dockerfiles/tinc/arm/README.md

tinc-client
===========

```
[root@alarmpi ~]# mkdir -p /etc/tinc/netname/hosts

[root@alarmpi ~]# cat > /etc/tinc/netname/tinc.conf
Name = alarmpi
Interface = tun0
ConnectTo = server

[root@alarmpi ~]# cat > /etc/tinc/netname/hosts/alarmpi
Subnet = 10.0.0.2

[root@alarmpi ~]# tincd -n netname -K
Generating 2048 bits keys:
.................................................+++ p
.................................................+++ q
Done.
Please enter a file to save private RSA key to [/etc/tinc/netname/rsa_key.priv]:
Please enter a file to save public RSA key to [/etc/tinc/netname/hosts/alarmpi]:

[root@alarmpi ~]# cat > /etc/tinc/netname/tinc-up
#!/bin/sh
ip link set $INTERFACE up
ip addr add  10.0.0.2/24 dev $INTERFACE

[root@alarmpi ~]# cat > /etc/tinc/netname/tinc-down
#!/bin/sh
ip addr del 10.0.0.2/24 dev $INTERFACE
ip link set $INTERFACE down

[root@alarmpi ~]# cat > /etc/tinc/netname/hosts/server-up
#!/bin/sh
ORIGINAL_GATEWAY=`ip route show | grep ^default | cut -d ' ' -f 2-3`
ip route add $REMOTEADDRESS $ORIGINAL_GATEWAY
ip route add 0.0.0.0/1 dev $INTERFACE
ip route add 128.0.0.0/1 dev $INTERFACE

[root@alarmpi ~]# cat > /etc/tinc/netname/hosts/server-down
#!/bin/sh
ORIGINAL_GATEWAY=`ip route show | grep ^default | cut -d ' ' -f 2-3`
ip route del $REMOTEADDRESS $ORIGINAL_GATEWAY
ip route del 0.0.0.0/1 dev $INTERFACE
ip route del 128.0.0.0/1 dev $INTERFACE

[root@alarmpi ~]# chmod +x /etc/tinc/netname/tinc-{up,down}
[root@alarmpi ~]# chmod +x /etc/tinc/netname/hosts/server-{up,down}

[root@alarmpi ~]# scp /etc/tinc/netname/hosts/alarmpi root@remote-server:/etc/tinc/netname/hosts/
[root@alarmpi ~]# scp root@remote-server:/etc/tinc/netname/hosts/server /etc/tinc/netname/hosts/

[root@alarmpi ~]# tree -AF /etc/tinc/
/etc/tinc/
└── netname/
    ├── hosts/
    │   ├── alarmpi
    │   ├── server
    │   ├── server-down
    │   └── server-up
    ├── rsa_key.priv
    ├── tinc-down*
    ├── tinc-up*
    └── tinc.conf

[root@alarmpi ~]# cat > /etc/systemd/network/eth0.network
[Match]
Name=eth0

[Network]
DHCP=yes
UseDNS=false
DNS=8.8.8.8
IPMasquerade=yes

[root@alarmpi ~]# cat > /etc/sysctl.d/99-sysctl.conf
net.ipv4.ip_forward=1
net.ipv6.conf.all.disable_ipv6=1
[root@alarmpi ~]# systemctl restart systemd-sysctl

[root@alarmpi ~]# iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
[root@alarmpi ~]# iptables-save > /etc/iptables/iptables.rules
[root@alarmpi ~]# systemctl enable iptables

[root@alarmpi ~]# systemctl start tincd@netname
[root@alarmpi ~]# systemctl status tincd@netname
[root@alarmpi ~]# systemctl enable tincd@netname
```
update tinc 2016-06-10 07:13:36 +02:00			`tinc-client`
			`===========`

			```
			`[root@alarmpi ~]# mkdir -p /etc/tinc/netname/hosts`

