Find a file
Sergei Gunchenko 60c57ee112 Pull request #13: Turn the project structure inside out
Squashed commit of the following:

commit 3e8836cf2ac92ad22291d83b31e9ab83cbdb0330
Author: Sergei Gunchenko <s.gunchenko@adguard.com>
Date:   Mon May 23 19:34:51 2022 +0300

    add comment

commit f08a48bd6c7c386814417f89b6b818d1bfae8613
Author: Sergei Gunchenko <s.gunchenko@adguard.com>
Date:   Mon May 23 19:28:36 2022 +0300

    Fix readmes

commit a83825713de051cdc407a3885b0cab50739d9876
Author: Sergei Gunchenko <s.gunchenko@adguard.com>
Date:   Mon May 23 19:23:54 2022 +0300

    Fix merge artifact

commit fae5b022123a664b34ec3a5104f90d7f6405196f
Author: Sergei Gunchenko <s.gunchenko@adguard.com>
Date:   Mon May 23 19:23:27 2022 +0300

    Turn the project structure inside out
2022-05-24 12:49:06 +03:00
examples/my_vpn Pull request #13: Turn the project structure inside out 2022-05-24 12:49:06 +03:00
lib Pull request #13: Turn the project structure inside out 2022-05-24 12:49:06 +03:00
.gitignore Pull request #1: Initial implementation 2022-03-30 20:21:04 +03:00
Cargo.toml Pull request #13: Turn the project structure inside out 2022-05-24 12:49:06 +03:00
LICENSE.md Pull request #1: Initial implementation 2022-03-30 20:21:04 +03:00
main.rs Pull request #13: Turn the project structure inside out 2022-05-24 12:49:06 +03:00
README.md Pull request #13: Turn the project structure inside out 2022-05-24 12:49:06 +03:00

AdGuard VPN endpoint

Running endpoint

Building

Execute the following commands in Terminal:

cargo build

to build the debug version, or

cargo build --release

to build the release version.

Issuing self-signed cert and keys (RSA)

Execute the following commands in Terminal:

openssl req -config <openssl.conf> -new -x509 -sha256 -newkey rsa:2048 -nodes -days 1000 -keyout key.pem -out cert.pem

where

  • <openssl.conf> is an optional OpenSSL request template file

Endpoint configuration

An endpoint can be configured using a JSON file. The file struct reflects the library settings (see struct Settings in settings.rs). The very basic configuration file can be found in the example. To explore the full set of settings see docs in settings.rs.

Running

To run the binary through cargo, execute the following commands in Terminal:

cargo run --bin vpn_endpoint -- <path/to/vpn.config>

To run the binary directly, execute the following commands in Terminal:

<path/to/target>/vpn_endpoint <path/to/vpn.config>

where <path/to/target> is determined by the build command (by default it is ./target/debug or ./target/release depending on the build type).

Example endpoint

For a quic setup you can run the example endpoint (see here). It shows the essential things needed to run an instance. To start one run the following commands in Terminal:

cd ./examples/my_vpn && ./run.sh

It may ask you to enter some information for generating your certificate. Skip it clicking enter if it does not matter.

Testing with Google Chrome

  1. 2 options:
    • Add the generated certificate to the trusted store and run the Google Chrome
    • Run the Google Chrome from Terminal like this:
    google-chrome --ignore-certificate-errors
    
    IMPORTANT: the second option should be used just for testing, it removes the first line of defence against malicious resources
  2. Set up the endpoint as an HTTPS proxy server in the browser (either via browser settings or using an extension like Proxy SwitchyOmega)

Collecting metrics

Common ways:

  • As plain text: send a GET request to <ip>:<port>/metrics, for example, using CURL or a web browser
  • Set up Prometheus:
    1. Configure the instance to monitor the endpoint metrics (see here)
    2. Use the graph interface