Sida Loo Sameeyo Hailbytes VPN Deegaankaaga AWS

Hordhac

Maqaalkan, waxaan ku dul mari doonaa sida loo sameeyo HailBytes VPN shabakadaada, VPN fudud oo aamin ah iyo dab-damiska shabakadaada. Faahfaahin dheeraad ah iyo tilmaamo gaar ah ayaa laga heli karaa dukumeentiyada horumariyaha ee ku xiran halkan.

Diyaarinta

1. Shuruudaha Kheyraadka:

Waxaan ku talineynaa in lagu bilaabo 1 vCPU iyo 1 GB ee RAM ka hor inta aan la kicin.

Ku-daridda Omnibus-ku-saleysan serferrada leh wax ka yar 1 GB ee xusuusta, waa inaad shid isweydaarsiga si aad uga fogaato kernel-ka Linux inuu si lama filaan ah u dilo hababka Firezone.

1 vCPU waa in ay ku filnaataa in la buuxiyo isku xirka 1 Gbps ee VPN.

2. Samee diiwaanka DNS: Firezone wuxuu u baahan yahay magac domain oo habboon isticmaalka wax soo saarka, tusaale firezone.company.com. Abuuritaanka diiwaan ku habboon DNS sida A, CNAME, ama AAAA ayaa loo baahan doonaa.

3. Deji SSL: Waxaad u baahan doontaa shahaado SSL oo sax ah si aad Firezone ugu isticmaasho awood wax soo saar. Firezone waxay taageertaa ACME bixinta tooska ah ee shahaadooyinka SSL ee rakibaadda ku salaysan Docker iyo Omnibus.

4. Furan dekedaha dab-damiska: Firezone waxay isticmaashaa dekedaha 51820/udp iyo 443/tcp ee HTTPS iyo taraafikada WireGuard siday u kala horreeyaan. Waxaad ka bedeli kartaa dekadahan dambe faylka qaabeynta.

Geli goobta Docker (lagu taliyay)

1. Shuruudaha:

Hubi inaad ku jirto goob la taageeray oo leh nooca docker-compose 2 ama ka sareeya lagu rakibay.

Hubi in gudbinta dekeddu ay karti u leedahay dabka. Defallooyinku waxay u baahan yihiin inay furmaan dekedaha soo socda:

o 80/tcp (ikhtiyaar): Si toos ah u bixinta shahaadooyinka SSL

o 443/tcp: Gelida shabkada UI

o 51820/udp: VPN taraafikada dekeda dhegeysiga

2. Rakib Xulashada Server-ka I: Rakiba Toos ah (lagu talinayaa)

Run installation script: bash <(curl -fsSL https://github.com/firezone/firezone/raw/master/scripts/install.sh) 1889d1a18e090c-0ec2bae288f1e2-26031d51-144000-1889d1a18e11c6c

Waxay ku weydiin doontaa dhowr su'aalood oo ku saabsan qaabeynta bilowga ka hor inta aadan soo dejin muunada docker-compose.yml. Waxaad u baahan doontaa inaad ku habayso jawaabahaaga, oo daabac tilmaamaha gelitaanka Shabakadda UI.

Ciwaanka caadiga ah ee Firezone: $HOME/.firezone.

2. Ku rakib Server-ka Doorashada II: Rakibaadda gacanta

Soo deji qaab-dhismeedka qaab-dhismeedku si aad u samayso hagaha shaqada ee deegaanka

Linux: curl -fsSL https://raw.githubusercontent.com/firezone/firezone/master/docker-compose.prod.yml -o docker-compose.yml

- macOS ama Windows: curl -fsSL https://raw.githubusercontent.com/firezone/firezone/master/docker-compose.desktop.yml -o docker-compose.yml

Samee siraha loo baahan yahay: docker run –rm firezone/firezone bin/gen-env > .env

Beddel DEFAULT_ADMIN_EMAIL iyo EXTERNAL_URL doorsoomayaasha. Wax ka beddel siraha kale haddii loo baahdo.

