Hosting a Gateway
This page documents the steps to set up your own gateway. Digitalocean's $5 VPS provides great value for this purpose.
Installation
- Install packages `sudo apt install openvpn golang make`
- Install yggdrasil and enable the service
- Ensure peers are added to yggdrasil's config
- Set yggdrasil's interface name to ygg0 in the config
- Clone autoygg and checkout the desired version tag
- `cd autoygg && make`
- Copy autoygg-server to /bin/ and autoygg-server.service to /usr/lib/systemd/system/
- `sudo systemctl daemon-reload`
- Create /etc/autoygg/server/yml
--- ListenHost: "your-gateways-ygg-ip-from-yggdrasilctl-getSelf" ListenPort: "8080" GatewayOwner: "Your Name <you@provider.com>" GatewayDescription: "Describe this gateway" GatewayNetwork: "Mullvad VPN" GatewayLocation: "New York, US" RequireRegistration: true AccessListEnabled: false GatewayTunnelIP: "10.42.0.1" GatewayTunnelNetmask: "16" GatewayTunnelIPRangeMin: 10.42.0.10 GatewayTunnelIPRangeMax: 10.42.0.255 MaxClients: 100 YggdrasilInterface: ygg0 FirewallWanInterface: vpn0 GatewayInfoURL: ""
- Enable / start the autoygg-server service
- Edit your .ovpn config, remove up/down:
dev vpn0 dev-type tun route-nopull
- Place .ovpn, userpass.txt (if applicable), and any certs in /etc/openvpn/
- Reboot
- sudo ip rule add from 10.42.0.0/16 table 42
- ip ro add default dev vpn0 table 42
- Connect via autoygg client