Auala e Seti ai Hailbytes VPN mo lau Siosiomaga AWS

faʻatomuaga

I totonu o lenei tusiga, o le a matou vaʻavaʻai pe faʻafefea ona faʻatutuina HailBytes VPN i luga o lau fesoʻotaʻiga, VPN faigofie ma saogalemu ma le pa puipui mo lau fesoʻotaʻiga. O isi fa'amatalaga ma fa'amatalaga fa'apitoa e mafai ona maua i totonu oa matou fa'amaumauga fa'atupu fa'apipi'i iinei.

Sauniuniga

1. Punaoa Manaomia:

Matou te fautuaina e amata i le 1 vCPU ma le 1 GB o le RAM aʻo leʻi faʻateleina.

Mo le fa'aogaina o le Omnibus i luga o 'au'aunaga e itiiti ifo i le 1 GB o le manatua, e tatau ona e fa'aogaina le swap e aloese ai mai le fatu Linux mai le fa'afuase'i ona fa'aumatia faiga Firezone.

1 vCPU e tatau ona lava e faʻamalieina ai se fesoʻotaʻiga 1 Gbps mo le VPN.

2. Fausia fa'amaumauga DNS: E mana'omia e Firezone se igoa fa'aoga talafeagai mo le fa'aogaina o le gaosiga, fa'ata'ita'iga firezone.company.com. O le fatuina o se faamaumauga DNS talafeagai e pei o le A, CNAME, poʻo le AAAA faamaumauga o le a manaʻomia.

3. Seti SSL: E te manaʻomia se tusi faamaonia SSL e faʻaaoga ai le Firezone i se gaosiga gafatia. E lagolagoina e le Firezone le ACME mo le tuʻuina atu otometi o tusi faamaonia SSL mo faʻapipiʻi Docker ma Omnibus.

4. Tatala pusa puipui: E faʻaogaina e le Firezone ports 51820/udp ma le 443/tcp mo le HTTPS ma le WireGuard fefaʻatauaiga. E mafai ona e suia nei ports mulimuli ane i le faila faatulagaina.

Fa'atonu ile Docker (Fautuaina)

1. Manaomia muamua:

Ia mautinoa o loʻo e i luga o se faʻavae lagolago ma faʻapipiʻiina le docker-compose version 2 poʻo le maualuga.

Ia mautinoa o lo'o fa'agaoioi le fa'aulufaleina o le taulaga i luga o le pa puipui. O fa'aletonu e mana'omia ai ports nei e tatala:

o 80/tcp (filifiliga): Tuuina atu otometi tusi faamaonia SSL

o 443/tcp: Avanoa i luga ole laiga UI

o 51820/udp: VPN felauaiga fa'alogo uafu

2. Fa'apipi'i le Fa'atonuga Filifiliga I: Fa'apipi'i Otometi (Fautuaina)

Run installation script: bash <(curl -fsSL https://github.com/firezone/firezone/raw/master/scripts/install.sh) 1889d1a18e090c-0ec2bae288f1e2-26031d51-144000-1889d1a18e11c6c

O le a fesiligia oe i ni nai fesili e uiga i le faʻatulagaina muamua aʻo leʻi siiina se faila faila docker-compose.yml. E te manaʻo e faʻapipiʻi i au tali, ma lolomi faʻatonuga mo le mauaina o le Upega Tafaʻilagi.

Tulaga fa'aletonu ole Firezone: $HOME/.firezone.

2. Fa'apipi'i le Server Filifiliga II: Fa'apipi'i Tusia

La'u mai i lalo le fa'ata'ita'iga tu'ufa'atasiga i se lisi o galuega fa'apitonu'u

- Linux: curl -fsSL https://raw.githubusercontent.com/firezone/firezone/master/docker-compose.prod.yml -o docker-compose.yml

- macOS poʻo Windows: curl -fsSL https://raw.githubusercontent.com/firezone/firezone/master/docker-compose.desktop.yml -o docker-compose.yml

Fausia mealilo mana'omia: docker run –rm firezone/firezone bin/gen-env > .env

Suia le DEFAULT_ADMIN_EMAIL ma EXTERNAL_URL fesuiaiga. Suia isi mealilo pe a manaʻomia.

