freyanet/README.md

# freyanet

peer multiple ospf nodes over wireguard to make an internal network

## running

### docker

```yml
version: "3"
services:
  inet2:
    image: g.freya.cat/freya/freyanet
    network_mode: host # needed otherwise internal network wont be accessable
    privileged: true
    volumes:
      - ./inet2.conf:/etc/inet2.conf
```

### host

run the following commands with the provided makefile

```bash
$ make
$ make <os>
```

the current supported os's are: `alpine`

start the `inet2` service to start freyanet

## config

- if running in docker mount a file called `inet2.conf` at `/etc/inet2.conf`
- if running on host make a file called `/etc/inet2.conf`

```
# specify router id for ospf
RouterID 10.1.1.1

# optionally assign static addresses to the loopback interface
Loopback 1.2.3.4

# specify routed subnets
# ips that are not in these subnets will be ignored
# put the ip blocks for your entire internal network
Subnet 10.0.0.0/8
Subnet fd:cafe::/32

# specify node stubnets
# ip blocks that this node is gurenteed to route
Stubnet 10.1.0.0/8
Stubnet fd:cafe:dead::/48

# optional global private key gets used for all interfaces
PrivateKey = {host private key}

# create a peered wireguard interface
# specify addresses, routes, ports, pre/post commands, and peers
# keys can be generated with wg genkey and wg pubkey
interface interfacename
    # indentation is a single tab per level
    # otherwise file will fail to parse

    # set the address(es) to assign to the interface
    # route lines are usually the same as Address but with host bits zeroed
    Address 10.2.255.1/30 
    Route 10.2.255.0/30     # must specify route
    # you can also set ipv6 
    Address fd:cafe::ffff/64
    Address fd:cafe::/64
    # link local is also possible (and prefered for peering routers)
    # link-local addresses should *not* have an associated Route line
    Address fe80::1/64
    Route 1.1.1.0/24
    # more syntax options
    Route 1.1.2.0/24 via 1.1.1.2
    Route default via 1.1.1.3
    # port to listen on in the host's network namespace, over udp
    # you probably have to allow this through your firewall
    ListenPort {host port}
    # omit if using global private key
    PrivateKey {host private key}
    # all optional
    PreUp command
    PostUp command
    PreDown command
    PostDown command
    
    # if running ospf on this interface
    OSPF
    # if running ospf on this interface and it's a stub network (no other routers)
    OSPF stub
    
    peer peername
        PublicKey {peer public key}
        # if the peer is a router, it has to have AllowedIPs set to everything and be the only
        # peer on the interface
        AllowedIPs 0.0.0.0/0, ::/0
        # either:
        Domain = {domain name of peer}
        Port = {peer port}
        # or:
        Endpoint = {peer ip}:{peer port}
        # make domain enpoint resolve with ipv (ipv6 is default)
        IPv4
        
        # optional
        PersistentKeepalive = 25
```

## licenses

| License | Author | Project |
|---------|--------|---------|
| [MIT](https://mit-license.org/) | tint | [inet2](https://git.tint.red/tint/inet2) |
| [MIT](https://mit-license.org/) | freya | freyanet |
readme 2023-11-19 16:56:45 +00:00			`# freyanet`

refactor 2023-12-30 20:23:30 +00:00			`peer multiple ospf nodes over wireguard to make an internal network`
readme 2023-11-19 16:56:45 +00:00
			`## running`

refactor 2023-12-30 20:23:30 +00:00			`### docker`
readme 2023-11-19 16:56:45 +00:00
			```yml
			`version: "3"`
			`services:`
			`inet2:`
refactor 2023-12-30 20:23:30 +00:00			`image: g.freya.cat/freya/freyanet`
			`network_mode: host # needed otherwise internal network wont be accessable`
			`privileged: true`
			`volumes:`
			`- ./inet2.conf:/etc/inet2.conf`
			```

