Spark Town: Gaming and Tech Blog

Yggdrasil Network(Hint: It’s cool)

Here’s how to create a private mesh with NixOS(Also can be used with Guix I imagine).

(Edited to add: I will put instructions on how to get Yggdrasil to work with your Android phones/tablets as well later!)

Step 1: Find your Public Keys for your machines

Simply copy this config:

Use this config at first to find your Public Key, use the command “sudo yggdrasilctl getself” to find it. Repeat for every machine you want to add to your private mesh. You’ll also need a $5/$10 a month VPS if you intend for it be accessible anywhere.

#Enable the yggdrasil network
services.yggdrasil = {
    enable = true;
    openMulticastPort = true;
    persistentKeys = true;
    config = {
      # generate fresh new config with: yggdrasil -genconf
      InterfacePeers = {};
      # to run a public peer, just add this line
      #Listen = [ "$YOUR_IP_ADDRESS_IF_PUBLIC_PEER"];
      #then add firewall
      #Listen = [];
      AdminListen = "unix:///var/run/yggdrasil/yggdrasil.sock";
      MulticastInterfaces = [
        {
          Regex = ".*";
          Beacon = true;
          Listen = true;
          Port = 0;
          Password = "$YOUR_PASSWORD_GOES_HERE";
        }
      ];
      LinkLocalTCPPort = 39354;
      AllowedPublicKeys = [];
      IfName = "auto";
      IfMTU = 65535;
      NodeInfoPrivacy = false;

      # if 'yggdrasilctl getpeers' returns no peers
      # you have to add some your self
      # see https://publicpeers.neilalexander.dev/
      # and
      # https://github.com/yggdrasil-network/public-peers/tree/master/other
      # for tor and i2p peers
      Peers = [

      ];
    };
  };

Step 2. On the VPS machine, put in your domain or IP address in the first Listen field.

Step 3. In the AllowedPublicKeys field, put in your Public Keys you obtained from Step 1.

After doing all the above, realize the configuration in NixOS/Guix. Everything should now connect and also not be accessible from other nodes on the Yggdrasil network, only your nodes will connect!

Q and A:

Q: Should I fill in the Peers section?

A: Yes, on all the client machines you wish to connect to the VPS. In the Peers section, put in the machine’s IP address or domain name. ONLY put in the VPS/host machine tho, because if you connect to other peers on the Yggdrasil network, you lose the private mesh ability. I will post a complete example config later!

Have fun!

Posted

in

by

talos

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *