# freyanet

peer multiple ospf nodes over wireguard to make an internal network

## running

### docker

```yml
version: "3"
services:
  inet2:
    image: g.freya.cat/freya/freyanet
    network_mode: host # needed otherwise internal network wont be accessable
    privileged: true
    volumes:
      - ./inet2.conf:/etc/inet2.conf
```

### host

run the following commands with the provided makefile

```bash
$ make
$ make <os>
```

the current supported os's are: `alpine`

start the `inet2` service to start freyanet

## config

- if running in docker mount a file called `inet2.conf` at `/etc/inet2.conf`
- if running on host make a file called `/etc/inet2.conf`

```
# specify router id for ospf
RouterID 10.1.1.1

# optionally assign static addresses to the loopback interface
Loopback 1.2.3.4

# specify routed subnets
# ips that are not in these subnets will be ignored
# put the ip blocks for your entire internal network
Subnet 10.0.0.0/8
Subnet fd:cafe::/32

# specify node stubnets
# ip blocks that this node is gurenteed to route
Stubnet 10.1.0.0/8
Stubnet fd:cafe:dead::/48

# optional global private key gets used for all interfaces
PrivateKey = {host private key}

# create a peered wireguard interface
# specify addresses, routes, ports, pre/post commands, and peers
# keys can be generated with wg genkey and wg pubkey
interface interfacename
    # indentation is a single tab per level
    # otherwise file will fail to parse

    # set the address(es) to assign to the interface
    # route lines are usually the same as Address but with host bits zeroed
    Address 10.2.255.1/30 
    Route 10.2.255.0/30     # must specify route
    # you can also set ipv6 
    Address fd:cafe::ffff/64
    Address fd:cafe::/64
    # link local is also possible (and prefered for peering routers)
    # link-local addresses should *not* have an associated Route line
    Address fe80::1/64
    Route 1.1.1.0/24
    # more syntax options
    Route 1.1.2.0/24 via 1.1.1.2
    Route default via 1.1.1.3
    # port to listen on in the host's network namespace, over udp
    # you probably have to allow this through your firewall
    ListenPort {host port}
    # omit if using global private key
    PrivateKey {host private key}
    # all optional
    PreUp command
    PostUp command
    PreDown command
    PostDown command
    
    # if running ospf on this interface
    OSPF
    # if running ospf on this interface and it's a stub network (no other routers)
    OSPF stub
    
    peer peername
        PublicKey {peer public key}
        # if the peer is a router, it has to have AllowedIPs set to everything and be the only
        # peer on the interface
        AllowedIPs 0.0.0.0/0, ::/0
        # either:
        Domain = {domain name of peer}
        Port = {peer port}
        # or:
        Endpoint = {peer ip}:{peer port}
        # make domain enpoint resolve with ipv (ipv6 is default)
        IPv4
        
        # optional
        PersistentKeepalive = 25
```

## licenses

| License | Author | Project |
|---------|--------|---------|
| [MIT](https://mit-license.org/) | tint | [inet2](https://git.tint.red/tint/inet2) |
| [MIT](https://mit-license.org/) | freya | freyanet |