isle/docs/operator/contributing-a-lighthouse.md

# Contributing a Lighthouse

The [nebula][nebula] project provides the VPN component which is used by
Isle. Every nebula network requires at least one (but preferably more)
publicly accessible hosts. These hosts are called lighthouses.

Lighthouses do _not_ route traffic between hosts on the VPN. Rather, they
coordinate VPN hosts to talk directly to each other, and handle the details of
NAT punching through any NATs that hosts might be behind. As such, they are very
lightweight to run, and require no storage resources at all.

If your host machine has a public static IP, or a dynamic public IP with
[dDNS][ddns] set up, then it can contribute a lighthouse.

[nebula]: https://github.com/slackhq/nebula
[ddns]: https://www.cloudflare.com/learning/dns/glossary/dynamic-dns/

## Setup network

The first step is to pick a UDP port you will expose the lighthouse on. It
doesn't really matter which port you pick, but a number over 1024 is
recommended.

If your host is behind a NAT, ensure that the gateway is setup to forward UDP
traffic on that port to your host.

Configure your host's firewall to allow all UDP traffic on that port.

## Create daemon.yml

First, if you haven't already, [create a `daemon.yml`
file](../user/creating-a-daemonyml-file.md). This will be used to
configure your `isle daemon` process with the public address that other
hosts can find your daemon on.

## Edit daemon.yml

Open your `daemon.yml` file  in a text editor, and find the `vpn.public_addr`
field. Update that field to reflect your host's IP/DNS name and your chosen UDP
port.

## Restart the Daemon

With the `daemon.yml` configured, you should restart your `isle daemon`
process. On startup the daemon will add its public address to the global
configuration, which other hosts will pick up on and begin using.
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 3 years ago			`# Contributing a Lighthouse`

			`The [nebula][nebula] project provides the VPN component which is used by`
Perform all in-code renames which don't affect actual functionality 10 months ago			`Isle. Every nebula network requires at least one (but preferably more)`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 3 years ago			`publicly accessible hosts. These hosts are called lighthouses.`

			`Lighthouses do _not_ route traffic between hosts on the VPN. Rather, they`
			`coordinate VPN hosts to talk directly to each other, and handle the details of`
			`NAT punching through any NATs that hosts might be behind. As such, they are very`
			`lightweight to run, and require no storage resources at all.`

			`If your host machine has a public static IP, or a dynamic public IP with`
Perform all in-code renames which don't affect actual functionality 10 months ago			`[dDNS][ddns] set up, then it can contribute a lighthouse.`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 3 years ago
			`[nebula]: https://github.com/slackhq/nebula`
			`[ddns]: https://www.cloudflare.com/learning/dns/glossary/dynamic-dns/`

			`## Setup network`

			`The first step is to pick a UDP port you will expose the lighthouse on. It`
			`doesn't really matter which port you pick, but a number over 1024 is`
			`recommended.`

			`If your host is behind a NAT, ensure that the gateway is setup to forward UDP`
			`traffic on that port to your host.`

			`Configure your host's firewall to allow all UDP traffic on that port.`

			`## Create daemon.yml`

			First, if you haven't already, [create a `daemon.yml`
			`file](../user/creating-a-daemonyml-file.md). This will be used to`
Perform all in-code renames which don't affect actual functionality 10 months ago			configure your `isle daemon` process with the public address that other
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 3 years ago			`hosts can find your daemon on.`

			`## Edit daemon.yml`

			Open your `daemon.yml` file in a text editor, and find the `vpn.public_addr`
			`field. Update that field to reflect your host's IP/DNS name and your chosen UDP`
			`port.`

			`## Restart the Daemon`

Perform all in-code renames which don't affect actual functionality 10 months ago			With the `daemon.yml` configured, you should restart your `isle daemon`
First public commit There has been over 1 year of commit history leading up to this point, but almost all of that has had some kind network configuration or secrets built into the code. As of today all of that has been removed, and the codebase can finally be published! I am keeping a private copy of the previous commit history, though it's unclear if it will ever be able to be published. 3 years ago			`process. On startup the daemon will add its public address to the global`
			`configuration, which other hosts will pick up on and begin using.`