			`[root@alarmpi ~]# cat > /etc/tinc/netname/tinc.conf`
			`Name = alarmpi`
			`Interface = tun0`
			`ConnectTo = server`

			`[root@alarmpi ~]# cat > /etc/tinc/netname/hosts/alarmpi`
			`Subnet = 10.0.0.2`

			`[root@alarmpi ~]# tincd -n netname -K`
			`Generating 2048 bits keys:`
			`.................................................+++ p`
			`.................................................+++ q`
			`Done.`
			`Please enter a file to save private RSA key to [/etc/tinc/netname/rsa_key.priv]:`
			`Please enter a file to save public RSA key to [/etc/tinc/netname/hosts/alarmpi]:`

			`[root@alarmpi ~]# cat > /etc/tinc/netname/tinc-up`
			`#!/bin/sh`
			`ip link set $INTERFACE up`
			`ip addr add 10.0.0.2/24 dev $INTERFACE`

			`[root@alarmpi ~]# cat > /etc/tinc/netname/tinc-down`
			`#!/bin/sh`
			`ip addr del 10.0.0.2/24 dev $INTERFACE`
			`ip link set $INTERFACE down`

			`[root@alarmpi ~]# cat > /etc/tinc/netname/hosts/server-up`
			`#!/bin/sh`
			ORIGINAL_GATEWAY=`ip route show \| grep ^default \| cut -d ' ' -f 2-3`
			`ip route add $REMOTEADDRESS $ORIGINAL_GATEWAY`
			`ip route add 0.0.0.0/1 dev $INTERFACE`
			`ip route add 128.0.0.0/1 dev $INTERFACE`

			`[root@alarmpi ~]# cat > /etc/tinc/netname/hosts/server-down`
			`#!/bin/sh`
			ORIGINAL_GATEWAY=`ip route show \| grep ^default \| cut -d ' ' -f 2-3`
			`ip route del $REMOTEADDRESS $ORIGINAL_GATEWAY`
			`ip route del 0.0.0.0/1 dev $INTERFACE`
			`ip route del 128.0.0.0/1 dev $INTERFACE`

			`[root@alarmpi ~]# chmod +x /etc/tinc/netname/tinc-{up,down}`
			`[root@alarmpi ~]# chmod +x /etc/tinc/netname/hosts/server-{up,down}`

			`[root@alarmpi ~]# scp /etc/tinc/netname/hosts/alarmpi root@remote-server:/etc/tinc/netname/hosts/`
			`[root@alarmpi ~]# scp root@remote-server:/etc/tinc/netname/hosts/server /etc/tinc/netname/hosts/`

			`[root@alarmpi ~]# tree -AF /etc/tinc/`
			`/etc/tinc/`
			`└── netname/`
			`├── hosts/`
			`│ ├── alarmpi`
			`│ ├── server`
			`│ ├── server-down`
			`│ └── server-up`
			`├── rsa_key.priv`
			`├── tinc-down*`
			`├── tinc-up*`
			`└── tinc.conf`

			`[root@alarmpi ~]# cat > /etc/systemd/network/eth0.network`
			`[Match]`
			`Name=eth0`

			`[Network]`
			`DHCP=yes`
			`UseDNS=false`
			`DNS=8.8.8.8`
			`IPMasquerade=yes`

			`[root@alarmpi ~]# cat > /etc/sysctl.d/99-sysctl.conf`
			`net.ipv4.ip_forward=1`
			`net.ipv6.conf.all.disable_ipv6=1`
			`[root@alarmpi ~]# systemctl restart systemd-sysctl`

			`[root@alarmpi ~]# iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE`
			`[root@alarmpi ~]# iptables-save > /etc/iptables/iptables.rules`
			`[root@alarmpi ~]# systemctl enable iptables`

			`[root@alarmpi ~]# systemctl start tincd@netname`
			`[root@alarmpi ~]# systemctl status tincd@netname`
			`[root@alarmpi ~]# systemctl enable tincd@netname`
			```