Perform all in-code renames which don't affect actual functionality

This commit is contained in:
Brian Picciano 2023-08-05 23:53:17 +02:00
parent 2b9601f031
commit 3d7651208f
40 changed files with 182 additions and 186 deletions

View File

@ -4,9 +4,9 @@ rely on it for anything._**
----- -----
# cryptic-net # Isle
The cryptic-net project provides the foundation for an **autonomous community The Isle project provides the foundation for an **autonomous community
cloud infrastructure**. cloud infrastructure**.
This project targets communities of individuals, where certain members of the This project targets communities of individuals, where certain members of the
@ -14,7 +14,7 @@ community would like to host services and applications from servers running in
their homes or offices. These servers can range from simple Raspberry Pis to their homes or offices. These servers can range from simple Raspberry Pis to
full-sized home PCs. full-sized home PCs.
The core components of cryptic-net, currently, are: The core components of Isle, currently, are:
* A VPN which enables direct peer-to-peer communication. Even if most hosts in * A VPN which enables direct peer-to-peer communication. Even if most hosts in
the network are on a private LAN (e.g. their home WiFi network) or have a the network are on a private LAN (e.g. their home WiFi network) or have a
@ -28,7 +28,7 @@ The core components of cryptic-net, currently, are:
within the network. within the network.
These components are wrapped into a single binary, with all setup being These components are wrapped into a single binary, with all setup being
automated. cryptic-net takes "just works" very seriously. automated. Isle takes "just works" very seriously.
Participants are able to build upon these foundations to host services for Participants are able to build upon these foundations to host services for
themselves and others. They can be assured that their communications are private themselves and others. They can be assured that their communications are private
@ -37,9 +37,9 @@ third parties involved.
## Documentation ## Documentation
cryptic-net users fall into different roles, depending on their level of Isle users fall into different roles, depending on their level of
involvement and expertise within their particular network. The documentation for involvement and expertise within their particular network. The documentation
cryptic-net is broken down by these categories, so that the reader can easily is broken down by these categories, so that the reader can easily
decide which documents they need to care about. decide which documents they need to care about.
### User Docs ### User Docs
@ -90,19 +90,19 @@ Documentation for admins:
### Dev Docs ### Dev Docs
Devs may or may not be users in any particular cryptic network. They instead are Devs may or may not be users in any particular isle network. They instead are
those who work on the actual code for cryptic-net. those who work on the actual code for Isle.
Documentation for devs: Documentation for devs:
* [Design Principles](docs/dev/design-principles.md) * [Design Principles](docs/dev/design-principles.md)
* [`cryptic-net daemon` process tree](docs/dev/daemon-process-tree.svg): Diagram * [`isle daemon` process tree](docs/dev/daemon-process-tree.svg): Diagram
describing the [pmux](https://code.betamike.com/micropelago/pmux) process tree describing the [pmux](https://code.betamike.com/micropelago/pmux) process tree
created by `cryptic-net daemon` at runtime. created by `isle daemon` at runtime.
* [Rebuilding Documentation](docs/dev/rebuilding-documentation.md) * [Rebuilding Documentation](docs/dev/rebuilding-documentation.md)
* [Releases](docs/dev/releases.md) * [Releases](docs/dev/releases.md)
* [Gateway](docs/dev/gateway.md): Tentative spec for gateway functionality in * [Gateway](docs/dev/gateway.md): Tentative spec for gateway functionality in
cryptic-net Isle.
## Misc ## Misc

View File

@ -25,7 +25,7 @@
in rec { in rec {
version = pkgs.stdenv.mkDerivation { version = pkgs.stdenv.mkDerivation {
name = "cryptic-net-version"; name = "isle-version";
inherit buildSystem hostSystem revision releaseName; inherit buildSystem hostSystem revision releaseName;
repoSrc = ./.; repoSrc = ./.;
@ -80,7 +80,7 @@ in rec {
}; };
rootedBootstrap = pkgs.stdenv.mkDerivation { rootedBootstrap = pkgs.stdenv.mkDerivation {
name = "cryptic-net-rooted-bootstrap"; name = "isle-rooted-bootstrap";
src = bootstrap; src = bootstrap;
@ -92,10 +92,10 @@ in rec {
}; };
appDir = pkgs.stdenv.mkDerivation { appDir = pkgs.stdenv.mkDerivation {
name = "cryptic-net-AppDir"; name = "isle-AppDir";
src = pkgs.buildEnv { src = pkgs.buildEnv {
name = "cryptic-net-AppDir-base"; name = "isle-AppDir-base";
paths = [ paths = [
./AppDir ./AppDir
@ -122,7 +122,7 @@ in rec {
appimagetool = pkgs.callPackage ./nix/appimagetool.nix {}; appimagetool = pkgs.callPackage ./nix/appimagetool.nix {};
appImage = pkgs.stdenv.mkDerivation { appImage = pkgs.stdenv.mkDerivation {
name = "cryptic-net-AppImage"; name = "isle-AppImage";
src = appDir; src = appDir;
nativeBuildInputs = [ nativeBuildInputs = [
@ -133,19 +133,19 @@ in rec {
builder = builtins.toFile "build.sh" '' builder = builtins.toFile "build.sh" ''
source $stdenv/setup source $stdenv/setup
cp -rL "$src" cryptic-net.AppDir cp -rL "$src" isle.AppDir
chmod +w cryptic-net.AppDir -R chmod +w isle.AppDir -R
export VERSION=debug export VERSION=debug
# https://github.com/probonopd/go-appimage/issues/155 # https://github.com/probonopd/go-appimage/issues/155
unset SOURCE_DATE_EPOCH unset SOURCE_DATE_EPOCH
appimagetool ./cryptic-net.AppDir appimagetool ./isle.AppDir
mkdir -p "$out"/bin mkdir -p "$out"/bin
chmod +w "$out" -R chmod +w "$out" -R
mv Cryptic_Net-* "$out"/bin/cryptic-net mv Isle-* "$out"/bin/isle
''; '';
}; };
} }

