====== nebula ======

A scalable overlay networking tool with a focus on performance, simplicity and security

===== Usage =====

Generate CA with <wrap em>3 years</wrap> expiration.

<code bash>
nebula-cert ca -name "Sdvcrx" -duration 26280h0m0s  # 24 * 365 * 3h
</code>

Generate node cert and key:

<code bash>
nebula-cert sign -name nas -ip '192.168.100.xx/24' -groups home
</code>

Check cert/CA detail:

<code bash>
nebula-cert print -json -path lighthouse1.crt
</code>

===== Configuration =====

Change config to allow any inbound/outbound between any nebula hosts:

<code yaml>
  outbound:
    # Allow all outbound traffic from this node
    - port: any
      proto: any
      host: any

  inbound:
    # Allow all inbound traffic to this node.
    # [danger], make sure you know what you're doing.
    - port: any
      proto: any
      host: any
</code>

===== Reference =====

  * [[github>slackhq/nebula]]