Thingies
This commit is contained in:
parent
d0d635c6c3
commit
6704166dd4
2 changed files with 36 additions and 0 deletions
25
infra_tests/wireguard_and_nginx_test.md
Normal file
25
infra_tests/wireguard_and_nginx_test.md
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
# Wireguard and Nginx
|
||||
|
||||
The purpose of this test is to check if we can restrict access to a service provided through NGINX to only be accessible for clients connecting through a Wireguard VPN.
|
||||
|
||||
This would allow for having internal webpages that can only be reached by users that have access through the VPN. These provides some cool stuff:
|
||||
- An additional layer of security on top of application/service credentials.
|
||||
- Perfect protection against sniffing between our member devices and all our services.
|
||||
- The possibility to fully unplug any user at will by simply removing his keys from the Wireguard VPN config.
|
||||
|
||||
## Test plan
|
||||
|
||||
- [ ] Get a VPS in 1984.hosting
|
||||
- [ ] Install Ubuntu Server
|
||||
- [ ] Install Wireguard
|
||||
- https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-22-04
|
||||
- [ ] Install client and check that VPN is working fine
|
||||
- [ ] Deploy silly webpage with containerized Nginx and open access in the same VPS
|
||||
- [ ] Validate that Nginx is reachable through clearnet without VPN
|
||||
- [ ] Modify Nginx config to only listen to requests coming from the VPS localhost
|
||||
- [ ] Validate that Nginx is not reachable through clearnet without VPN
|
||||
- [ ] Validate that Nginx is reachable through clearnet without VPN
|
||||
|
||||
## Test logs
|
||||
|
||||
Drop notes here as we try stuff
|
||||
Loading…
Add table
Add a link
Reference in a new issue