Me pehea te Whakaritea Hailbytes VPN mo to Taiao AWS

Kupu Whakataki

I roto i tenei tuhinga, ka korerohia me pehea te whakarite i te HailBytes VPN ki to whatunga, he VPN ngawari me te haumaru me te papangaahi mo to whatunga. Ko etahi atu taipitopito me nga korero motuhake ka kitea i roto i ta maatau tuhinga kaiwhakawhanake e hono ana ki konei.

takanga

1. Whakaritenga Rauemi:

Ka tūtohu mātou kia timata ki te 1 vCPU me te 1 GB o te RAM i mua i te whakanui ake.

Mo nga whakatakotoranga a-Omnibus ki runga i nga kaitoro iti iho i te 1 GB o te mahara, me whakakahuria e koe te huri hei karo i te kernel Linux mai i te patu ohorere i nga tukanga Firezone.

Kia ranea te 1 vCPU ki te whakakii i te hononga 1 Gbps mo te VPN.

2. Waihangahia he rekoata DNS: Me whai ingoa rohe tika a Firezone mo te mahi whakaputa, hei tauira firezone.company.com. Ko te hanga rekoata DNS e tika ana penei i te A, CNAME, AAAA ranei ka hiahiatia.

3. Whakaritehia te SSL: Ka hiahia koe ki te tiwhikete SSL whaimana hei whakamahi i te Firezone i roto i te kaha whakaputa. Kei te tautoko a Firezone i te ACME mo te whakarato aunoa i nga tiwhikete SSL mo nga whakaurunga a Docker me Omnibus.

4. Whakatuwherahia nga tauranga papaahi: Ka whakamahia e Firezone nga tauranga 51820/udp me 443/tcp mo te hokohoko HTTPS me te WireGuard. Ka taea e koe te huri i enei tauranga i muri mai i te konae whirihoranga.

Tukuna ki runga Docker (Tautohu)

1. Nga whakaritenga o mua:

Me whakarite kei runga koe i tetahi papaa tautoko me te docker-compose putanga 2 teitei ake ranei kua whakauruhia.

Me mohio kei te whakahohea te tauranga whakamua i runga i te papaahi. Ko nga taunoa me tuwhera nga tauranga e whai ake nei:

o 80/tcp (kōwhiringa): Te whakaputa aunoa i nga tiwhikete SSL

o 443/tcp: Uru UI tukutuku

o 51820/udp: tauranga whakarongo waka VPN

2. Tāuta Kōwhiringa Tūmau I: Tāuta Aunoa (E taunakitia ana)

Run installation script: bash <(curl -fsSL https://github.com/firezone/firezone/raw/master/scripts/install.sh) 1889d1a18e090c-0ec2bae288f1e2-26031d51-144000-1889d1a18e11c6c

Ka patai ki a koe etahi patai mo te whirihoranga tuatahi i mua i te tango i tetahi tauira docker-compose.yml konae. Ka hiahia koe ki te whirihora me o whakautu, me te tuhi i nga tohutohu mo te uru ki te UI Tukutuku.

Wāhitau taunoa Firezone: $HOME/.firezone.

2. Tāuta Tūmau Kōwhiringa II: Tāuta ā-ringa

Tangohia te tauira tito docker ki te raarangi mahi a rohe

– Linux: curl -fsSL https://raw.githubusercontent.com/firezone/firezone/master/docker-compose.prod.yml -o docker-compose.yml

– macOS, Windows ranei: curl -fsSL https://raw.githubusercontent.com/firezone/firezone/master/docker-compose.desktop.yml -o docker-compose.yml

Hangaia nga mea ngaro e hiahiatia ana: docker run –rm firezone/firezone bin/gen-env > .env

Hurihia nga taurangi DEFAULT_ADMIN_EMAIL me EXTERNAL_URL. Whakarerekehia etahi atu mea ngaro ina hiahiatia.

