uncloud-mravi/doc/README-vpn.org

* How to add a new VPN Host
** Install wireguard to the host
** Install uncloud to the host
** Add `python manage.py vpn --hostname fqdn-of-this-host` to the crontab
** Use the CLI to configure one or more VPN Networks for this host
* Example of adding a VPN host at ungleich
** Create a new dual stack alpine VM
** Add it to DNS as vpn-XXX.ungleich.ch
** Route a /40 network to its IPv6 address
** Install wireguard on it
** TODO Enable wireguard on boot
** TODO Create a new VPNPool on uncloud with
*** the network address (selecting from our existing pool)
*** the network size (/...)
*** the vpn host that provides the network (selecting the created VM)
*** the wireguard private key of the vpn host (using wg genkey)
*** http command
```
http -a nicoschottelius:$(pass
  ungleich.ch/nico.schottelius@ungleich.ch)
  http://localhost:8000/admin/vpnpool/ network=2a0a:e5c1:200:: \
  network_size=40 subnetwork_size=48
  vpn_hostname=vpn-2a0ae5c1200.ungleich.ch
  wireguard_private_key=...
```
* Example http commands / REST calls
** creating a new vpn pool
 http -a nicoschottelius:$(pass
 ungleich.ch/nico.schottelius@ungleich.ch)
 http://localhost:8000/admin/vpnpool/ network_size=40
 subnetwork_size=48 network=2a0a:e5c1:200::
 vpn_hostname=vpn-2a0ae5c1200.ungleich.ch wireguard_private_key=$(wg
 genkey)
** Creating a new vpn network
[doc] add new readme's 2020-04-06 20:06:34 +00:00			`* How to add a new VPN Host`
			`** Install wireguard to the host`
			`** Install uncloud to the host`
			** Add `python manage.py vpn --hostname fqdn-of-this-host` to the crontab
			`** Use the CLI to configure one or more VPN Networks for this host`
			`* Example of adding a VPN host at ungleich`
			`** Create a new dual stack alpine VM`
			`** Add it to DNS as vpn-XXX.ungleich.ch`
			`** Route a /40 network to its IPv6 address`
			`** Install wireguard on it`
			`** TODO Enable wireguard on boot`
update to work on different computer Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-07 17:45:16 +00:00			`** TODO Create a new VPNPool on uncloud with`
			`*** the network address (selecting from our existing pool)`
			`*** the network size (/...)`
			`*** the vpn host that provides the network (selecting the created VM)`
			`*** the wireguard private key of the vpn host (using wg genkey)`
			`*** http command`
			```
			`http -a nicoschottelius:$(pass`
			`ungleich.ch/nico.schottelius@ungleich.ch)`
			`http://localhost:8000/admin/vpnpool/ network=2a0a:e5c1:200:: \`
			`network_size=40 subnetwork_size=48`
			`vpn_hostname=vpn-2a0ae5c1200.ungleich.ch`
			`wireguard_private_key=...`
			```
[vpn] make a vpn creat-able! [15:40] line:~% http -a nicoschottelius:$(pass ungleich.ch/nico.schottelius@ungleich.ch) http://localhost:8000/net/vpn/ network_size=48 wireguard_public_key=$(wg genkey \| wg pubkey) HTTP/1.1 201 Created Allow: GET, POST, HEAD, OPTIONS Content-Length: 206 Content-Type: application/json Date: Sun, 12 Apr 2020 13:40:26 GMT Server: WSGIServer/0.2 CPython/3.7.3 Vary: Accept X-Content-Type-Options: nosniff X-Frame-Options: DENY { "extra_data": null, "network": "2a0a:e5c1:203::", "order": null, "owner": 30, "status": "PENDING", "uuid": "8f977a8f-e06a-4346-94ae-8f525df58b7b", "wireguard_public_key": "JvCuUTZHm9unasJkGsLKN0Bf/hu6ZSIv7dnIGPyJ6xA=" } 2020-04-12 13:40:39 +00:00			`* Example http commands / REST calls`
			`** creating a new vpn pool`
			`http -a nicoschottelius:$(pass`
			`ungleich.ch/nico.schottelius@ungleich.ch)`
			`http://localhost:8000/admin/vpnpool/ network_size=40`
			`subnetwork_size=48 network=2a0a:e5c1:200::`
			`vpn_hostname=vpn-2a0ae5c1200.ungleich.ch wireguard_private_key=$(wg`
			`genkey)`
			`** Creating a new vpn network`