Fa'asolo le fa'amaumauga: faifa'ato'a fai fa'atafe -rm firezone bin/migrate

Fausia se tala fa'aau: faifa'ato'aga fa'asolo -rm firezone bin/create-or-reset-admin

Tu'u mai le tautua: fai fa'amaufa'ailoga -d

E tatau ona mafai ona e mauaina le Firezome UI e ala i le EXTERNAL_URL fesuiaiga o loʻo faʻamatalaina i luga.

3. Fa'aagaoi i luga o le fa'ataga (filifiliga):

Ia mautinoa ua mafai Docker i le amataga: sudo systemctl enable docker

O auaunaga a le Firezone e tatau ona toe amata: i taimi uma pe toe amata: se'i vagana ua taofi le filifiliga o loʻo faʻamaonia i le faila docker-compose.yml.

4. Fa'aagaoioi le IPv6 Fa'asalalau Fa'alaua'itele (filifiliga):

Faʻaopoopo mea nei i /etc/docker/daemon.json e mafai ai le IPv6 NAT ma faʻapipiʻi le IPv6 faʻafeiloaʻi mo pusa Docker.

Fa'aagaaga fa'amatalaga fa'alaua'itele i luga o le ta'avale mo lau fa'aletonu egress interface: egress=` ip route show default 0.0.0.0/0 | grep -oP '(?<=dev ).*' | tipi -f1 -d' ' | tr -d '\n'` sudo bash -c “echo net.ipv6.conf.${egress}.accept_ra=2 >> /etc/sysctl.conf”

Toe faʻafou ma faʻataʻitaʻi e ala i le pinging i Google mai totonu o le koneteina faʻatau: docker run –rm -t busybox ping6 -c 4 google.com

Le mana'omia le fa'aopoopoina o so'o se tulafono iptables ina ia mafai ai e le IPv6 SNAT/masquerading mo le tunneled traffic. Firezone o le a taulimaina lenei mea.

5. Fa'apipi'i polokalame a tagata o tausia

E mafai nei ona e fa'aopoopo tagata fa'aoga i lau feso'ota'iga ma fa'atonu fa'atonuga e fa'atu ai se sauniga VPN.

Fa'asalalau Seti

Fa'afetai, ua mae'a le seti! Atonu e te manaʻo e siaki a matou faʻamaumauga a le au atiaʻe mo faʻaopoopoga faʻaopoopo, iloiloga mo le saogalemu, ma foliga sili atu: https://www.firezone.dev/docs/

LokaBit Fa'ailoa Fa'asinomaga - Fa'atulafono po'o Troll?

LokaBit Ta'ita'i Fa'ailoa Fa'ailoa - Fa'atulafono po'o Troll?

Ia 9, 2024 E leai se faamatalaga

LokaBit Ta'ita'i Fa'ailoa Fa'ailoa - Fa'atulafono po'o Troll? Ua lauiloa lautele o se tasi o vaega sili ona lauiloa ransomware i le lalolagi, Lockbit muamua na aliali mai i totonu.

Faitau atili »

Auala e Aveese Metadata mai se faila

Aperila 27, 2024 E leai se faamatalaga

Faʻafefea ona Aveese Metadata mai se Faʻamatalaga Faʻamatalaga Metadata, e masani ona faʻamatalaina o "faʻamatalaga e uiga i faʻamaumauga," o faʻamatalaga e maua ai faʻamatalaga e uiga i se faila patino. E

Faitau atili »

Fa'asao le Tusitala Initaneti ma le TOR

Aperila 27, 2024 E leai se faamatalaga

Fa'atomuaga Fa'ainitaneti ma le TOR Fa'atomuaga I se lalolagi o lo'o fa'atupuina fa'atulafonoina le avanoa i fa'amatalaga, o meafaigaluega e pei o le feso'otaiga a Tor ua avea ma mea taua mo

Faitau atili »

Auala e Seti ai Hailbytes VPN mo lau Siosiomaga AWS

faʻatomuaga

Sauniuniga

Fa'atonu ile Docker (Fautuaina)

Fa'asalalau Seti

LokaBit Ta'ita'i Fa'ailoa Fa'ailoa - Fa'atulafono po'o Troll?

Auala e Aveese Metadata mai se faila

Fa'asao le Tusitala Initaneti ma le TOR

auaunaga

La matou Kamupani

La Tatou Tuatusi

fofo o Faafitauli

Saogalemu FAQ

Social Ala o Faasalalauga