slawek
3c665c2b6c
- Introduced debian templates for cloud-router configuration parameters. - Added simple-ca.sh script for managing a minimal Certificate Authority (CA) for IKEv2 PKI. - Created sysctl configuration to enable IP forwarding and adjust rp_filter settings. - Implemented configure script to render configuration files using Jinja2 templates. - Added simple-ca script for generating CA and certificates. - Created Jinja2 templates for various configuration files including netplan, strongSwan, and WireGuard. - Implemented UFW rules setup for IPsec and WireGuard. - Added support for road-warrior and site-to-site VPN configurations.
30 lines
1.0 KiB
Plaintext
30 lines
1.0 KiB
Plaintext
Source: cloud-router
|
|
Section: net
|
|
Priority: optional
|
|
Maintainer: Sławomir Koszewski <slawek@koszewscy.waw.pl>
|
|
Build-Depends: debhelper-compat (= 14)
|
|
Standards-Version: 4.6.2
|
|
Rules-Requires-Root: no
|
|
|
|
Package: cloud-router
|
|
Architecture: all
|
|
Depends: ${misc:Depends},
|
|
strongswan-swanctl,
|
|
charon-systemd,
|
|
libstrongswan-extra-plugins,
|
|
libcharon-extra-plugins,
|
|
wireguard-tools,
|
|
ufw,
|
|
debconf,
|
|
openssl,
|
|
python3-jinja2
|
|
Description: Linux cloud router with IPSec and optional WireGuard
|
|
Configures a Linux host as a cloud router providing site-to-site IKEv2
|
|
IPSec (strongSwan swanctl) and road-warrior P2S VPN (EAP-TLS). WireGuard
|
|
is optionally enabled. Includes a PKI helper library (simple-ca.sh) for
|
|
managing the road-warrior certificate authority.
|
|
.
|
|
Site-specific values are collected via debconf at install time and written
|
|
to /etc/default/cloud-router. A one-shot systemd service (cloud-router-setup)
|
|
applies UFW rules and WireGuard keys on first boot.
|