View File

@ -4,16 +4,16 @@ This document guides an admin through adding a single host to the network. Keep
in mind that the steps described here must be done for _each_ host the user in mind that the steps described here must be done for _each_ host the user
wishes to add. wishes to add.
There are two ways for a user to add a host to the cryptic network. There are two ways for a user to add a host to the isle network.
- If the user is savy enough to obtain their own `cryptic-net` binary, they can - If the user is savy enough to obtain their own `isle` binary, they can
do so. The admin can then generate a `bootstrap.yml` file for their host, do so. The admin can then generate a `bootstrap.yml` file for their host,
give that to the user, and the user can run `cryptic-net daemon` using that give that to the user, and the user can run `isle daemon` using that
bootstrap file. bootstrap file.
- If the user is not so savy, the admin can generate a custom `cryptic-net` - If the user is not so savy, the admin can generate a custom `isle`
binary with the `bootstrap.yml` embedded into it. The user can be given this binary with the `bootstrap.yml` embedded into it. The user can be given this
binary and run `cryptic-net daemon` without any configuration on their end. binary and run `isle daemon` without any configuration on their end.
From the admin's perspective the only difference between these cases is one From the admin's perspective the only difference between these cases is one
extra step. extra step.
@ -43,7 +43,7 @@ To create a `bootstrap.yml` file for the new host, the admin should perform the
following command from their own host: following command from their own host:
``` ```
cryptic-net hosts create-bootstrap \ isle hosts create-bootstrap \
--hostname <name> \ --hostname <name> \
--ip <ip> \ --ip <ip> \
--admin-path <path to admin.yml> \ --admin-path <path to admin.yml> \
@ -54,9 +54,9 @@ The resulting `bootstrap.yml` file should be treated as a secret file that is
shared only with the user it was generated for. The `bootstrap.yml` file should shared only with the user it was generated for. The `bootstrap.yml` file should
not be re-used between hosts either. not be re-used between hosts either.
If the user already has access to a `cryptic-net` binary then the new If the user already has access to a `isle` binary then the new
`bootstrap.yml` file can be given to them as-is, and they can proceed with `bootstrap.yml` file can be given to them as-is, and they can proceed with
running their host's `cryptic-net daemon`. running their host's `isle daemon`.
### Encrypted `admin.yml` ### Encrypted `admin.yml`
@ -66,7 +66,7 @@ GPG is being used to secure `admin.yml` then the following could be used to
generate a `bootstrap.yml`: generate a `bootstrap.yml`:
``` ```
gpg -d <path to admin.yml.gpg> | cryptic-net hosts create-bootstrap \ gpg -d <path to admin.yml.gpg> | isle hosts create-bootstrap \
--hostname <name> \ --hostname <name> \
--ip <ip> \ --ip <ip> \
--admin-path - \ --admin-path - \

