apps/openlan
1
0
Fork 0
mirror of https://github.com/luscis/openlan.git synced 2025-09-26 12:31:12 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
master
openlan/docs/install.md
Daniel Ding b025178053
Some checks failed
Coverage CI / build (push) Has been cancelled
Details
CodeQL / Analyze (go) (push) Has been cancelled
Details
Ubuntu CI / build (push) Has been cancelled
Details
docs: update install.md
2025-04-24 17:03:41 +08:00

3.0 KiB
Executable File
Raw Permalink Blame History

Preface

OpenLAN软件包含下面部分

  • Central Switch : 具有公网地址的CentOS服务器、云主机或者DMZ主机
  • Access Point : 运行在企业内部的CentOS主机或者移动办公的PC上无需公网地址

CentOS

Central Switch

您可以在CentOS7上通过下面步骤部署Central Switch软件

  1. 安装依赖的软件;

    $ yum install -y epel-release

  2. 使用bin安装Central Switch软件

    $ wget https://github.com/luscis/openlan/releases/download/v25.4.1/openlan-v25.4.1.x86_64.bin
$ chmod +x ./openlan-v25.4.1.x86_64.bin && ./openlan-v25.4.1.x86_64.bin

  3. 配置Central Switch服务自启动

    $ systemctl enable --now openlan-switch

  4. 配置预共享密钥以及加密算法;

    $ cd /etc/openlan/switch
$ cp ./switch.yaml.example ./switch.yaml
$ vim ./switch.yaml
protocol: tcp
crypt:
  algorithm: aes-128
  secret: ea64d5b0c96c

  5. 添加一个新的OpenLAN网络

    $ cd ./network
$ cp ./network.yaml.example ./example.yaml
$ vim ./example.yaml 
name: example
bridge: 
  address: 172.32.10.10/24
subnet:
  startAt: 172.32.10.100
  endAt: 172.32.10.150
routes: 
- prefix: 192.168.10.0/24
openvpn:
  protocol: tcp
  listen: 0.0.0.0:1194

  6. 重启Central Switch服务

    $ systemctl restart openlan-switch
$ journalctl -u openlan-switch

  7. 添加一个新的接入认证的用户;

    $ openlan user add --name hi@example
hi@example  l6llot97yx  guest

  8. 导出OpenVPN的客户端配置文件

    在浏览器直接访问接口获取VPN Profile弹出框中输入账户密码替换为公网IP地址。

    $ curl -k https://<access-ip>:10000/get/network/example/ovpn

    在OpenVPN的客户端via URL的方式自动导入,输入框中录入用户名密码。

    https://<access-ip>:10000

Access Point

同样的您也可以在CentOS7上通过下面步骤部署Access Point软件

  1. 安装依赖的软件; 
    $ yum install -y epel-release
  2. 使用bin安装Access Point软件 
    $ wget https://github.com/luscis/openlan/releases/download/v25.4.1/openlan-v25.4.1.x86_64.bin
$ chmod +x ./openlan-v25.4.1.x86_64.bin && ./openlan-v25.4.1.x86_64.bin nodeps
  3. 添加一个新的网络配置; 
    $ cd /etc/openlan/access
$ cp access.yaml.example example.yaml
$ vim example.yaml
protocol: tcp
crypt:
  algorithm: aes-128
  secret: ea64d5b0c96c
forward:
- 192.168.10.0/24
connection: example.net
username: <your-name>@example
password: <your-password>
  4. 配置Access Point服务自启动 
    $ systemctl enable --now openlan-access@example
$ journalctl -u openlan-access@example
  5. 检测网络是否可达; 
    $ ping 172.32.10.10 -c 3
$ ping 192.168.10.1 -c 3