• Stars
    star
    574
  • Rank 77,739 (Top 2 %)
  • Language
    Go
  • License
    Apache License 2.0
  • Created over 3 years ago
  • Updated 4 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

⛵ The immutable, decentralized, statically built p2p VPN without any central server and automatic discovery! Create decentralized introspectable tunnels over p2p with shared tokens


logo
EdgeVPN

Create Decentralized private networks

license go report card


Fully Decentralized. Immutable. Portable. Easy to use Statically compiled VPN and a reverse proxy over p2p.
VPN - Reverse Proxy - Send files securely over p2p - Blockchain

EdgeVPN uses libp2p to build private decentralized networks that can be accessed via shared secrets.

It can:

  • Create a VPN : Secure VPN between p2p peers

    • Automatically assign IPs to nodes
    • Embedded tiny DNS server to resolve internal/external IPs
    • Create trusted zones to prevent network access if token is leaked
  • Act as a reverse Proxy : Share a tcp service like you would do with ngrok. EdgeVPN let expose TCP services to the p2p network nodes without establishing a VPN connection: creates reverse proxy and tunnels traffic into the p2p network.

  • Send files via p2p : Send files over p2p between nodes without establishing a VPN connection.

  • Be used as a library: Plug a distributed p2p ledger easily in your golang code!

See the documentation.

📷 Screenshots

Dashboard (Dark mode) Dashboard (Light mode)
Screenshot 2021-10-31 at 00-12-16 EdgeVPN - Machines index Screenshot 2021-10-31 at 23-03-26 EdgeVPN - Machines index
DNS Machine index
Screenshot 2021-10-31 at 23-03-44 EdgeVPN - Services index Screenshot 2021-10-31 at 23-03-59 EdgeVPN - Files index
Services Blockchain index
Screenshot 2021-10-31 at 23-04-12 EdgeVPN - Users connected Screenshot 2021-10-31 at 23-04-20 EdgeVPN - Blockchain index

🆕 GUI

A Desktop GUI application (alpha) for Linux is available here

Dashboard Connections index
edgevpn-gui-2 edgevpn-3
edgevpn-gui

Kubernetes

Check out c3os for seeing EdgeVPN in action with Kubernetes!

🏃 Installation

Download the precompiled static release in the releases page. You can either install it in your system or just run it.

💻 Usage

EdgeVPN works by generating tokens (or a configuration file) that can be shared between different machines, hosts or peers to access to a decentralized secured network between them.

Every token is unique and identifies the network, no central server setup, or specifying hosts ip is required.

To generate a config run:

# Generate a new config file and use it later as EDGEVPNCONFIG
$ edgevpn -g > config.yaml

OR to generate a portable token:

$ EDGEVPNTOKEN=$(edgevpn -g -b)

Note, tokens are config merely encoded in base64, so this is equivalent:

$ EDGEVPNTOKEN=$(edgevpn -g | tee config.yaml | base64 -w0)

All edgevpn commands implies that you either specify a EDGEVPNTOKEN (or --token as parameter) or a EDGEVPNCONFIG as this is the way for edgevpn to establish a network between the nodes.

The configuration file is the network definition and allows you to connect over to your peers securely.

Warning Exposing this file or passing-it by is equivalent to give full control to the network.

📡 As a VPN

To start the VPN, simply run edgevpn without any argument.

An example of running edgevpn on multiple hosts:

# on Node A
$ EDGEVPNTOKEN=.. edgevpn --address 10.1.0.11/24
# on Node B
$ EDGEVPNTOKEN=.. edgevpn --address 10.1.0.12/24
# on Node C ...
$ EDGEVPNTOKEN=.. edgevpn --address 10.1.0.13/24
...

... and that's it! the --address is a virtual unique IP for each node, and it is actually the ip where the node will be reachable to from the vpn. You can assign IPs freely to the nodes of the network, while you can override the default edgevpn0 interface with IFACE (or --interface)

Note: It might take up time to build the connection between nodes. Wait at least 5 mins, it depends on the network behind the hosts.

Is it for me?

EdgeVPN makes VPN decentralization a first strong requirement.

Its main use is for edge and low-end devices and especially for development.