View File

@ -1,9 +1,9 @@
# Creating a New Network # Creating a New Network
This guide is for those who wish to start a new cryptic network of their This guide is for those who wish to start a new isle network of their
own. own.
By starting a new cryptic network, you are becoming the administrator of a By starting a new isle network, you are becoming the administrator of a
network. Be aware that being a network administrator is not necessarily easy, network. Be aware that being a network administrator is not necessarily easy,
and the users of your network will frequently need your help in order to have a and the users of your network will frequently need your help in order to have a
good experience. It can be helpful to have others with which you are good experience. It can be helpful to have others with which you are
@ -42,7 +42,7 @@ A `daemon.yml` will need to be created for use during network creation. You can
create a new `daemon.yml` with default values filled in by doing: create a new `daemon.yml` with default values filled in by doing:
``` ```
cryptic-net admin create-network --dump-config > /path/to/daemon.yml isle admin create-network --dump-config > /path/to/daemon.yml
``` ```
Open this file in a text editor and perform the following changes: Open this file in a text editor and perform the following changes:
@ -70,7 +70,7 @@ be chosen with care.
networks](https://en.wikipedia.org/wiki/IPv4#Private_networks), but within networks](https://en.wikipedia.org/wiki/IPv4#Private_networks), but within
that selection the choice is up to you. that selection the choice is up to you.
* Domain: cryptic-net is shipped with a DNS server which will automatically * Domain: isle is shipped with a DNS server which will automatically
configure itself with all hosts in the network, with each DNS entry taking the configure itself with all hosts in the network, with each DNS entry taking the
form of `hostname.hosts.domain`, where `domain` is the domain chosen in this form of `hostname.hosts.domain`, where `domain` is the domain chosen in this
step. The domain may be a valid public domain or not, it's up to you. step. The domain may be a valid public domain or not, it's up to you.
@ -86,7 +86,7 @@ be chosen with care.
## Step 3: Prepare to Encrypt `admin.yml` ## Step 3: Prepare to Encrypt `admin.yml`
The `admin.yml` file (which will be created in the next step) is the most The `admin.yml` file (which will be created in the next step) is the most
sensitive part of a cryptic network. If it falls into the wrong hands it can be sensitive part of a isle network. If it falls into the wrong hands it can be
used to completely compromise your network, impersonate hosts on the network, used to completely compromise your network, impersonate hosts on the network,
and will likely lead to someone stealing or deleting all of your data. and will likely lead to someone stealing or deleting all of your data.
@ -103,7 +103,7 @@ To create the `admin.yml` file, which effectively creates the network itself,
you can run: you can run:
``` ```
sudo cryptic-net admin create-network \ sudo isle admin create-network \
--config-path /path/to/daemon.yml \ --config-path /path/to/daemon.yml \
--name <name> \ --name <name> \
--ip-net <ip/subnet-prefix> \ --ip-net <ip/subnet-prefix> \
@ -132,10 +132,10 @@ At this point you should have an `admin.yml.gpg` file in your current directory.
## Step 5: Run the Daemon ## Step 5: Run the Daemon
The cryptic-net daemon can be run now, using the following command: The isle daemon can be run now, using the following command:
``` ```
sudo cryptic-net daemon -c /path/to/daemon.yml sudo isle daemon -c /path/to/daemon.yml
``` ```
**NOTE** that you _must_ use the same `daemon.yml` file used when creating the **NOTE** that you _must_ use the same `daemon.yml` file used when creating the
@ -145,9 +145,4 @@ At this point your host, and your network, are ready to go! You can reference
the [Getting Started](../user/getting-started.md) document to set up your the [Getting Started](../user/getting-started.md) document to set up your
host's daemon process in a more permanent way. host's daemon process in a more permanent way.
## Next Steps
* Add users
* Fix directories
[ddns]: https://www.cloudflare.com/learning/dns/glossary/dynamic-dns/ [ddns]: https://www.cloudflare.com/learning/dns/glossary/dynamic-dns/

View File

@ -1,7 +1,7 @@
@startuml @startuml
hide empty description hide empty description
state "./cryptic-net daemon -c ./daemon.yml" as init state "./isle daemon -c ./daemon.yml" as init
state AppDir { state AppDir {

View File

@ -1,21 +1,20 @@
# Design Principles # Design Principles
The following points form the basis for all design decisions made within the The following points form the basis for all design decisions made within the
cryptic-net project. Isle project.
* The UX is aggressively optimized to eliminate manual intervention by users. * The UX is aggressively optimized to eliminate manual intervention by users.
All other concerns are secondary. The concept of "UX" extends beyond GUI All other concerns are secondary. The concept of "UX" extends beyond GUI
interfaces, and encompasses all interactions of any sort with a cryptic-net interfaces, and encompasses all interactions of any sort with a isle
process. process.
* All resources within a cryptic-net are expected to be hosted on hardware owned * All resources within an isle network are expected to be hosted on hardware
by community members, for example home media servers or gaming rigs. Thus, a owned by community members, for example home media servers or gaming rigs.
cryptic-net is fully autonomous. Thus, an isle is fully autonomous.
* Hardware resources are expected to be heterogenous and geographically * Hardware resources are expected to be heterogenous and geographically
dispersed. dispersed.
* It is expected that a single host might be a part of multiple, independent * It is expected that a single host might be a part of multiple, independent
cryptic networks. These should not conflict with each other, nor share isle networks. These should not conflict with each other, nor share resources.
resources.

View File

@ -1,7 +1,7 @@
# Gateway # Gateway
This document acts as the spec for a general purpose gateway system built into This document acts as the spec for a general purpose gateway system built into
the cryptic-net daemon. the isle daemon.
The high level goal of the gateway is to remove significant barriers to entry The high level goal of the gateway is to remove significant barriers to entry
for individuals hosting data and services at their own domain names: for individuals hosting data and services at their own domain names:
@ -15,21 +15,21 @@ network they will have already solved these problems. By providing gateway
functionality they can share that work with their community. functionality they can share that work with their community.
The gateway functions by serving requests for a user's DNS domain on their The gateway functions by serving requests for a user's DNS domain on their
behalf. Requests are served by publicly facing hosts of a cryptic network using behalf. Requests are served by publicly facing hosts of an isle network using
a backend configured by the user. a backend configured by the user.
## Terminology ## Terminology
* "gateway process" refers to the the system process running on a single host * "gateway process" refers to the the system process running on a single host
which serves requests for a cryptic network's gateway. which serves requests for an isle network's gateway.
* "gateway" refers to the collection of all gateway processes which are * "gateway" refers to the collection of all gateway processes which are
configured and running for a cryptic network. All gateway processes exhibit configured and running for an isle network. All gateway processes exhibit
the same behavior, and serve the same domain names, and so are conceived as the same behavior, and serve the same domain names, and so are conceived as
being a single unit. being a single unit.
* "gateway DNS name" refers to the single DNS domain or subdomain which contains * "gateway DNS name" refers to the single DNS domain or subdomain which contains
a A/AAAA record for each of the gateway processes of a cryptic network. a A/AAAA record for each of the gateway processes of an isle network.
## Gateway DNS Setup ## Gateway DNS Setup
@ -57,7 +57,7 @@ to serve requests at a domain. Backends could include:
- Public git repositories (like how github pages works) - Public git repositories (like how github pages works)
- S3 buckets on the private garage cluster - S3 buckets on the private garage cluster
- IPFS files or IPNS names - IPFS files or IPNS names
- Services which are available privately over cryptic network - Services which are available privately over an isle network
A backend is uniquely described and identified by an object containing a `type` A backend is uniquely described and identified by an object containing a `type`
field, and then further fields which depend on the type. The object for a git field, and then further fields which depend on the type. The object for a git
@ -73,14 +73,14 @@ repository backend would look like:
All backends essentially act as a static filesystem, from which requests are All backends essentially act as a static filesystem, from which requests are
