Tinc: Difference between revisions

From XPUB & Lens-Based wiki
No edit summary
No edit summary
 
(21 intermediate revisions by 3 users not shown)
Line 1: Line 1:
== Client (Raspberry Pi / laptop ) ==
https://tinc-vpn.org/images/tinclogo.png
===Install===
Install dependencies
sudo apt install build-essential automake libssl-dev liblzo2-dev libbz2-dev zlib1g-dev libncurses5-dev libreadline-dev


''[https://tinc-vpn.org/ Tinc] is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between hosts on the Internet.''


Compile Tinc 1.1pre :
And is used in XPUB to create the [[HUB]] VPN - an electronic learning enviroment, server playground, web publishing platform, consisting of local machines (mainly raspberry pi's) that sit behind firewalls,
but through Tinc are accessible from outside the firewall.


cd /usr/src/
To add a machine to the HUB, we install Tinc from source. This is because it is required to have all the machines running the same version of Tinc.


wget https://www.tinc-vpn.org/packages/tinc-1.1pre17.tar.gz
==Install Tinc Client ==


tar xvf tinc-1.1pre17.tar.gz
'''On RaspberryPi / machine that will be joining [[HUB]].'''


cd tinc-1.1pre17
Install dependencies:


  ./configure
  sudo apt install build-essential automake libssl-dev liblzo2-dev libbz2-dev zlib1g-dev libncurses5-dev libreadline-dev
 
make
 
  sudo make install


Once installed the configuration dir should be in:
Compile <code>Tinc 1.1pre</code>:
/usr/local/etc/tinc/


And tinc is installed in
  cd ~
  /usr/local/sbin/tinc


<s>tmux: attaches shell to the pi and running without your ssh connection</s>
wget https://www.tinc-vpn.org/packages/tinc-1.1pre18.tar.gz


Adding clients
tar xvf tinc-1.1pre18.tar.gz
On the server:
    tinc -n hub invite $CLIENTHOSTNAME
On the client:


    tinc join $INVITEURL
cd tinc-1.1pre18


    tinc -n hub add subnet 10.0.0.1XX
./configure


    tincd -n hub -D -d3
make


=== to rejoin tinc you need to ===
   sudo make install
   1. start `tmux` and then
  2. run the following command `tincd -n hub -D -d3


Once installed create configuration dir:
sudo mkdir -p /usr/local/etc/tinc/


= tincd service file =
And tinc is installed in  
 
/usr/local/sbin/tinc
According to [https://www.tinc-vpn.org/documentation/Linux.html tinc documentation]
 
Tinc ships with systemd service files that allow you to start and stop tinc using systemd. There are two service files: * ''tinc.service'' is used to globally enable or disable all tinc daemons managed by systemd * ''tinc@netname.service'' is used to enable or disable specific tinc daemons.
 
These are located in the source directory, in the sub-directory <code>systemd/</code>
 
However this files, seem to give some issues, as metioned in the tinc github: [https://github.com/gsliepen/tinc/issues/133 issue 133], [https://github.com/gsliepen/tinc/issues/168 issue 168]
 
Hence it is easier to edit and simply them a bit.
 
<code>/etc/systemd/system/tinc.service</code>
 
<pre># This is a mostly empty service, but allows commands like stop, start, reload
# to propagate to all tinc@ service instances.
 
[Unit]
Description=Tinc VPN
Documentation=info:tinc
Documentation=man:tinc(8) man:tinc.conf(5)
Documentation=http://tinc-vpn.org/docs/
After=network.target
Wants=network.target
 
[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/local/sbin/true
ExecReload= /usr/local/sbin/true
WorkingDirectory=/usr/local/etc/tinc
 
[Install]
WantedBy=multi-user.target</pre>
<code>/etc/systemd/system/tinc@testvpn.service</code>
 
<pre>[Unit]
Description=Tinc net %i
Documentation=info:tinc
Documentation=man:tinc(8) man:tinc.conf(5)
Documentation=http://tinc-vpn.org/docs/
PartOf=tinc.service
ReloadPropagatedFrom=tinc.service
 
[Service]
Type=simple
WorkingDirectory=/usr/local/etc/tinc/%i
ExecStart=/usr/local/sbin/tincd -n %i -D
ExecReload=/usr/local/sbin/tincd -n %i -kHUP
TimeoutStopSec=5
Restart=always
RestartSec=60
 
[Install]
WantedBy=tinc.service</pre>
Note: in my system tinc was installed inside /usr/local/bin/tinc, /usr/local/bin/tincd and its configuration is in /usr/local/etc/tinc. But this is system specific. Ensure you know where these directories are in your system.
 
* Enable
** <code>sudo systemctl enable tinc</code>
** <code>sudo systemctl enable tinc@testvpn</code>
* Start <code>sudo systemctl start tinc@testvpn</code>
* Check status <code>sudo systemctl status tinc@testvpn</code>


Note that because <code>tinc@testvpn.service</code> requests tinc.service we don’t need to start that one, as it is started by <code>tinc@testvpn.service</code>
==Next steps==


If all is good. We can test by rebooting the system and seeing that if after a while tinc@testvpn is up. You can check that by keeping starting a connection in the other node <code>sudo tincd -n testvpn -D -d 3</code> and try pinging the node, where we are trying to run tinc as a service <code>ping 10.1.0.2</code>.
Follow [[XPUB_HUB_New_Nodes]].




[[Category:Cookbook]]
[[Category:Cookbook]]
[[Category:Tinc]]

Latest revision as of 09:53, 1 October 2024

tinclogo.png

Tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between hosts on the Internet.

And is used in XPUB to create the HUB VPN - an electronic learning enviroment, server playground, web publishing platform, consisting of local machines (mainly raspberry pi's) that sit behind firewalls, but through Tinc are accessible from outside the firewall.

To add a machine to the HUB, we install Tinc from source. This is because it is required to have all the machines running the same version of Tinc.

Install Tinc Client

On RaspberryPi / machine that will be joining HUB.

Install dependencies:

sudo apt install build-essential automake libssl-dev liblzo2-dev libbz2-dev zlib1g-dev libncurses5-dev libreadline-dev 

Compile Tinc 1.1pre:

cd ~
wget https://www.tinc-vpn.org/packages/tinc-1.1pre18.tar.gz
tar xvf tinc-1.1pre18.tar.gz
cd tinc-1.1pre18
./configure
make
 sudo make install

Once installed create configuration dir:

sudo mkdir -p /usr/local/etc/tinc/

And tinc is installed in

/usr/local/sbin/tinc

Next steps

Follow XPUB_HUB_New_Nodes.