			`### host`

			`run the following commands with the provided makefile`

			```bash
			`$ make`
			`$ make <os>`
readme 2023-11-19 16:56:45 +00:00			```

refactor 2023-12-30 20:23:30 +00:00			the current supported os's are: `alpine`

			start the `inet2` service to start freyanet

readme 2023-11-19 16:56:45 +00:00			`## config`

refactor 2023-12-30 20:23:30 +00:00			- if running in docker mount a file called `inet2.conf` at `/etc/inet2.conf`
			- if running on host make a file called `/etc/inet2.conf`
readme 2023-11-19 16:56:45 +00:00
			```
refactor 2023-12-30 20:23:30 +00:00			`# specify router id for ospf`
readme 2023-11-19 16:56:45 +00:00			`RouterID 10.1.1.1`

refactor 2023-12-30 20:23:30 +00:00			`# optionally assign static addresses to the loopback interface`
			`Loopback 1.2.3.4`

readme 2023-11-19 16:56:45 +00:00			`# specify routed subnets`
refactor 2023-12-30 20:23:30 +00:00			`# ips that are not in these subnets will be ignored`
			`# put the ip blocks for your entire internal network`
readme 2023-11-19 16:56:45 +00:00			`Subnet 10.0.0.0/8`
refactor 2023-12-30 20:23:30 +00:00			`Subnet fd:cafe::/32`

			`# specify node stubnets`
			`# ip blocks that this node is gurenteed to route`
			`Stubnet 10.1.0.0/8`
			`Stubnet fd:cafe:dead::/48`
readme 2023-11-19 16:56:45 +00:00
			`# optional global private key gets used for all interfaces`
			`PrivateKey = {host private key}`

refactor 2023-12-30 20:23:30 +00:00			`# create a peered wireguard interface`
			`# specify addresses, routes, ports, pre/post commands, and peers`
			`# keys can be generated with wg genkey and wg pubkey`
readme 2023-11-19 16:56:45 +00:00			`interface interfacename`
refactor 2023-12-30 20:23:30 +00:00			`# indentation is a single tab per level`
			`# otherwise file will fail to parse`

			`# set the address(es) to assign to the interface`
			`# route lines are usually the same as Address but with host bits zeroed`
			`Address 10.2.255.1/30`
			`Route 10.2.255.0/30 # must specify route`
			`# you can also set ipv6`
			`Address fd:cafe::ffff/64`
			`Address fd:cafe::/64`
			`# link local is also possible (and prefered for peering routers)`
			`# link-local addresses should not have an associated Route line`
			`Address fe80::1/64`
			`Route 1.1.1.0/24`
			`# more syntax options`
			`Route 1.1.2.0/24 via 1.1.1.2`
			`Route default via 1.1.1.3`
			`# port to listen on in the host's network namespace, over udp`
			`# you probably have to allow this through your firewall`
			`ListenPort {host port}`
			`# omit if using global private key`
			`PrivateKey {host private key}`
			`# all optional`
			`PreUp command`
			`PostUp command`
			`PreDown command`
			`PostDown command`

			`# if running ospf on this interface`
			`OSPF`
			`# if running ospf on this interface and it's a stub network (no other routers)`
			`OSPF stub`

			`peer peername`
			`PublicKey {peer public key}`
			`# if the peer is a router, it has to have AllowedIPs set to everything and be the only`
			`# peer on the interface`
			`AllowedIPs 0.0.0.0/0, ::/0`
			`# either:`
			`Domain = {domain name of peer}`
			`Port = {peer port}`
			`# or:`
			`Endpoint = {peer ip}:{peer port}`
			`# make domain enpoint resolve with ipv (ipv6 is default)`
			`IPv4`

			`# optional`
			`PersistentKeepalive = 25`
readme 2023-11-19 16:56:45 +00:00			```

refactor 2023-12-30 20:23:30 +00:00			`## licenses`
readme 2023-11-19 16:56:45 +00:00
			`\| License \| Author \| Project \|`
			`\|---------\|--------\|---------\|`
			`\| [MIT](https://mit-license.org/) \| tint \| [inet2](https://git.tint.red/tint/inet2) \|`
			`\| [MIT](https://mit-license.org/) \| freya \| freyanet \|`