served by the gateway. For example, given a domain `example.com` which has been served by the gateway. For example, given a domain `example.com` which has been
configured with a cryptic network gateway to serve a git repo, if configured with an isle network gateway to serve a git repo, if
`example.com/foo/bar` is requested then the file at `/foo/bar` within the `example.com/foo/bar` is requested then the file at `/foo/bar` within the
current tip of the git repo is served. current tip of the git repo is served.
## User Experience ## User Experience
It should be noted up-front that a gateway user should not need to have any It should be noted up-front that a gateway user should not need to have any
hosts registered on a cryptic network, or have any other material connection to hosts registered on an isle network, or have any other material connection to
the network, in order to use the gateway. the network, in order to use the gateway.
### Setup a Domain ### Setup a Domain
@ -105,7 +105,7 @@ instructions. The instructions prompt the user to:
* Add a CNAME record to their DNS domain, pointing to the gateway DNS name. * Add a CNAME record to their DNS domain, pointing to the gateway DNS name.
* Add a TXT record to their DNS domain containing `cryptic_net_gateway=<opaque * Add a TXT record to their DNS domain containing `isle_gateway=<opaque
string>`. string>`.
The page provides the user with an input box to input their domain name into, The page provides the user with an input box to input their domain name into,
@ -194,7 +194,7 @@ They are not meant to be set in stone.
## Future Work ## Future Work
It should be possible for someone accessing a private domain on the cryptic It should be possible for someone accessing a private domain on the isle
network to access the gateway web panel and use it _without_ requiring a secret network to access the gateway web panel and use it _without_ requiring a secret
passphrase. This way community members who have already been vetted (by being passphrase. This way community members who have already been vetted (by being
added to the VPN) can have even less friction. added to the VPN) can have even less friction.

View File

@ -1,6 +1,6 @@
# Rebuilding Documentation # Rebuilding Documentation
Most documentation for cryptic-net takes the form of markdown (`.md`) files, Most documentation for Isle takes the form of markdown (`.md`) files,
which do not require any build step. There are a few other kinds of files, such which do not require any build step. There are a few other kinds of files, such
as `.plantuml` files, which do require a build step. If these are changed then as `.plantuml` files, which do require a build step. If these are changed then
their artifacts should be rebuilt by doing: their artifacts should be rebuilt by doing:

View File

@ -15,7 +15,7 @@ A release consists of:
To create a release only a functional nix installation is required. Simply run To create a release only a functional nix installation is required. Simply run
the `./release.sh` script, and input a release name when prompted. the `./release.sh` script, and input a release name when prompted.
From here a cryptic-net binary will be cross-compiled for all supported From here an `isle` binary will be cross-compiled for all supported
platforms. This will take a long time the first time you perform it on your platforms. This will take a long time the first time you perform it on your
machine. machine.

View File

@ -4,14 +4,17 @@ The purpose of this document is define the specific terms which should be used
for various concepts, with the goal of establishing consistency throughout for various concepts, with the goal of establishing consistency throughout
documentation and source code. documentation and source code.
- "user" - a person who takes part in the usage, operation, or administration of - "Isle" - The name of this project, which is a proper noun and so should always
a cryptic network. be capitalized.
- "host" - A computer or device used by a user to connect to a cryptic network. - "isle" - The name of the binary or program produced by the Isle project. isle
is the name of the file itself, and so is always lower-case.
- "cryptic network", "network" - A collection of hosts which communicate and - "host" - A computer or device on which isle is run.
share resources with each other via the mechanisms provided by the cryptic-net
project. - "isle network", "network" - A collection of hosts which communicate and share
resources with each other via the Isle project.
- "user" - A person who takes part in the usage, operation, or administration of
an isle network.
- "cryptic-net" - The name of the binary or program which is used to interact
with a cryptic network.

View File

@ -1,7 +1,7 @@
# Contributing a Lighthouse # Contributing a Lighthouse
The [nebula][nebula] project provides the VPN component which is used by The [nebula][nebula] project provides the VPN component which is used by
cryptic-net. Every nebula network requires at least one (but preferably more) Isle. Every nebula network requires at least one (but preferably more)
publicly accessible hosts. These hosts are called lighthouses. publicly accessible hosts. These hosts are called lighthouses.
Lighthouses do _not_ route traffic between hosts on the VPN. Rather, they Lighthouses do _not_ route traffic between hosts on the VPN. Rather, they
@ -10,7 +10,7 @@ NAT punching through any NATs that hosts might be behind. As such, they are very
lightweight to run, and require no storage resources at all. lightweight to run, and require no storage resources at all.
If your host machine has a public static IP, or a dynamic public IP with If your host machine has a public static IP, or a dynamic public IP with
[dDNS][ddns] set up, then it can contribute a lighthouse for cryptic-net. [dDNS][ddns] set up, then it can contribute a lighthouse.
[nebula]: https://github.com/slackhq/nebula [nebula]: https://github.com/slackhq/nebula
[ddns]: https://www.cloudflare.com/learning/dns/glossary/dynamic-dns/ [ddns]: https://www.cloudflare.com/learning/dns/glossary/dynamic-dns/
@ -30,7 +30,7 @@ Configure your host's firewall to allow all UDP traffic on that port.
First, if you haven't already, [create a `daemon.yml` First, if you haven't already, [create a `daemon.yml`
file](../user/creating-a-daemonyml-file.md). This will be used to file](../user/creating-a-daemonyml-file.md). This will be used to
configure your `cryptic-net daemon` process with the public address that other configure your `isle daemon` process with the public address that other
hosts can find your daemon on. hosts can find your daemon on.
## Edit daemon.yml ## Edit daemon.yml
@ -41,6 +41,6 @@ port.
## Restart the Daemon ## Restart the Daemon
With the `daemon.yml` configured, you should restart your `cryptic-net daemon` With the `daemon.yml` configured, you should restart your `isle daemon`
process. On startup the daemon will add its public address to the global process. On startup the daemon will add its public address to the global
configuration, which other hosts will pick up on and begin using. configuration, which other hosts will pick up on and begin using.

View File

@ -8,7 +8,7 @@ to the network, then this document is for you.
First, if you haven't already, [create a `daemon.yml` First, if you haven't already, [create a `daemon.yml`
file](../user/creating-a-daemonyml-file.md). This will be used to file](../user/creating-a-daemonyml-file.md). This will be used to
configure your `cryptic-net daemon` process with the storage locations and configure your `isle daemon` process with the storage locations and
capacities you want to contribute. capacities you want to contribute.
## Edit `daemon.yml` ## Edit `daemon.yml`
@ -31,13 +31,13 @@ storage:
allocations: allocations:
# 1.2 TB are being shared from drive1 # 1.2 TB are being shared from drive1
- data_path: /mnt/drive1/cryptic-net/data - data_path: /mnt/drive1/isle/data
meta_path: /mnt/drive1/cryptic-net/meta meta_path: /mnt/drive1/isle/meta
capacity: 1200 capacity: 1200
# 100 GB (the minimum) are being shared from drive2 # 100 GB (the minimum) are being shared from drive2
- data_path: /mnt/drive2/cryptic-net/data - data_path: /mnt/drive2/isle/data
meta_path: /mnt/drive2/cryptic-net/meta meta_path: /mnt/drive2/isle/meta
capacity: 100 capacity: 100
``` ```
@ -48,17 +48,17 @@ is properly set up for providing storage.
## Restart the Daemon ## Restart the Daemon
With the `daemon.yml` configured, you should restart your `cryptic-net daemon` With the `daemon.yml` configured, you should restart your `isle daemon`
process. process.
The `cryptic-net daemon` will automatically allow the ports used for your The `isle daemon` will automatically allow the ports used for your
storage allocations in the vpn firewall. storage allocations in the vpn firewall.
## Further Reading ## Further Reading
cryptic-net uses the [garage][garage] project for its storage system. See the Isle uses the [garage][garage] project for its storage system. See the
[Managing Garage](managing-garage.md) document for more [Managing Garage](managing-garage.md) document for more
information on how to interact directly with the garage instance being run by information on how to interact directly with the garage instance being run by
cryptic-net. isle.
[garage]: https://garagehq.deuxfleurs.fr/documentation/quick-start/ [garage]: https://garagehq.deuxfleurs.fr/documentation/quick-start/

