.
Building Lighthouse
To build the Lighthouse, you need to run the following commands:
# Set environment for GOOS and GOARCH
env GOOS=linux GOARCH=amd64 go build -o out/shieldoo-mesh-lighthouse ./main
# Build the Docker image
docker build . --tag ghcr.io/shieldoo/shieldoo-mesh-lighthouse:latest
# Run the Docker container with test configuration
docker run -p 1053:53/udp --cap-add=NET_ADMIN -e DEBUG=true -e PUBLICIP=111.111.111.111 -e URI=http://192.168.1.133:9000/ -e SECRET=00008RCjReWTnn2a6p2ba4GVHc7wGweJKZuq8RCjReWTnn2a6p2ba4GVHc7wGweJKZuq0000 -e SENDINTERVAL=30 lh
The above commands first set the environment variables for the Go operating system (GOOS) and the architecture (GOARCH), then build the Docker image and finally run the Docker container with a test configuration. The container is run with a UDP port 1053 opened to allow communication. Several environment variables are passed in during the run command to configure the lighthouse.
For more advanced use cases and configurations, please refer to the Nebula documentation or contact the Shieldoo support team.
Documentation
¶
Index ¶
- Constants
- Variables
- func CreateConfigFromBase64(str string) (err error)
- func HealthHandler(w http.ResponseWriter, req *http.Request)
- func IndexHandler(w http.ResponseWriter, req *http.Request)
- func Init()
- func InitConfig()
- func InitExecPath()
- func NebulaConfigCreate(configdata string) (string, error)
- func Run()
- func SvcConnectionStart()
- func SvcConnectionStop()
- func WSTunnelRun() error
- type ChannelWriter
- type ManagementRequest
- type ManagementResponse
- type ManagementResponseConfig
- type ManagementResponseConfigData
- type ManagementResponseConfigLocalLighthouse
- type ManagementResponseDNS
- type ManagementResponseListener
- type NebulaClientYamlConfig
- type NebulaLocalYamlConfig
- type NebulaYamlConfig
- type NebulaYamlConfigFW
- type NebulaYamlConfigUnsafeRoutes
- type OAuthLighthouseLoginRequest
- type OAuthLoginRequest
- type OAuthLoginResponse
- type SvcNetworkCard
- type WSSession
Constants ¶
const MYCONFIG_FILENAME = "myconfig.yaml"
Variables ¶
var APPVERSION = "0.0.0"
Functions ¶
func CreateConfigFromBase64 ¶
func HealthHandler ¶
func HealthHandler(w http.ResponseWriter, req *http.Request)
func IndexHandler ¶
func IndexHandler(w http.ResponseWriter, req *http.Request)
func InitConfig ¶
func InitConfig()
func InitExecPath ¶
func InitExecPath()
func NebulaConfigCreate ¶
func SvcConnectionStart ¶
func SvcConnectionStart()
func SvcConnectionStop ¶
func SvcConnectionStop()
func WSTunnelRun ¶
func WSTunnelRun() error
Types ¶
type ChannelWriter ¶
type ChannelWriter struct {
// contains filtered or unexported fields
}
type ManagementRequest ¶
type ManagementResponse ¶
type ManagementResponse struct {
Status string `json:"status"`
ConfigData *ManagementResponseConfig `json:"config_data"`
Dns *ManagementResponseDNS `json:"dns"`
}
type ManagementResponseConfig ¶
type ManagementResponseConfig struct {
AccessID int `json:"accessid"`
Name string `json:"name"`
ConfigData ManagementResponseConfigData `json:"config"`
UnderlayConfigData ManagementResponseConfigData `json:"underlayconfig"`
LocalLighthouse ManagementResponseConfigLocalLighthouse `json:"locallighthouse"`
NebulaPunchBack bool `json:"nebulapunchback"`
NebulaRestrictiveNetwork bool `json:"nebularestrictivenetwork"`
WebSocketUrl string `json:"websocketurl"`
WebSocketIPs []string `json:"websocketips"`
WebSocketUsernamePassword string `json:"websocketusernamepassword"`
ApplianceListeners []ManagementResponseListener `json:"listeners"`
}
type ManagementResponseDNS ¶
type NebulaClientYamlConfig ¶
type NebulaClientYamlConfig struct {
AccessId int `yaml:"accessid", envconfig:"ACCESSID"`
PublicIP string `yaml:"publicip", envconfig:"PUBLICIP"`
Uri string `yaml:"uri", envconfig:"URI"`
Secret string `yaml:"secret", envconfig:"SECRET"`
Debug bool `yaml:"debug", envconfig:"DEBUG"`
SendInterval int `yaml:"sendinterval", envconfig:"SENDINTERVAL"`
WebSocketPort int `yaml:"websocketport", envconfig:"WEBSOCKETPORT"`
UdpPort int `yaml:"udpport", envconfig:"UDPPORT"`
DnsUpstreamServer string `yaml:"dnsupstreamserver", envconfig:"DNSUPSTREAMSERVER"`
DnsUpstreamProtocol string `yaml:"dnsupstreamprotocol", envconfig:"DNSUPSTREAMPROTOCOL"`
DnsLocalListener string `yaml:"dnslocallistener", envconfig:"DNSLOCALLISTENER"`
DnsLocalProtocol string `yaml:"dnslocalprotocol", envconfig:"DNSLOCALPROTOCOL"`
WssDnsName string `yaml:"wssdnsname", envconfig:"WSSDNSNAME"`
}
type NebulaLocalYamlConfig ¶
type NebulaLocalYamlConfig struct {
ConfigHash string `json:"config_hash"`
ConfigData *ManagementResponseConfig `json:"config_data"`
Loaded bool `json:"-"`
}
type NebulaYamlConfig ¶
type NebulaYamlConfig struct {
Pki struct {
Ca string `yaml:"ca"`
Cert string `yaml:"cert"`
Key string `yaml:"key"`
Blocklist []string `yaml:"blocklist"`
} `yaml:"pki"`
StaticHostMap map[string][]string `yaml:"static_host_map"`
Lighthouse struct {
AmLighthouse bool `yaml:"am_lighthouse"`
Interval int `yaml:"interval"`
Hosts []string `yaml:"hosts"`
} `yaml:"lighthouse"`
Listen struct {
Host string `yaml:"host"`
Port int `yaml:"port"`
} `yaml:"listen"`
Punchy struct {
Punch bool `yaml:"punch"`
Respond bool `yaml:"respond"`
} `yaml:"punchy"`
Relay struct {
Relays []string `yaml:"relays"`
AmRelay bool `yaml:"am_relay"`
UseRelays bool `yaml:"use_relays"`
} `yaml:"relay"`
Tun struct {
Disabled bool `yaml:"disabled"`
Dev string `yaml:"dev"`
DropLocalBroadcast bool `yaml:"drop_local_broadcast"`
DropMulticast bool `yaml:"drop_multicast"`
TxQueue int `yaml:"tx_queue"`
Mtu int `yaml:"mtu"`
Routes interface{} `yaml:"routes"`
UnsafeRoutes []NebulaYamlConfigUnsafeRoutes `yaml:"unsafe_routes"`
} `yaml:"tun"`
Logging struct {
Level string `yaml:"level"`
Format string `yaml:"format"`
} `yaml:"logging"`
Firewall struct {
Conntrack struct {
TCPTimeout string `yaml:"tcp_timeout"`
UDPTimeout string `yaml:"udp_timeout"`
DefaultTimeout string `yaml:"default_timeout"`
MaxConnections int `yaml:"max_connections"`
} `yaml:"conntrack"`
Outbound []NebulaYamlConfigFW `yaml:"outbound"`
Inbound []NebulaYamlConfigFW `yaml:"inbound"`
} `yaml:"firewall"`
}
type NebulaYamlConfigFW ¶
type OAuthLoginRequest ¶
type OAuthLoginResponse ¶
type SvcNetworkCard ¶
type SvcNetworkCard struct {
AccessID int
ConfigHash string
IPAddress string
// contains filtered or unexported fields
}
func (*SvcNetworkCard) Stop ¶
func (r *SvcNetworkCard) Stop()
Source Files
Directories