Backend demo kit
Deploy your own backend for testing purposes
Demo backend kit is provided as a set of docker containers:
- fendvpn-demo - simplified implementation of authorizer and discovery services.
- fendvpn-tunnel - tunnel management layer, it handles all clients tunnels.
To simplify deployment we provide example docker-compose file. Please, update variable DOMAIN_NAME according to your server public domain name. It's required to get proper SSL certificate.
- DOMAIN_NAME: demo.example.org
As soon as you've done with tuning docker-compose file to your needs, bring it up:
docker-compose -f docker-compose.yaml up -d
You can check containers status using
docker pscommand, you should get something like this:
f2c4659092b2 fendvpn/demo:stable "/usr/local/bin/vpn-…" 1 minute ago Up 32 minutes fendvpn-demo
4d3abec5c690 fendvpn/demo-proxy:stable "/wrapper.sh --log.l…" 1 minute ago Up 32 minutes 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp fendvpn-proxy
d0ab2489e219 fendvpn/tunnel:stable "/entrypoint.sh" 1 minute ago Up 32 minutes 0.0.0.0:3000->3000/udp fendvpn-tunnel
If default ports are not suitable for your environment, please change it in both docker-compose file and service configuration files (see next section).
Tunnel manager by default stores its configuration under
/opt/fendvpn/tunnelfolder. It has next subfolders:
config/keeps settings and peers.
trusted_rsa/keeps currently configured trusted RSA public keys for verifying JWT.
Tunnel manager provides web-interface, you can open it by address
https://<your_server_domain_name>or by IP address (in this case, please, dismiss invalid certificate warning).
Default username is "admin" and generated password is written into logs during first start. You can get it using next command:
docker logs fendvpn-tunnel 2>&1 | grep "Generated new password"
After logging in to web-interface, you can change this password. If you forget your password, just edit
/opt/fendvpn/tunnel/config/settings.json, remove option "admin_password_hash" and restart vpn-node container. After startup, it will generate new password again.
If you're going to use our demo SDK or application, you'll need to configure trusted RSA keys on tunnel manager side (
Right after startup,
fendvpn-democontainer generates his own pair of private and public keys. Initially, tunnel manager does not know about this key, you need to add it manually.
- Key Id is stored in file /opt/fendvpn/demo/settings.json under option
key_id(it's in UUID format).
- Public key itself is stored in file /opt/fendvpn/demo/public.pem
Please, open tunnel manager web-interface, open page "Trusted keys", then click "Add new", provide key UUID and public key in PEM format (as stored in public.pem) and save changes.
Tunneling service, by design, has to know the server's public ipv4 address. It's used to generate configuration for client side. Please, open tunneling manager web-interface, open "Settings" page and set "Server IPv4" option.
You can fine-tune tunnel manager by updating
/opt/fendvpn/tunnel/config/settings.jsonfile. See table below for options explanation.
Warning! Authorizing and discovery demo suite is only designed to show functionality, and does not really provide secure operation!