View File

@ -10,29 +10,28 @@ the host's firewall, and the VPN firewall.
## VPN Firewall ## VPN Firewall
cryptic-net uses the [nebula](https://github.com/slackhq/nebula) project to Isle uses the [nebula](https://github.com/slackhq/nebula) project to
provide its VPN layer. Nebula ships with its own [builtin provide its VPN layer. Nebula ships with its own [builtin
firewall](https://nebula.defined.net/docs/config/firewall), which only applies firewall](https://nebula.defined.net/docs/config/firewall), which only applies
to connections coming in over the virtual network interface which it creates. to connections coming in over the virtual network interface which it creates.
This firewall can be manually configured as part of cryptic-net's This firewall can be manually configured as part of isle's
[`daemon.yml`](../user/creating-a-daemonyml-file.md) file. [`daemon.yml`](../user/creating-a-daemonyml-file.md) file.
Any storage instances which are defined as part of the `daemon.yml` file will Any storage instances which are defined as part of the `daemon.yml` file will
have their network ports automatically added to the VPN firewall by cryptic-net. have their network ports automatically added to the VPN firewall by isle.
This means that you only need to configure the VPN firewall if you are hosting This means that you only need to configure the VPN firewall if you are hosting
services for your cryptic network besides storage. services for your isle network besides storage.
## Host Firewall ## Host Firewall
The host you are running cryptic-net on will almost definitely have a firewall The host you are running isle on will almost definitely have a firewall
running, separate from the VPN firewall. If you wish to provide services for running, separate from the VPN firewall. If you wish to provide services for
your cryptic network from your host, you will need to allow their ports in your your isle network from your host, you will need to allow their ports in your
host's firewall. host's firewall.
**cryptic-net does _not_ automatically configure your host's firewall to any **isle does _not_ automatically configure your host's firewall to any extent!**
extent!**
One option is to open your host to all traffic from your cryptic network, and One option is to open your host to all traffic from your isle network, and
allow the VPN firewall to be fully responsible for filtering traffic. To do this allow the VPN firewall to be fully responsible for filtering traffic. To do this
on Linux using iptables, for example, you would add something like this to your on Linux using iptables, for example, you would add something like this to your
iptables configuration: iptables configuration:

View File

@ -1,11 +1,11 @@
# Managing Garage # Managing Garage
The garage project provides the network storage component for The garage project provides the network storage component for
cryptic-net. If you're reading this document then you would likely benefit Isle. If you're reading this document then you would likely benefit
greatly from reading the [garage documentation][garage] on their website. It's greatly from reading the [garage documentation][garage] on their website. It's
extremely well written and concise. extremely well written and concise.
Note that the `cryptic-net daemon` process will handle all setup steps described Note that the `isle daemon` process will handle all setup steps described
in that documentation, but it's still good to have an understanding of how in that documentation, but it's still good to have an understanding of how
garage works and what it can do. garage works and what it can do.
@ -13,12 +13,12 @@ garage works and what it can do.
## Garage Runtime Note ## Garage Runtime Note
There is an important thing to note regarding how cryptic-net runs garage. As There is an important thing to note regarding how isle runs garage. As
described in the [Contributing Storage](contributing-storage.md) document, a described in the [Contributing Storage](contributing-storage.md) document, a
single `cryptic-net daemon` process can be configured to provide any number of single `isle daemon` process can be configured to provide any number of
storage allocations. storage allocations.
For each allocation which is configured, `cryptic-net daemon` will configure and For each allocation which is configured, `isle daemon` will configure and
run a separate `garage server` instance as a sub-process. Each garage will use run a separate `garage server` instance as a sub-process. Each garage will use
the host's name as its zone in the garage cluster layout, which means that the the host's name as its zone in the garage cluster layout, which means that the
cluster will prefer to not replicate the same data within the same host, but may cluster will prefer to not replicate the same data within the same host, but may
@ -26,14 +26,14 @@ do so if necessary.
## Garage CLI ## Garage CLI
Every `cryptic-net` binary contains a full `garage` binary embedded into it. Every `isle` binary contains a full `garage` binary embedded into it.
This binary can be accessed directly like so: This binary can be accessed directly like so:
``` ```
sudo cryptic-net garage cli <subcmd> <args> sudo isle garage cli <subcmd> <args>
``` ```
Before handing off execution to the `garage` binary, the `cryptic-net` process Before handing off execution to the `garage` binary, the `isle` process
will automatically set up the RPC host and secret environment variables. will automatically set up the RPC host and secret environment variables.
If the host which is running the command has more than one allocation If the host which is running the command has more than one allocation
@ -47,7 +47,7 @@ connected to.
To display the current layout of the garage cluster: To display the current layout of the garage cluster:
``` ```
sudo cryptic-net garage cli layout show sudo isle garage cli layout show
``` ```
**(DO NOT CHANGE THE CLUSTER LAYOUT UNLESS YOU KNOW WHAT YOU'RE DOING!)** **(DO NOT CHANGE THE CLUSTER LAYOUT UNLESS YOU KNOW WHAT YOU'RE DOING!)**
@ -55,11 +55,11 @@ sudo cryptic-net garage cli layout show
To create a new bucket: To create a new bucket:
``` ```
sudo cryptic-net garage cli bucket create new-bucket sudo isle garage cli bucket create new-bucket
``` ```
To list existing buckets: To list existing buckets:
``` ```
sudo cryptic-net garage cli bucket list sudo isle garage cli bucket list
``` ```

View File

@ -31,17 +31,17 @@ automatically serves DNS queries, unless set to not do so in `daemon.yml`.
### Install sub-command ### Install sub-command
It would be great to have a `cryptic-net install` sub-command which would It would be great to have a `isle install` sub-command which would
auto-detect the installed operating system and install the daemon automatically. auto-detect the installed operating system and install the daemon automatically.
### Web server + interface ### Web server + interface
One idea is to have every `cryptic-net daemon` run a webserver as one of its One idea is to have every `isle daemon` run a webserver as one of its
sub-processes. This server could serve multiple functions: sub-processes. This server could serve multiple functions:
- [Gateway service](./dev/gateway.md). - [Gateway service](./dev/gateway.md).
- Local interface for the `cryptic-net daemon` process. For example, status and - Local interface for the `isle daemon` process. For example, status and
connectivity information for the local host could be provided via a simple web connectivity information for the local host could be provided via a simple web
interface, which the user can open in their browser. This saves us the effort interface, which the user can open in their browser. This saves us the effort
of needing to develop UIs for individual OSs. This could also make remotely of needing to develop UIs for individual OSs. This could also make remotely
@ -65,7 +65,7 @@ needed would be:
### Don't run as root ### Don't run as root
It's currently a pretty hard requirement for `cryptic-net daemon` to run as It's currently a pretty hard requirement for `isle daemon` to run as
root. This is due to: root. This is due to:
- nebula's network interface root to be started. - nebula's network interface root to be started.
@ -73,7 +73,7 @@ root. This is due to:
- dnsmasq listening on port 53, generally a protected port. - dnsmasq listening on port 53, generally a protected port.
If we can't figure out how to get these things running from the start as If we can't figure out how to get these things running from the start as
non-privileged users, we at least need to get cryptic-net to drop priveleges non-privileged users, we at least need to get isle to drop privileges
from root after initial startup. from root after initial startup.
### Plugins ### Plugins

View File

@ -3,7 +3,7 @@
pkgs ? (import ../nix/pkgs.nix).pkgs, pkgs ? (import ../nix/pkgs.nix).pkgs,
}: pkgs.mkShell { }: pkgs.mkShell {
name = "cryptic-net-build-docs"; name = "isle-build-docs";
buildInputs = [ pkgs.plantuml ]; buildInputs = [ pkgs.plantuml ];
shellHook = '' shellHook = ''

View File

@ -1,6 +1,6 @@
# Creating a daemon.yml File # Creating a daemon.yml File
The `cryptic-net daemon` process has generally sane defaults and does not need The `isle daemon` process has generally sane defaults and does not need
to be configured for most users. This document describes how to use the to be configured for most users. This document describes how to use the
`daemon.yml` file to handle those cases where configuration is necessary. `daemon.yml` file to handle those cases where configuration is necessary.
@ -10,11 +10,11 @@ First, create a `daemon.yml` file. You can create a new `daemon.yml` with
default values filled in by doing: default values filled in by doing:
``` ```
cryptic-net daemon --dump-config > /path/to/daemon.yml isle daemon --dump-config > /path/to/daemon.yml
``` ```
If you open that file in a text editor you can view all default values that If you open that file in a text editor you can view all default values that
`cryptic-net daemon` ships with, as well as documentation for all configurable `isle daemon` ships with, as well as documentation for all configurable
parameters. Feel free to edit this file as needed. parameters. Feel free to edit this file as needed.
## Using daemon.yml ## Using daemon.yml
@ -23,10 +23,10 @@ With the `daemon.yml` created and configured, you can configure your daemon
process to use it by passing it as the `--config-path` argument: process to use it by passing it as the `--config-path` argument:
``` ```
sudo cryptic-net daemon --config-path /path/to/daemon.yml sudo isle daemon --config-path /path/to/daemon.yml
``` ```
If you are an operator then your host should be running its `cryptic-net daemon` If you are an operator then your host should be running its `isle daemon`
process in systemd (see [Getting Started](getting-started.md) if process in systemd (see [Getting Started](getting-started.md) if
not), and you will need to modify the service file accordingly. not), and you will need to modify the service file accordingly.