The decentralized approach has few cons:

  • The underlying network is chatty. It uses a Gossip protocol for synchronizing the routing table and p2p. Every blockchain message is broadcasted to all peers, while the traffic is to the host only.
  • Might be not suited for low latency workload.

Keep that in mind before using it for your prod networks!

But it has a strong pro: it just works everywhere libp2p works!

Why?

First of all it's my first experiment with libp2p. Second, I always wanted a more "open" ngrok alternative, but I always prefer to have "less infra" as possible to maintain. That's why building something like this on top of libp2p makes sense.

⚠️ Warning!

I'm not a security expert, and this software didn't went through a full security audit, so don't use and rely on it for sensible traffic and not even for production environment! I did this mostly for fun while I was experimenting with libp2p.

Example use case: network-decentralized k3s test cluster

Let's see a practical example, you are developing something for kubernetes and you want to try a multi-node setup, but you have machines available that are only behind NAT (pity!) and you would really like to leverage HW.

If you are not really interested in network performance (again, that's for development purposes only!) then you could use edgevpn + k3s in this way:

  1. Generate edgevpn config: edgevpn -g > vpn.yaml

  2. Start the vpn:

    on node A: sudo IFACE=edgevpn0 ADDRESS=10.1.0.3/24 EDGEVPNCONFIG=vpn.yml edgevpn

    on node B: sudo IFACE=edgevpn0 ADDRESS=10.1.0.4/24 EDGEVPNCONFIG=vpm.yml edgevpn

  3. Start k3s:

    on node A: k3s server --flannel-iface=edgevpn0

    on node B: K3S_URL=https://10.1.0.3:6443 K3S_TOKEN=xx k3s agent --flannel-iface=edgevpn0 --node-ip 10.1.0.4

We have used flannel here, but other CNI should work as well.

📓 As a library

EdgeVPN can be used as a library. It is very portable and offers a functional interface.

To join a node in a network from a token, without starting the vpn:

import (
    node "github.com/mudler/edgevpn/pkg/node"
)

e := node.New(
    node.Logger(l),
    node.LogLevel(log.LevelInfo),
    node.MaxMessageSize(2 << 20),
    node.FromBase64( mDNSEnabled, DHTEnabled, token ),
    // ....
  )

e.Start(ctx)

or to start a VPN:

import (
    vpn "github.com/mudler/edgevpn/pkg/vpn"
    node "github.com/mudler/edgevpn/pkg/node"
)

opts, err := vpn.Register(vpnOpts...)
if err != nil {
	return err
}

e := edgevpn.New(append(o, opts...)...)

e.Start(ctx)

🧑‍💻 Projects using EdgeVPN

  • Kairos - creates Kubernetes clusters with K3s automatically using EdgeVPN networks

🐜 Contribution

You can improve this project by contributing in following ways:

  • report bugs
  • fix issues
  • request features
  • asking questions (just open an issue)

and any other way if not mentioned here.

📓 Credits

📓 Troubleshooting

If during bootstrap you see messages like:

edgevpn[3679]:             * [/ip4/104.131.131.82/tcp/4001] failed to negotiate stream multiplexer: context deadline exceeded     

or

edgevpn[9971]: 2021/12/16 20:56:34 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/lucas-clemente/quic-go/wiki/UDP-Receive-Buffer-Size for details.

or generally experiencing poor network performance, it is recommended to increase the maximum buffer size by running:

sysctl -w net.core.rmem_max=2500000

📓 TODO

  • VPN
  • Send and receive files via p2p
  • Expose remote/local services via p2p tunnelling
  • Store arbitrary data on the blockchain
  • Allow to persist blockchain on disk

📓 LICENSE

Apache License v2.

edgevpn  Copyright (C) 2021 Ettore Di Giacinto
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
under certain conditions.

