tinc/debian
lagertonne 6e111247fb
Some checks failed
continuous-integration/drone/push Build is failing
fix build dependencies
2022-04-22 20:39:45 +02:00
..
patches Adjustments for pre18 and automatic building 2022-04-22 20:30:19 +02:00
source Import Debian changes 1.0.13-1 2019-08-26 13:44:40 +02:00
changelog Adjustments for pre18 and automatic building 2022-04-22 20:30:19 +02:00
compat Import Debian changes 1.1~pre17-1 2019-08-26 13:44:53 +02:00
control fix build dependencies 2022-04-22 20:39:45 +02:00
copyright Import Debian changes 1.1~pre12-1 2019-08-26 13:44:52 +02:00
doc-base.tinc Import Debian changes 1.1~pre8-1 2019-08-26 13:44:51 +02:00
info Import Debian changes 1.0pre7-2 2019-08-26 13:44:36 +02:00
NEWS Import Debian changes 1.1~pre11-1 2019-08-26 13:44:52 +02:00
postinst Import Debian changes 1.1~pre11-1 2019-08-26 13:44:52 +02:00
postrm Import Debian changes 1.0.13-1 2019-08-26 13:44:40 +02:00
preinst Import Debian changes 1.1~pre12-1 2019-08-26 13:44:52 +02:00
README.Debian Import Debian changes 1.1~pre11-1 2019-08-26 13:44:52 +02:00
rules Import Debian changes 1.1~pre17-1.1 2019-08-26 13:44:53 +02:00
tinc.default Import Debian changes 1.1~pre4-1 2019-08-26 13:44:50 +02:00
tinc.docs Import Debian changes 1.0.3-4 2019-08-26 13:44:36 +02:00
tinc.if-post-down Import Debian changes 1.1~pre15-1 2019-08-26 13:44:52 +02:00
tinc.if-pre-up Import Debian changes 1.1~pre15-1 2019-08-26 13:44:52 +02:00
tinc.if-up Import Debian changes 1.1~pre15-1 2019-08-26 13:44:52 +02:00
tinc.noinit Import Debian changes 1.1~pre14-16-g15b868e-1 2019-08-26 13:44:52 +02:00

tinc for Debian
---------------

The manual for tinc is also available as info pages, type `info tinc'
to read it.

There are several ways in which tinc may be automatically started at boot:

Systemd
-------

Since 1.1~pre11-1, the tinc package comes with native systemd service files.
To enable and start a net, call:

systemctl enable tinc@<netname>
systemctl start tinc@<netname>

This will cause a tincd to be started which uses the configuration from
/etc/tinc/<netname>, and also makes sure that it will be started next time your
system boots.

Apart from controlling individual instances, you can also start/stop/reload all
enabled instances simultaneously by omitting @<netname>, for example:

systemctl reload tinc

Note that when you have systemd installed on your system, the file
/etc/tinc/nets.boot will not be used anymore to automatically start tinc
daemons. If the variable EXTRA is defined in /etc/default/tinc, it will be
passed on to tinc. The variable LIMITS is however not used.

The service files that come with this package start tinc unconditionally.
However, tinc does support socket activation. If you wish to write a socket
unit for tinc, use the ListenStream option to specify on which port(s) and
address(es) tinc should listen.

SysVinit
--------

The system startup script for tinc, /etc/init.d/tinc, uses the file
/etc/tinc/nets.boot to find out which networks have to be started. Use one
netname per line. Lines starting with a # are ignored.

/etc/network/interfaces
-----------------------

You can create a stanza in /etc/network/interfaces, and add a line with
"tinc-net <netname>". This will cause a tincd to be started which uses the
configuration from /etc/tinc/<netname>. You can use an inet static (with
address and netmask options) or inet dhcp stanza, in which case the ifup will
configure the VPN interface and you do not need to have a tinc-up script.

The following options are also recognized and map directly to the corresponding
command line options for tincd:

tinc-config <directory>
tinc-debug <level>
tinc-mlock yes
tinc-logfile <filename>
tinc-chroot yes
tinc-user <username>

An example stanza:

iface vpn inet static
	address 192.168.2.42
	netmask 255.255.0.0
	tinc-net myvpn
	tinc-debug 1
	tinc-mlock yes
	tinc-user nobody

This will start a tinc daemon that reads its configuration from
/etc/tinc/myvpn, logs at debug level 1, locks itself in RAM, runs as user
nobody, and creates a network interface called "vpn". Ifup then sets the
address and netmask on that interface.

 -- Guus Sliepen <guus@debian.org>, Thu, 8 January 2015, 13:37:46 +0100