Lethean node is an combination of client, server and Lethean daemon. Running a node will help to smoothly operate network.
Serving a node by this way is much easier than create and configure VPN server.
You can operate node everywhere. Even on Windows machine! You just need to have working docker installation.
Easiest way to run a node is to install docker and run this code:
We need NET_ADMIN privileges because we use WireGuard to connect
By default, ipv6 is disabled within docker. So we need to use --sysctl net.ipv6.conf.all.disable_ipv6=0
Blockchain data and node configuration should be permanent. So we need to mount local dir by "-v".
Do not expose other ports to public! Only 8880 (authenticated haproxy) and 8881 (manager-over-tls) is needed!
When using node, there are automatical steps which are done by docker image:
Public host means that you are running a node on server with public IP address which is accessible from Internet. In other words, you want to have your server to become as node and to serve as server for VPN clients.
Node is simplest way how to start. See server install guide for more complex setup.
Do not expose any other ports than you see within guide.
Non-public host is mostly your workstation or server which is not directly accessible from Internet. Even so, you can run a node there. It will automatically connect to VPN server and become a part of network.
By default, every node is automatically set as an exit point for other users. So, users, connected to same space, can use your machine to access Internet. If you do not want to act as an exit point, add this parameter to docker command: -e NODE_RUN_SERVER=no
Ports 8123, 8124 and 8080 are exposed on localhost only from security reason. 8123 contains sensitive information about client, 8124 should never be used without TLS, 8080 is a HTTP proxy, which is used for local purposes only.
docker pull limosek/lvpn:dev
docker run -d \
--rm --name letheannode \
-v ~/lvpn:/home/lvpn \
--sysctl net.ipv6.conf.all.disable_ipv6=0 \
--cap-add=NET_ADMIN \
-p 8880:8880 \
-p 8881:8881 \
-p 127.0.0.1:8123:8123 \
-p 127.0.0.1:8124:8124 \
-p 127.0.0.1:8080:8080 \
limosek/lvpn:dev node
See how to run cmd
Ports 8123, 8124 and 8080 are exposed on localhost only from security reason. 8123 contains sensitive information about client, 8124 should never be used without TLS, 8080 is a HTTP proxy, which is used for local purposes only.
docker pull limosek/lvpn:dev
docker run -d --rm --name letheannode -v %HOMEDRIVE%%HOMEPATH%\lvpn:/home/lvpn --sysctl net.ipv6.conf.all.disable_ipv6=0 --cap-add=NET_ADMIN -p 127.0.0.1:8080:8080 -p 127.0.0.1:8123:8123 -p 127.0.0.1:8124:8124 -p 8880:8880 -p 8881:8881 limosek/lvpn:dev node
You can see logs of your node by issuing this command
docker logs letheannode
or inspecting your local mounted folder <HOME>/lvpn. There are logs which you can review/inspect.
docker exec letheannode curl http://127.0.0.1:8124/api/connections
docker exec letheannode curl curl http://127.0.0.1:8124/api/sessions
By default, you are connected to free space. So you cannot access Internet via proxy.
curl -x http://127.0.0.1:8080 http://www.lthn/