|4 days ago||15 days ago|
|MIT License||GNU General Public License v3.0 or later|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
How to mount Network shares for mobile devices like laptops
1 project | reddit.com/r/commandline | 17 Nov 2021
One solution is to run Nebula on both my laptop and the server. This establishes a persistent "overlay" network with its own addressing. I have my server export NFS over the Nebula interface, and the laptop uses the Nebula address to mount it. This way, the laptop can always mount the server's shares, regardless of where it is on the Internet relative to the server. Since the shares are always mountable, I can configure them in /etc/fstab and not worry about automounting.
What has two thumbwheels and is fully functional?
2 projects | reddit.com/r/teslamotors | 3 Nov 2021
As a computer security expert, I coauthored Nebula (https://github.com/slackhq/nebula), the global-scale encrypted mesh networking tool used to securely connect hundreds of thousands of hosts worldwide. I use Nebula in my personal networks, including passing this traffic.
How many of you use SSH to manage your server?
6 projects | reddit.com/r/selfhosted | 5 Oct 2021
I'm using Slack Nebula as a simple VPN mechanism. Nebula is how I network all of my computers together. It works 90% of the time (until you have other VPNs on, like work VPNs, then it can get confused, but hey).
I am tired of people in this sub treating VPN as "the golden hammer"
8 projects | reddit.com/r/selfhosted | 2 Oct 2021
You should add Nebula to the list, essentially zerotier but open source.
Smb over wireguard/tailscale/openvpn slow try nebula
1 project | reddit.com/r/sysadmin | 2 Oct 2021
I currently have reasons for using smb over long distances which introduces latency and was struggling to get speeds faster than dialup. Every forum and reddit posts suggest MTU and optimizing things.. I couldn't get it work no matter what I did. So I setup my own Nebula lighthouse node mesh network (a lot like tailscaile but self hosted) and tried smb over that network instead. I was instantly able to saturate my bandwidth. Hope this helps
Wg-access-server: An all-in-one WireGuard VPN solution with a web UI
7 projects | news.ycombinator.com | 1 Oct 2021
Have you looked into https://github.com/slackhq/nebula? It uses X509 cert for auth.
Although for my home lab, using X509 is more of a minus than a plus due to complexity involved.
all ports blocked by my ISP
2 projects | reddit.com/r/WireGuard | 25 Sep 2021
Zerotier – multiple vulnerabilities allow access to private network
2 projects | news.ycombinator.com | 20 Sep 2021
Headscale: Open-source implementation of the Tailscale control server
12 projects | news.ycombinator.com | 17 Sep 2021
Another similar project to Tailscale, for those in the market:
Crazy simple, fully open source, trivial to self-host. Maybe not as featureful as Tailscale, but imo that can be a feature unto itself.
Tailscale free for open source projects
7 projects | news.ycombinator.com | 17 Sep 2021
As other have suggested, Nebula (https://github.com/slackhq/nebula) is pretty elegant. It has groups-based access built in which is extremely convenient.
You can bolt-on SSO fairly easily - just create a certificate signing service. I created https://github.com/unreality/nebula-mesh-admin in a weekend, so its fairly easy to add a SSO flow in.
there's no hiding from the machine. but your mom doesn't need to know that waluigi hentai makes you squirm
2 projects | reddit.com/r/AdviceAnimals | 20 Nov 2021
This may also interest you
Yggdrasil - полностью зашифрованная сеть IPv6 поверх существующей сети интернет.
1 project | reddit.com/r/MobileOverview | 6 Jul 2021
Release Version 0.4.0 · yggdrasil-network/yggdrasil-go
1 project | reddit.com/r/darknetplan | 4 Jul 20211 project | reddit.com/r/yggdrasil | 4 Jul 2021
Yggdrasil – an open source fully end-to-end encrypted IPv6 network
1 project | reddit.com/r/hackernews | 21 Jun 20211 project | news.ycombinator.com | 21 Jun 2021
List of Algorand Relay Operators
4 projects | reddit.com/r/AlgorandOfficial | 16 May 2021
https://github.com/slackhq/nebula https://github.com/yggdrasil-network/yggdrasil-go https://github.com/cjdelisle/cjdns
Release Version 0.3.16 · yggdrasil-network/yggdrasil-go
1 project | reddit.com/r/darknetplan | 19 Mar 20211 project | reddit.com/r/yggdrasil | 19 Mar 2021
What Happens Inside a 100-Hop IPv6 Wireless Mesh Network?
3 projects | news.ycombinator.com | 7 Mar 2021
There is an overview in the whitepaper: https://github.com/yggdrasil-network/yggdrasil-go/blob/maste...
It fits the "private VPN" use-case quite well in my experience. You can connect to the wider network over the Internet, or just set your nodes up. If yggdrasil is installed on every router, it automatically creates a nice network topology, since it finds peers on the local subnet. Router advertising is also a possibility.
Though there's no real drawback to connecting to the wider network since it's end-to-end encrypted, you have to be aware that specifying more than one peer will make it possible for traffic to be routed trough you, so the whole network performance can be sensitive to the choices that are made when peering over the Internet, as I think hop count is the only metric for now.
For private meshes, I don't think you can specify fallback peer addresses over the Internet, so you have a bit of the same risk here. I've seen some info on mesh wireguard networks with peer information stored in DNS at this year's FOSDEM, but that's currently definitely more configuration than yggdrasil.
End-to-end encryption and the ability to generate your own static, roaming-compatible IPs is nice. I just wish one could open sockets directly with a crypto key rather than the derivated IP.
For more discussion, I can really recommend the Matrix chat room :)
What are some alternatives?
ZeroTier - A Smart Ethernet Switch for Earth
tailscale - The easiest, most secure way to use WireGuard and 2FA.
tinc - a VPN daemon
netmaker - Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Pritunl - Enterprise VPN server
SoftEther - Cross-platform multi-protocol VPN software. Pull requests are welcome. The stable version is available at https://github.com/SoftEtherVPN/SoftEtherVPN_Stable.
headscale - An open source, self-hosted implementation of the Tailscale control server
wg-access-server - An all-in-one WireGuard VPN solution with a web ui for connecting devices
OpenVPN - OpenVPN is an open source VPN daemon
openvpn-install - OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora
pivpn - The Simplest VPN installer, designed for Raspberry Pi
cjdns - An encrypted IPv6 network using public-key cryptography for address allocation and a distributed hash table for routing.