More Repositories

1

LocalAI

🤖 The free, Open Source alternative to OpenAI, Claude and others. Self-hosted and local-first. Drop-in replacement for OpenAI, running on consumer-grade hardware. No GPU required. Runs gguf, transformers, diffusers and many more models architectures. Features: Generate Text, Audio, Video, Images, Voice Cloning, Distributed inference
C++
24,299
star
2

LocalAGI

100% Local AGI with LocalAI
Python
392
star
3

luet

📦 🐳 0-dependency Container-based Package Manager using SAT solver and QLearning
Go
261
star
4

poco

🚢 poCo - portable Containers. Create statically linked, portable binaries from container images (daemonless)
Go
84
star
5

yip

📌 Yaml Instructions Processor - Simply applies a cloud-init style yaml file to the system
Go
70
star
6

golauncher

🚀 Highly extensible, customizable application launcher and window switcher written in less than 300 lines of Golang and fyne
Go
63
star
7

docker-companion

squash and unpack Docker images, in Golang
Go
42
star
8

edgevpn-gui

Graphical front-end for EdgeVPN
Go
23
star
9

anagent

Minimalistic, pluggable Golang evloop/timer handler with dependency-injection
Go
15
star
10

go-stable-diffusion

C++
15
star
11

GitInsight

Predict your github contributions using Bayesian inference and Markov chain with perl and PDL
Perl
9
star
12

gh-k8s

Run multiple-node, decentralized k3s clusters on Github action runners for test and development!
Shell
9
star
13

go-pluggable

🍱 go-pluggable is a light Bus-event driven plugin library for Golang
Go
8
star
14

linuxbundles

🐧 Standalone, local-runnable binaries of popular linux distributions
Shell
8
star
15

vhproxy

VHProxy public git repository
Perl
7
star
16

luet-k8s

Luet extension to build packages on kubernetes
Go
7
star
17

go-piper

C++
7
star
18

WebService-GialloZafferano

Perl interface to GialloZafferano.it website to find cooking recipes
Perl
5
star
19

entities

🔏 Declarative modern identity manager for UNIX systems in Go
Go
5
star
20

go-ggllm.cpp

Golang bindings for ggllm.cpp
C++
5
star
21

img-controller

Kubernetes CRD controller to build docker images with img
Go
4
star
22

http

"http" IRC shellcode
Perl
4
star
23

docker-sabayon-base

Sabayon-base docker repository
PLpgSQL
3
star
24

App-whatthecommit

Add a prepare-commit-msg to your git repository that uses whatthecommit.com to generate random commit messages
Perl
3
star
25

go-nodepair

Golang library to handle transparent remote node pairing
Go
3
star
26

go-kdetect

golang kernel driver detector
Go
3
star
27

WebApp-GitInsight

WebApp in mojolicious for GitInsight
CSS
3
star
28

LocalAI-examples

LocalAI examples
Jupyter Notebook
3
star
29

blog

My blog, now migrated to hugo on github
HTML
2
star
30

docker-sabayon-spinbase-amd64

Sabayon spinbase docker repository
Shell
2
star
31

ekcp

🌠 Ephemeral kubernetes cluster provider
JavaScript
2
star
32

Algorithm-Sat-Backtracking

A switchable Pure Perl SAT solver with backtracking
Perl
2
star
33

docker-sabayon-builder-amd64

Sabayon builder base image docker repository
Shell
2
star
34

boson

a docker polling job processor
Go
2
star
35

gluedd-cli

Deepdetect jpeg streamer predictor
Go
2
star
36

go-processmanager

Go
2
star
37

localai-github-action

LocalAI github action
2
star
38

Algorithm-QLearning

Algorithm::QLearning - Reinforcement Learning done in Pure Perl
Perl
1
star
39

go-udp-proxy

Little udp proxy needed just releases with binaries built with CI - not my code, found on the net
Go
1
star
40

k8s-resource-scheduler

🏯 Simple (toy/experimental) CPU/Memory pod scheduler
Go
1
star
41

android-builds-recipes

🐳 Android builds recipes for various devices/ROM with docker
Shell
1
star
42

go-mirror-redirector

Simple mirror redirector in golang
Go
1
star
43

fleet-sample

Dockerfile
1
star
44

builder-witchcraft

Shell
1
star
45

go-findpeaks

Go
1
star
46

openqa-scheduler-go

Drop in replacement openQA scheduler written in Golang
Go
1
star
47

perl_training

TeX
1
star
48

poco-github-action

Github action for poco app bundler
Go
1
star
49

cobra-extensions

Create git-alike extensions for your cobra projects!
Go
1
star
50

Mojolicious-Plugin-Angular-MaterialDesign

Bundle MaterialDesign for angular in your mojolicious app
Perl
1
star
51

go-libp2p-simple-raft

A simple raft wrapper for libp2p
Go
1
star