isle/docs/operator/contributing-a-lighthouse.md

1.5 KiB

Contributing a Lighthouse

The nebula project provides the VPN component which is used by Isle. Every nebula network requires at least one (but preferably more) publicly accessible hosts. These hosts are called lighthouses.

Lighthouses do not route traffic between hosts on the VPN. Rather, they coordinate VPN hosts to talk directly to each other, and handle the details of NAT punching through any NATs that hosts might be behind. As such, they are very lightweight to run, and require no storage resources at all.

If your host machine has a public static IP, or a dynamic public IP with dDNS set up, then it can contribute a lighthouse.

Setup network

The first step is to pick a UDP port you will expose the lighthouse on. It doesn't really matter which port you pick, but a number over 1024 is recommended.

If your host is behind a NAT, ensure that the gateway is setup to forward UDP traffic on that port to your host.

Configure your host's firewall to allow all UDP traffic on that port.

Edit daemon.yml

Open your /etc/isle/daemon.yml file in a text editor, and find the vpn.public_addr field. Update that field to reflect your host's IP/DNS name and your chosen UDP port.

Restart the Daemon

With the daemon.yml configured, you should restart your isle daemon process. On startup the daemon will add its public address to the global configuration, which other hosts will pick up on and begin using.