Haaji xogta xogta: docker compose run-rm firezone bin/migrate

Abuur koontada maamulka: docker compose run-rm firezone bin/abuur-ama-dib-u-habaynta-admin

Keen adeegyada: docker compose up -d

Waa inaad awood u yeelatid inaad gasho Firezome UI iyada oo loo marayo doorsoomaha EXTERNAL_URL ee kor lagu qeexay.

3. U oggolow bootinta (ikhtiyaar):

Hubi in Docker uu karti u yeeshay bilowga: sudo systemctl awood docker

Adeegyada Firezone waa inay dib u bilaabaan: had iyo jeer ama dib u bilaabaan: ilaa-joojinta doorashada lagu cayimay faylka docker-compose.yml.

4. Daar u yeel IPV6 Dareenka Dadweynaha (ikhtiyaar):

Kudar kuwan soo socda /etc/docker/daemon.json si aad awood ugu siiso IPV6 NAT oo aad u habayso gudbinta IPv6 ee weelasha Docker.

U oggolow ogaysiisyada router ee bootka ee interface egress-kaaga caadiga ah: egress=`ip road show default 0.0.0.0/0 | grep -oP '(?<=dev)*' | gooyo -f1 -d' ' | tr -d '\n'` sudo bash -c "echo net.ipv6.conf.${egress}.accept_ra=2 >> /etc/sysctl.conf"

Dib u bilow oo tijaabi adiga oo Google ka soo dhejinaya weelka docker-ka gudahooda: docker run –rm -t busybox ping6 -c 4 google.com

Looma baahna in lagu daro wax shuruuc ah iptables si ay awood IPV6 SNAT/masquerading gaadiidka tunneled. Firezone ayaa tan qaban doonta.

5. Ku rakib barnaamijyada macmiilka

Waxaad hadda ku dari kartaa isticmaalayaasha shabakadaada oo aad habayn kartaa tilmaamaha si aad u dhisto fadhiga VPN.

Dejinta kadib

Hambalyo, waxaad dhammaysay habaynta! Waxaa laga yaabaa inaad rabto inaad hubiso dukumeentiyada horumariyahayaga si aad u hesho qaabayn dheeri ah, tixgelinta amniga, iyo sifooyinka horumarsan: https://www.firezone.dev/docs/

Aqoonsiga Hogaamiyaha LockBit Oo La Shaaciyay - Sharci Mise Talo?

Aqoonsiga Hogaamiyaha LockBit Oo La Daaha Ka Qaaday - Xalaal Mise?

Waxaa laga yaabaa 9, 2024 No Comments

Aqoonsiga Hogaamiyaha LockBit Oo La Daaha Ka Qaaday - Xalaal Mise? Si ballaaran loo aqoonsaday mid ka mid ah kooxaha madax furashada ugu badan adduunka, Lockbit ayaa markii ugu horreysay soo gashay

Akhri wax dheeraad ah "

Sida Faylka looga saaro Xogta badan

April 27, 2024 No Comments

Sida looga saaro Xogta badan ee Hordhaca Faylka Xogta badan, oo inta badan lagu tilmaamo "xogta ku saabsan xogta," waa macluumaadka bixiya faahfaahin ku saabsan fayl gaar ah. Waxaa

Akhri wax dheeraad ah "

Ka gudubka faafreebka internetka ee TOR

April 27, 2024 No Comments

Ka gudubka Faafreebka Internetka oo leh Hordhac TOR Adduunka halkaas oo helitaanka macluumaadka si sii kordheysa loo habeeyo, aaladaha sida shabakadda Tor ayaa muhiim u ah

Akhri wax dheeraad ah "

Sida Loo Sameeyo Hailbytes VPN Deegaankaaga AWS

Hordhac

Diyaarinta

Geli goobta Docker (lagu taliyay)

Dejinta kadib

Aqoonsiga Hogaamiyaha LockBit Oo La Daaha Ka Qaaday - Xalaal Mise?

Sida Faylka looga saaro Xogta badan

Ka gudubka faafreebka internetka ee TOR

adeegyada

our Company

Cinwaankaaga

Solutions

Su'aalaha Amniga

Warbaahinta bulshada