racks/pawdance
1
0
Fork 0
Code Issues Pull requests Projects Releases 1 Packages Wiki Activity Actions

Update README.md

Browse source
This commit is contained in:
racks 2025-07-25 17:09:55 +02:00
parent 426b99ca8c
commit 8ee69d6e7f
1 changed files with 25 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

44
README.md
View file

@ -78,36 +78,38 @@ vim pawdance-client.conf
Example **client** config: Example **client** config:
```bash ```bash
# pawdance client example config # ---------------------------------------------------------------------------
ROLE="client" # pawdance
# ---------------------------------------------------------------------------
ROLE="client" # client or server
# How to reach the server CONNECT_MODE="auto" # dns|ip|auto
CONNECT_MODE="dns" # dns | ip | auto REMOTE_HOST="vpn.example.com" # used when dns/auto
REMOTE_HOST="vps.your.domain" # REMOTE_CONNECT_IP4="203.0.113.42" # used when ip/auto with no REMOTE_HOST.
# REMOTE_CONNECT_IP4="203.0.113.42"
# REMOTE_CONNECT_IP6="2001:db8::42" # REMOTE_CONNECT_IP6="2001:db8::42"
CONNECT_PREFER="ipv4" # auto | ipv4 | ipv6 CONNECT_PREFER="auto" # auto|ipv4|ipv6
REMOTE_USER="stinky" # --- SSH authentication -----------------------------------------------------
REMOTE_USER="youruser"
SSH_KEY_MODE="false" # true = pass explicit key; false = default chain
SSH_KEY="/home/alice/.ssh/id_ed25519" # only if SSH_KEY_MODE=true
# Tunnel interface # --- Tunnel parameters ------------------------------------------------------
TUN_INDEX="1" TUN_INDEX="1"
TUN_DEV="tun${TUN_INDEX}" TUN_DEV="tun${TUN_INDEX}"
LOCAL_IP4="10.0.1.2/24" LOCAL_IP4="10.0.1.2/24"
REMOTE_IP4="10.0.1.1" REMOTE_IP4="10.0.1.1"
LOCAL_IP6="2001:db8:1::2/64" LOCAL_IP6="2001:db8:1::2/64"
REMOTE_IP6="2001:db8:1::1" REMOTE_IP6="2001:db8:1::1"
MTU="1500" MTU="1500"
# Optional: postquantum crypto overrides # --- Crypto preferences -----------------------------------------
SSH_KEX="mlkem768x25519-sha256" SSH_KEX="mlkem768x25519-sha256"
SSH_CIPHERS="chacha20-poly1305@openssh.com" SSH_CIPHERS="chacha20-poly1305@openssh.com"
SSH_MACS="hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com" SSH_MACS="hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com"
# Push wholeinternet routes through the tunnel? # use remote server as vpn for all traffic.
# if set to false, vpn becomes transparent.
DEFAULT_ROUTE_IPV4="true" DEFAULT_ROUTE_IPV4="true"
DEFAULT_ROUTE_IPV6="true" DEFAULT_ROUTE_IPV6="true"
``` ```
@ -123,20 +125,24 @@ vim srv-config.conf
Example **server** config: Example **server** config:
```bash ```bash
# ---------------------------------------------------------------------------
# pawdance
# ---------------------------------------------------------------------------
ROLE="server" ROLE="server"
# --- Tunnel parameters ------------------------------------------------------
TUN_INDEX="1" TUN_INDEX="1"
TUN_DEV="tun${TUN_INDEX}" TUN_DEV="tun${TUN_INDEX}"
LOCAL_IP4="10.0.1.1/24" LOCAL_IP4="10.0.1.1/24"
LOCAL_IP6="2001:db8:1::1/64" LOCAL_IP6="2001:db8:1::1/64"
MTU="1500" MTU="1500"
# allow VPN clients to access other networks? # allow clients to accsess networks on the server?
VPN_FORWARD="true" # adds iptables/ip6tables FORWARD rules VPN_FORWARD="true" # iptables/ip6tables FORWARD rules
# keep this true (required for routing) #keep this to true. It is required for the tunnel to work.
IP_FORWARD="true" # sets net.ipv4.ip_forward + net.ipv6.conf.all.forwarding # this enables net.ipv4.ip_forward + net.ipv6.conf.all.forwarding
IP_FORWARD="true"
``` ```