c0repwn3r 1453509dc4 | ||
---|---|---|
.idea | ||
api | ||
dnapi-rs | ||
tfclient | ||
tfweb | ||
trifid-api | ||
trifid-pki | ||
.build.yml.disabled | ||
.env | ||
.gitignore | ||
Cargo.lock | ||
Cargo.toml | ||
LICENSE.txt | ||
README.md | ||
api.txt | ||
dnclient | ||
index.md |
README.md
trifid
trifid is an open-souce reimplementation of the Defined Networking management protocol for Nebula networks.
It includes a reimplementation of the API Server, the Web UI, dnclient
, nebula-cert
and dnapi
- all fully API-compatible with the original versions.
We also include a Rust library for interacting with keys and certificates in the Nebula PKI. Find it in trifid-pki/
, or on crates.rs as trifid-pki
.
Want to make your own Defined Networking client? Check out dnapi-rs
! dnapi-rs
is a Rust port of the official dnapi
Go library, to allow for easy interactions with Defined Networking-compatible API servers. Find it in dnapi-rs/
, or on crates.rs as dnapi-rs
.
The API implementation is tested with the official dnclient implementaiton, and the dnclient implementation is tested with the official API server, to ensure complete feature parity between the two.
The original Web UI does not work with trifid-api quite yet, as we haven't finished reverse engineering that API. Feature table below:
Features
trifid-api feature table:
Feature | trifid-api | api.defined.net |
---|---|---|
Enroll in sites with dnclient | Yes | Yes |
Automatic config update polling by dnclient | Not yet | Yes |
Group-based firewalling | Not yet | Yes |
SSO authentication | Not yet | Yes |
Open-source server | Yes | No |
tfclient feature table:
Feature | tfclient | dnclient |
---|---|---|
Enroll in trifid-api/api.defined.net sites | Yes | Yes |
Automatic VPN profile setup | Yes | Yes |
Poll the API server for config updates | Yes | Yes |
Secure Ed25519 signing for API communication | Yes | Yes |