manifold new node procedure

Background

Manifold is a vpn shared betweem me and several close friends. This page is only used as a suggested procedure to add somebody new into manifold. Notice this vpn is friend-to-friend only. Stop reading this page if you are not invited.

Suggested steps under *nix

1. Install tinc on your machine. Assume your tinc configuration is in /etc/tinc.
2. Our network is called manifold, mkdir /etc/tinc/manifold.
3. Our public keys are in git, git clone gitolite3@soso:manifold /etc/tinc/manifold/hosts. If you do not know the ip of soso, consult me.
4. Make /etc/tinc/manifold/tinc.conf
   • Come up with a good name for your node, say 'moon', put 'Name = moon' into /etc/tinc/manifold/tinc.conf.
   • Put 'ConnectTo = sun' in tinc.conf, 'sun' being your gateway node (as a first hop) to get connected, consult me to figure out what to write in place of 'sun' if you do not know.
   • Put 'Mode = switch' in, make sure there is a newline below.
5. Generate private/public key pairs with 'tincd -n manifold -K', the default option is verified to work.
6. Modify /etc/tinc/manifold/hosts/moon (replace moon with what you have chosen).
   • Add Address = YOUR IP in moon, if you have a permanent ip addresses. If you have multiple v4 and v6 permanent addresses, add them all.
   • If you are behind a NAT that is not UDP friendly, add TCPOnly = yes into moon.
   • Do not touch public key section, add new lines above that.
   • Commit your new node into git, git add moon, git commit, git push.
7. Make an executable /etc/tinc/manifold/tinc-up, in which it brings up the interface (accessible via $INTERFACE, usually manifold), and set private ip address (consult me if you do not know your ip inside manifold).
8. Make an executable /etc/tinc/manifold/tinc-down, in which it brings down the interface.
9. Call me and let's test if it works :D