Support startup without a tun device (#269)
This commit adds support for Nebula to be started without creating a tun device. A node started in this mode still has a full "control plane", but no effective "data plane". Its use is suited to a lighthouse that has no need to partake in the mesh VPN. Consequently, creation of the tun device is the only reason nebula neesd to be started with elevated privileged, so this example lighthouse can also be run as a non-root user.
This commit is contained in:
9
main.go
9
main.go
@ -101,11 +101,14 @@ func Main(config *Config, configTest bool, block bool, buildVersion string, logg
|
||||
// tun config, listeners, anything modifying the computer should be below
|
||||
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
|
||||
|
||||
var tun *Tun
|
||||
var tun Inside
|
||||
if !configTest {
|
||||
config.CatchHUP()
|
||||
|
||||
if tunFd != nil {
|
||||
switch {
|
||||
case config.GetBool("tun.disabled", false):
|
||||
tun = newDisabledTun(tunCidr, l)
|
||||
case tunFd != nil:
|
||||
tun, err = newTunFromFd(
|
||||
*tunFd,
|
||||
tunCidr,
|
||||
@ -114,7 +117,7 @@ func Main(config *Config, configTest bool, block bool, buildVersion string, logg
|
||||
unsafeRoutes,
|
||||
config.GetInt("tun.tx_queue", 500),
|
||||
)
|
||||
} else {
|
||||
default:
|
||||
tun, err = newTun(
|
||||
config.GetString("tun.dev", ""),
|
||||
tunCidr,
|
||||
|
Reference in New Issue
Block a user