{"name":"Nebula: A Scalable, Secure, and Simple Overlay Networking Tool","description":"Nebula is an advanced overlay networking tool developed by Slackhq, designed for performance, simplicity, and robust security. It enables seamless, mutually authenticated peer-to-peer connections across diverse platforms, from desktops to mobile devices, connecting tens of thousands of computers globally.","github":"https://github.com/slackhq/nebula","url":"https://osrepos.com/repo/slackhq-nebula","source":"osrepos.com","sourceDescription":"This repository profile is provided by osrepos.com, an open source repository discovery platform.","repositoryProfile":"https://osrepos.com/repo/slackhq-nebula","generatedFor":"open source discovery and AI-assisted research","markdown":"https://osrepos.com/repo/slackhq-nebula.md","json":"https://osrepos.com/repo/slackhq-nebula.json","topics":["Go","Networking","Overlay Network","VPN","Security","SDN","Peer-to-Peer","Infrastructure"],"keywords":["Go","Networking","Overlay Network","VPN","Security","SDN","Peer-to-Peer","Infrastructure"],"stars":null,"summary":"Nebula is an advanced overlay networking tool developed by Slackhq, designed for performance, simplicity, and robust security. It enables seamless, mutually authenticated peer-to-peer connections across diverse platforms, from desktops to mobile devices, connecting tens of thousands of computers globally.","content":"## Introduction\n\nNebula, from Slackhq, is a scalable overlay networking tool with a focus on performance, simplicity, and security. It lets you seamlessly connect computers anywhere in the world. Nebula is portable, running on Linux, OSX, Windows, iOS, and Android. It can be used to connect a small number of computers, but is also able to connect tens of thousands of machines.\n\nNebula incorporates a number of existing concepts like encryption, security groups, certificates, and tunneling. What makes Nebula different from existing offerings is that it brings all of these ideas together, resulting in a sum that is greater than its individual parts.\n\n## Installation\n\nNebula is available across a wide range of platforms, including desktop, server, and mobile devices.\n\n#### Desktop and Server\n\nYou can find the latest binaries on the [releases page](https://github.com/slackhq/nebula/releases/latest) or use package managers:\n\n*   **Arch Linux**\n    sh\n    sudo pacman -S nebula\n    \n\n*   **Fedora Linux**\n    sh\n    sudo dnf install nebula\n    \n\n*   **Debian Linux**\n    sh\n    sudo apt install nebula\n    \n\n*   **Alpine Linux**\n    sh\n    sudo apk add nebula\n    \n\n*   **macOS Homebrew**\n    sh\n    brew install nebula\n    \n\n*   **Docker**\n    sh\n    docker pull nebulaoss/nebula\n    \n\n#### Mobile\n\n*   [iOS](https://apps.apple.com/us/app/mobile-nebula/id1509587936?itsct=apps_box&amp;itscg=30200)\n*   [Android](https://play.google.com/store/apps/details?id=net.defined.mobile_nebula&pcampaignid=pcampaignidMKT-Other-global-all-co-prtnr-py-PartBadge-Mar2515-1)\n\n## Examples\n\nTo set up a Nebula network, you'll need a few key components. Here's a quick guide:\n\n1.  **Nebula Binaries**: Obtain the `nebula-cert` and `nebula` binaries for your specific platform.\n\n2.  **Lighthouse Node (Optional, but Recommended)**: At least one discovery node with a routable IP address. Lighthouses allow nodes to find each other globally and can use UDP hole punching. They require very few compute resources.\n\n3.  **Nebula Certificate Authority (CA)**: Create a CA to be the root of trust for your network.\n    sh\n    ./nebula-cert ca -name \"Myorganization, Inc\"\n    \n    This will generate `ca.key` and `ca.cert`. Keep `ca.key` secure, as it signs the certificates for individual nodes.\n\n4.  **Host Keys and Certificates**: Generate keys and certificates for each node in your network, signed by your CA.\n    sh\n    ./nebula-cert sign -name \"lighthouse1\" -ip \"192.168.100.1/24\"\n    ./nebula-cert sign -name \"laptop\" -ip \"192.168.100.2/24\" -groups \"laptop,home,ssh\"\n    ./nebula-cert sign -name \"server1\" -ip \"192.168.100.9/24\" -groups \"servers\"\n    ./nebula-cert sign -name \"host3\" -ip \"192.168.100.10/24\"\n    \n\n5.  **Configuration Files**: Download a copy of the [example configuration](https://github.com/slackhq/nebula/blob/master/examples/config.yml) and adapt it. Ensure `am_lighthouse: true` is set for the lighthouse node and configure the `static_host_map` for other hosts.\n\n6.  **Copy Credentials and Binaries**: Copy the `nebula` binary, `config.yml`, `ca.crt`, `{host}.crt`, and `{host}.key` to each host. **DO NOT COPY `ca.key` TO INDIVIDUAL NODES.**\n\n7.  **Run Nebula**: Start Nebula on each host.\n    sh\n    ./nebula -config /path/to/config.yml\n    \n\nFor more detailed instructions, refer to the [full documentation here](https://nebula.defined.net/docs/).\n\n## Why Use Nebula?\n\nNebula offers a robust solution for mutually authenticated peer-to-peer software-defined networks (SDN), based on the [Noise Protocol Framework](https://noiseprotocol.org/). It uses certificates to assert a node's IP address, name, and membership within user-defined groups, allowing for provider-agnostic traffic filtering between nodes. Discovery nodes (lighthouses) facilitate peer discovery and optionally use UDP hole punching to establish connections from behind most firewalls or NATs.\n\nWith Nebula, users can move data between nodes across any number of cloud service providers, datacenters, and endpoints, without needing to maintain a particular addressing scheme. Security is ensured by Elliptic-curve Diffie-Hellman (ECDH) key exchange and AES-256-GCM in its default configuration. Nebula was created to enable groups of hosts to communicate securely, even across the internet, while providing expressive firewall definitions similar in style to cloud security groups.\n\n## Links\n\n*   **GitHub Repository**: [slackhq/nebula](https://github.com/slackhq/nebula)\n*   **Official Documentation**: [Nebula Docs](https://nebula.defined.net/docs/)\n*   **Medium Article**: [Read more about Nebula](https://medium.com/p/884110a5579)\n*   **Slack Community**: [Join the NebulaOSS Slack group](https://join.slack.com/t/nebulaoss/shared_invite/zt-39pk4xopc-CUKlGcb5Z39dQ0cK1v7ehA)","metrics":{"detailViews":3,"githubClicks":2},"dates":{"published":null,"modified":"2025-10-26T12:02:07.000Z"}}