View File

@ -1,7 +1,7 @@
# Getting Started # Getting Started
This document will guide you through the process of obtaining a cryptic-net This document will guide you through the process of obtaining an isle
binary and joining the network. binary and joining a network.
NOTE currently only linux machines with the following architectures are NOTE currently only linux machines with the following architectures are
supported: supported:
@ -15,7 +15,7 @@ supported:
More OSs and architectures coming soon! More OSs and architectures coming soon!
## Obtaining a cryptic-net Binary ## Obtaining an isle Binary
Every host can have a binary built for it which has all configuration for that Every host can have a binary built for it which has all configuration for that
host embedded directly into it. Such binaries require no extra configuration by host embedded directly into it. Such binaries require no extra configuration by
@ -28,7 +28,7 @@ Note that if you'd like to join the network on multiple devices, each device
will needs its own binary, so be sure to tell your admin how many you want to will needs its own binary, so be sure to tell your admin how many you want to
add and their names. add and their names.
### Obtaining a cryptic-net Binary, the Hard Way ### Obtaining an isle Binary, the Hard Way
Alternatively, you can build your own binary by running the following from the Alternatively, you can build your own binary by running the following from the
project's root: project's root:
@ -37,7 +37,7 @@ project's root:
nix-build -A appImage nix-build -A appImage
``` ```
(*NOTE* Dependencies of `cryptic-net` seemingly compile all of musl and rust (*NOTE* Dependencies of `isle` seemingly compile all of musl and rust
from scratch (it's not clear why, blame garage!). If you have not otherwise from scratch (it's not clear why, blame garage!). If you have not otherwise
configured it, nix might be using a tmpfs as its build directory, and the configured it, nix might be using a tmpfs as its build directory, and the
capacity of this tmpfs will probably be exceeded by this build. You can change capacity of this tmpfs will probably be exceeded by this build. You can change
@ -59,7 +59,7 @@ Once you have a binary, you will need to run the `daemon` sub-command as the
root user. This can most easily be done using the `sudo` command, in a terminal: root user. This can most easily be done using the `sudo` command, in a terminal:
``` ```
sudo /path/to/cryptic-net daemon sudo /path/to/isle daemon
``` ```
This will start the daemon process, which will keep running until you kill it This will start the daemon process, which will keep running until you kill it
@ -83,12 +83,12 @@ Rather than running the daemon manually, you can install it as a systemd
service. This way your daemon will automatically start in the background on service. This way your daemon will automatically start in the background on
startup, and will be restarted if it has any issues. startup, and will be restarted if it has any issues.
To do so, create a file at `/etc/systemd/system/cryptic-net.service` with the To do so, create a file at `/etc/systemd/system/isle.service` with the
following contents: following contents:
``` ```
[Unit] [Unit]
Description=cryptic-net Description=isle
Requires=network.target Requires=network.target
After=network.target After=network.target
@ -96,13 +96,13 @@ After=network.target
Restart=always Restart=always
RestartSec=1s RestartSec=1s
User=root User=root
ExecStart=/path/to/cryptic-net daemon ExecStart=/path/to/isle daemon
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
``` ```
Remember to change the `/path/to/cryptic-net` part to the actual absolute path Remember to change the `/path/to/isle` part to the actual absolute path
to your binary! to your binary!
Once created, perform the following commands in a terminal to enable the Once created, perform the following commands in a terminal to enable the
@ -110,17 +110,17 @@ service:
``` ```
sudo systemctl daemon-reload sudo systemctl daemon-reload
sudo systemctl enable --now cryptic-net sudo systemctl enable --now isle
``` ```
You can check the service's status by doing: You can check the service's status by doing:
``` ```
sudo systemctl status cryptic-net sudo systemctl status isle
``` ```
and you can view its full logs by doing: and you can view its full logs by doing:
``` ```
sudo journalctl -lu cryptic-net sudo journalctl -lu isle
``` ```

View File

@ -1,6 +1,6 @@
# Using DNS # Using DNS
Every `cryptic-net daemon` process ships with a DNS server which runs Every `isle daemon` process ships with a DNS server which runs
automatically. This server will listen on port 53 on the VPN IP of that automatically. This server will listen on port 53 on the VPN IP of that
particular host. particular host.
@ -13,14 +13,14 @@ server will forward the request to a pre-configured public resolver. The set of
public resolvers used can be configured using the public resolvers used can be configured using the
[daemon.yml](creating-a-daemonyml-file.md) file. [daemon.yml](creating-a-daemonyml-file.md) file.
This DNS server is an optional feature of cryptic-net, and not required in This DNS server is an optional feature of Isle, and not required in general for
general for making use of the network. making use of the network.
## Example ## Example
As an example of how to make use of this DNS server, let's say my host's IP on As an example of how to make use of this DNS server, let's say my host's IP on
the network is `10.10.1.1`, and my network's domain is `cool.internal`. the network is `10.10.1.1`, and my network's domain is `cool.internal`.
In order to configure the host to use the cryptic-net DNS server for all DNS In order to configure the host to use the isle DNS server for all DNS
requests, I could do something like this: requests, I could do something like this:
``` ```
@ -28,7 +28,7 @@ sudo su
echo "nameserver 10.10.1.1" > /etc/resolv.conf echo "nameserver 10.10.1.1" > /etc/resolv.conf
``` ```
From that point, all DNS requests on my host would hit the cryptic-net DNS From that point, all DNS requests on my host would hit the isle DNS
server. If I request `my-host.hosts.cool.internal`, it would respond with the server. If I request `my-host.hosts.cool.internal`, it would respond with the
appropriate private IP. appropriate private IP.

View File

@ -2,8 +2,8 @@
package admin package admin
import ( import (
"cryptic-net/garage" "isle/garage"
"cryptic-net/nebula" "isle/nebula"
"io" "io"
"gopkg.in/yaml.v3" "gopkg.in/yaml.v3"

View File

@ -3,9 +3,9 @@
package bootstrap package bootstrap
import ( import (
"cryptic-net/admin" "isle/admin"
"cryptic-net/garage" "isle/garage"
"cryptic-net/nebula" "isle/nebula"
"crypto/sha512" "crypto/sha512"
"fmt" "fmt"
"io" "io"

View File

@ -1,7 +1,7 @@
package bootstrap package bootstrap
import ( import (
"cryptic-net/garage" "isle/garage"
) )
// GaragePeers returns a Peer for each known garage instance in the network. // GaragePeers returns a Peer for each known garage instance in the network.

View File

@ -3,8 +3,8 @@ package bootstrap
import ( import (
"bytes" "bytes"
"context" "context"
"cryptic-net/garage" "isle/garage"
"cryptic-net/nebula" "isle/nebula"
"fmt" "fmt"
"path/filepath" "path/filepath"
"strings" "strings"

View File

@ -2,7 +2,7 @@ package bootstrap
import ( import (
"bytes" "bytes"
"cryptic-net/nebula" "isle/nebula"
"fmt" "fmt"
"net" "net"
"strings" "strings"

View File

@ -2,15 +2,15 @@ package main
import ( import (
"context" "context"
"cryptic-net/admin"
"cryptic-net/bootstrap"
"cryptic-net/daemon"
"cryptic-net/garage"
"cryptic-net/nebula"
"crypto/rand" "crypto/rand"
"encoding/hex" "encoding/hex"
"errors" "errors"
"fmt" "fmt"
"isle/admin"
"isle/bootstrap"
"isle/daemon"
"isle/garage"
"isle/nebula"
"net" "net"
"os" "os"
"strings" "strings"
@ -50,7 +50,7 @@ func readAdmin(path string) (admin.Admin, error) {
var subCmdAdminCreateNetwork = subCmd{ var subCmdAdminCreateNetwork = subCmd{
name: "create-network", name: "create-network",
descr: "Creates a new cryptic network, outputting the resulting admin.yml to stdout", descr: "Creates a new isle network, outputting the resulting admin.yml to stdout",
do: func(subCmdCtx subCmdCtx) error { do: func(subCmdCtx subCmdCtx) error {
flags := subCmdCtx.flagSet(false) flags := subCmdCtx.flagSet(false)
@ -237,7 +237,7 @@ var subCmdAdminCreateNetwork = subCmd{
err = garageInitializeGlobalBucket(ctx, logger, hostBootstrap, daemonConfig) err = garageInitializeGlobalBucket(ctx, logger, hostBootstrap, daemonConfig)
if cErr := (garage.AdminClientError{}); errors.As(err, &cErr) && cErr.StatusCode == 409 { if cErr := (garage.AdminClientError{}); errors.As(err, &cErr) && cErr.StatusCode == 409 {
return fmt.Errorf("shared global bucket has already been created, are the storage allocations from a previously initialized cryptic-net being used?") return fmt.Errorf("shared global bucket has already been created, are the storage allocations from a previously initialized isle being used?")
} else if err != nil { } else if err != nil {
return fmt.Errorf("initializing garage shared global bucket: %w", err) return fmt.Errorf("initializing garage shared global bucket: %w", err)