Hekehia te papaunga raraunga: docker compose run –rm firezone bin/migrate

Waihangahia he putea whakahaere: docker compose run –rm firezone bin/create-or-reset-admin

Whakanuia nga ratonga: docker compose up -d

Ka taea e koe te uru atu ki te UI Firezome ma te taurangi EXTERNAL_URL kua tautuhia i runga ake nei.

3. Whakahohe i runga i te peera (he kowhiri):

Me mohio kei te whakahohehia a Docker i te tiimatanga: sudo systemctl enable docker

Me timata ano nga ratonga Firezone: i nga wa katoa, ka timata ano ranei: ki te kore te whiringa ka mutu kua tohua ki te konae docker-compose.yml.

4. Whakahohe IPv6 Routability Tūmatanui (kōwhiringa):

Tāpirihia nga mea e whai ake nei ki /etc/docker/daemon.json kia taea ai te IPv6 NAT me te whirihora i te tuku whakamua IPv6 mo nga ipu Docker.

Whakahohehia nga whakamohiotanga pouara i runga i te boot mo to atanga puta taunoa: egress=`ip ara whakaatu taunoa 0.0.0.0/0 | grep -oP '(?<=dev ).*' | tapahia -f1 -d' ' | tr -d '\n'` sudo bash -c “echo net.ipv6.conf.${egress}.accept_ra=2 >> /etc/sysctl.conf”

Whakahoutia me te whakamatautau ma te pinging ki a Google mai i roto i te ipu docker: docker run –rm -t busybox ping6 -c 4 google.com

Kaore e tika kia taapirihia etahi ture iptables kia taea ai te IPv6 SNAT/whakaahua mo nga waka whainga. Ma te Firezone tenei e whakahaere.

5. Tāuta taupānga kiritaki

Ka taea e koe te taapiri i nga kaiwhakamahi ki to whatunga me te whirihora i nga tohutohu hei whakatu i tetahi huihuinga VPN.

Tatūnga Whakairi

Kia ora, kua oti i a koe te whakarite! Ka hiahia pea koe ki te tirotiro i a maatau tuhinga kaiwhakawhanake mo etahi atu whirihoranga, whakaaro haumarutanga, me nga ahuatanga matatau: https://www.firezone.dev/docs/

Kua Whakaatuhia te Tuakiri Kaiarahi o LockBit – Tika, Troll ranei?

Kia 9, 2024 No Comments

Kua Whakaatuhia te Tuakiri Kaiarahi o LockBit – Tika, Troll ranei? E mohiotia ana ko tetahi o nga roopu ransomware tino nui o te ao, i puta tuatahi a Lockbit

Pānuitia atu »

Me pehea te tango Metadata mai i te konae

April 27, 2024 No Comments

Me pehea te Tango i te Raraunga Meta mai i te Kupu Whakataki Kōnae Ko te metadata, e kiia ana he "raraunga mo nga raraunga," he korero e whakaatu ana i nga korero mo tetahi konae. Ko

Pānuitia atu »

Te karo i te Kaihanga Ipurangi me te TOR

April 27, 2024 No Comments

Te karo i te Whakatairanga Ipurangi me te TOR Kupu Whakataki I roto i te ao kei te kaha te whakahaere i te uru ki nga korero, he mea nui nga taputapu penei i te whatunga Tor mo

Pānuitia atu »

Me pehea te Whakaritea Hailbytes VPN mo to Taiao AWS

Kupu Whakataki

takanga

Tukuna ki runga Docker (Tautohu)

Tatūnga Whakairi

Kua Whakaatuhia te Tuakiri Kaiarahi o LockBit – Tika, Troll ranei?

Me pehea te tango Metadata mai i te konae

Te karo i te Kaihanga Ipurangi me te TOR

ratonga

To tatou Kamupene

To tatou Wāhitau

Solutions

FAQ Haumarutanga

Social Media