View File

@ -1,7 +1,7 @@
package main package main
import ( import (
"cryptic-net/bootstrap" "isle/bootstrap"
"errors" "errors"
"fmt" "fmt"
"io/fs" "io/fs"

View File

@ -10,16 +10,16 @@ import (
"sync" "sync"
"time" "time"
"cryptic-net/bootstrap" "isle/bootstrap"
"cryptic-net/daemon" "isle/daemon"
"code.betamike.com/micropelago/pmux/pmuxlib" "code.betamike.com/micropelago/pmux/pmuxlib"
"github.com/mediocregopher/mediocre-go-lib/v2/mctx" "github.com/mediocregopher/mediocre-go-lib/v2/mctx"
"github.com/mediocregopher/mediocre-go-lib/v2/mlog" "github.com/mediocregopher/mediocre-go-lib/v2/mlog"
) )
// The daemon sub-command deals with starting an actual cryptic-net daemon // The daemon sub-command deals with starting an actual isle daemon
// process, which is required to be running for most other cryptic-net // process, which is required to be running for most other Isle
// functionality. The sub-command does the following: // functionality. The sub-command does the following:
// //
// * Creates and locks the runtime directory. // * Creates and locks the runtime directory.
@ -196,7 +196,7 @@ func runDaemonPmuxOnce(
var subCmdDaemon = subCmd{ var subCmdDaemon = subCmd{
name: "daemon", name: "daemon",
descr: "Runs the cryptic-net daemon (Default if no sub-command given)", descr: "Runs the isle daemon (Default if no sub-command given)",
do: func(subCmdCtx subCmdCtx) error { do: func(subCmdCtx subCmdCtx) error {
flags := subCmdCtx.flagSet(false) flags := subCmdCtx.flagSet(false)
@ -213,7 +213,7 @@ var subCmdDaemon = subCmd{
bootstrapPath := flags.StringP( bootstrapPath := flags.StringP(
"bootstrap-path", "b", "", "bootstrap-path", "b", "",
`Path to a bootstrap.yml file. This only needs to be provided the first time the daemon is started, after that it is ignored. If the cryptic-net binary has a bootstrap built into it then this argument is always optional.`, `Path to a bootstrap.yml file. This only needs to be provided the first time the daemon is started, after that it is ignored. If the isle binary has a bootstrap built into it then this argument is always optional.`,
) )
logLevelStr := flags.StringP( logLevelStr := flags.StringP(

View File

@ -2,9 +2,9 @@ package main
import ( import (
"context" "context"
"cryptic-net/bootstrap" "isle/bootstrap"
"cryptic-net/daemon" "isle/daemon"
"cryptic-net/garage" "isle/garage"
"fmt" "fmt"
"time" "time"
) )

View File

@ -1,9 +1,9 @@
package main package main
import ( import (
"cryptic-net/bootstrap" "isle/bootstrap"
"cryptic-net/daemon" "isle/daemon"
"cryptic-net/dnsmasq" "isle/dnsmasq"
"fmt" "fmt"
"path/filepath" "path/filepath"
"sort" "sort"

View File

@ -9,7 +9,7 @@ import (
var subCmdGarageMC = subCmd{ var subCmdGarageMC = subCmd{
name: "mc", name: "mc",
descr: "Runs the mc (minio-client) binary. The cryptic-net garage can be accessed under the `garage` alias", descr: "Runs the mc (minio-client) binary. The isle garage can be accessed under the `garage` alias",
checkLock: true, checkLock: true,
do: func(subCmdCtx subCmdCtx) error { do: func(subCmdCtx subCmdCtx) error {
@ -82,7 +82,7 @@ var subCmdGarageMC = subCmd{
var subCmdGarageCLI = subCmd{ var subCmdGarageCLI = subCmd{
name: "cli", name: "cli",
descr: "Runs the garage binary, automatically configured to point to the garage sub-process of a running cryptic-net daemon", descr: "Runs the garage binary, automatically configured to point to the garage sub-process of a running isle daemon",
checkLock: true, checkLock: true,
do: func(subCmdCtx subCmdCtx) error { do: func(subCmdCtx subCmdCtx) error {
@ -114,7 +114,7 @@ var subCmdGarageCLI = subCmd{
var subCmdGarage = subCmd{ var subCmdGarage = subCmd{
name: "garage", name: "garage",
descr: "Runs the garage binary, automatically configured to point to the garage sub-process of a running cryptic-net daemon", descr: "Runs the garage binary, automatically configured to point to the garage sub-process of a running isle daemon",
do: func(subCmdCtx subCmdCtx) error { do: func(subCmdCtx subCmdCtx) error {
return subCmdCtx.doSubCmd( return subCmdCtx.doSubCmd(
subCmdGarageCLI, subCmdGarageCLI,

View File

@ -2,9 +2,9 @@ package main
import ( import (
"context" "context"
"cryptic-net/bootstrap" "isle/bootstrap"
"cryptic-net/daemon" "isle/daemon"
"cryptic-net/garage" "isle/garage"
"fmt" "fmt"
"net" "net"
"path/filepath" "path/filepath"

View File

@ -1,7 +1,7 @@
package main package main
import ( import (
"cryptic-net/bootstrap" "isle/bootstrap"
"errors" "errors"
"fmt" "fmt"
"os" "os"

View File

@ -12,7 +12,7 @@ import (
"github.com/mediocregopher/mediocre-go-lib/v2/mlog" "github.com/mediocregopher/mediocre-go-lib/v2/mlog"
) )
// The purpose of this binary is to act as the entrypoint of the cryptic-net // The purpose of this binary is to act as the entrypoint of the isle
// process. It processes the command-line arguments which are passed in, and // process. It processes the command-line arguments which are passed in, and
// then passes execution along to an appropriate binary housed in AppDir/bin // then passes execution along to an appropriate binary housed in AppDir/bin
// (usually a bash script, which is more versatile than a go program). // (usually a bash script, which is more versatile than a go program).

View File

@ -2,10 +2,10 @@ package main
import ( import (
"context" "context"
"cryptic-net/bootstrap"
"cryptic-net/daemon"
"cryptic-net/yamlutil"
"fmt" "fmt"
"isle/bootstrap"
"isle/daemon"
"isle/yamlutil"
"net" "net"
"path/filepath" "path/filepath"
@ -68,7 +68,7 @@ func nebulaPmuxProcConfig(
"respond": true, "respond": true,
}, },
"tun": map[string]interface{}{ "tun": map[string]interface{}{
"dev": "cryptic-net-nebula", "dev": "isle-tun",
}, },
"firewall": daemonConfig.VPN.Firewall, "firewall": daemonConfig.VPN.Firewall,
} }

View File

@ -13,7 +13,7 @@ import (
"github.com/shirou/gopsutil/process" "github.com/shirou/gopsutil/process"
) )
var errDaemonNotRunning = errors.New("no cryptic-net daemon process running") var errDaemonNotRunning = errors.New("no isle daemon process running")
func lockFilePath() string { func lockFilePath() string {
return filepath.Join(envRuntimeDirPath, "lock") return filepath.Join(envRuntimeDirPath, "lock")
@ -29,7 +29,7 @@ func writeLock() error {
if errors.Is(err, os.ErrExist) { if errors.Is(err, os.ErrExist) {
return fmt.Errorf( return fmt.Errorf(
"lock file %q already exists, if the cryptic-net daemon is not already running you can safely delete this file", "lock file %q already exists, if the isle daemon is not already running you can safely delete this file",
lockFilePath, lockFilePath,
) )

View File

@ -1,11 +1,11 @@
// Package daemon contains types and functions related specifically to the // Package daemon contains types and functions related specifically to the
// cryptic-net daemon. // isle daemon.
package daemon package daemon
import ( import (
"cryptic-net/yamlutil"
"fmt" "fmt"
"io" "io"
"isle/yamlutil"
"os" "os"
"path/filepath" "path/filepath"

View File

@ -1,4 +1,4 @@
module cryptic-net module isle
go 1.17 go 1.17

View File

@ -159,7 +159,7 @@ func NewCACredentials(domain string, subnet *net.IPNet) (CACredentials, error) {
caCert := cert.NebulaCertificate{ caCert := cert.NebulaCertificate{
Details: cert.NebulaCertificateDetails{ Details: cert.NebulaCertificateDetails{
Name: fmt.Sprintf("%s cryptic-net root cert", domain), Name: fmt.Sprintf("%s isle root cert", domain),
Subnets: []*net.IPNet{subnet}, Subnets: []*net.IPNet{subnet},
NotBefore: now, NotBefore: now,
NotAfter: expireAt, NotAfter: expireAt,

View File

@ -1,5 +1,5 @@
{ {
description = "cryptic-net provides the foundation for an autonomous community cloud infrastructure"; description = "isle provides the foundation for an autonomous community cloud infrastructure";
outputs = { outputs = {
self, self,
@ -19,7 +19,7 @@
defaultAttrs.appImage defaultAttrs.appImage
); );
pkgsForBuildSystem = (buildSystem: { pkgsForBuildSystem = (buildSystem: {
default = mkPkg buildSystem buildSystem; default = mkPkg buildSystem buildSystem;
}); });

View File

@ -16,14 +16,14 @@
}).appImage; }).appImage;
in pkgs.stdenv.mkDerivation { in pkgs.stdenv.mkDerivation {
name = "cryptic-net-release-${hostSystem}"; name = "isle-release-${hostSystem}";
inherit releaseName appImage hostSystem; inherit releaseName appImage hostSystem;
builder = builtins.toFile "build.sh" '' builder = builtins.toFile "build.sh" ''
source $stdenv/setup source $stdenv/setup
mkdir -p "$out"/ mkdir -p "$out"/
cp "$appImage"/bin/cryptic-net "$out"/cryptic-net-$releaseName-$hostSystem cp "$appImage"/bin/isle "$out"/isle-$releaseName-$hostSystem
''; '';
}; };
@ -32,7 +32,7 @@
in in
pkgs.stdenv.mkDerivation { pkgs.stdenv.mkDerivation {
name = "cryptic-net-release-${releaseName}"; name = "isle-release-${releaseName}";
inherit releases; inherit releases;
nativeBuildInputs = [ pkgs.coreutils ]; nativeBuildInputs = [ pkgs.coreutils ];
@ -42,7 +42,7 @@ in
mkdir -p "$out" mkdir -p "$out"
for p in $releases; do for p in $releases; do
cp "$p"/cryptic-net-* "$out"/ cp "$p"/isle-* "$out"/
done done
(cd "$out" && sha256sum * > sha256.txt) (cd "$out" && sha256sum * > sha256.txt)