ospab/ospab.network
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
91ab02dc8e5bcc05dd2ae7592acfb72f55ec0826
ospab.network/dist/linux-amd64/DEPLOY.md
ospab 7ed4217987 feat: Universal Linux build + redesigned ostp-guard 
- Build static musl binaries (work on any Linux distro)
- Redesign ostp-guard with weighted scoring system (threshold: 4 points)
  - HIGH (2pts): Analysis tools (gdb/ida/ghidra), sandbox artifacts
  - MEDIUM (1pt): Low resources (<1GB RAM), suspicious env vars
- Production VPS safe (1-2 points), sandbox blocked (4+ points)
- Anti-debug: Windows (IsDebuggerPresent), Linux (/proc/self/status)
- Deployment packages for Linux + Windows with SHA256 checksums
2026-01-02 01:38:30 +03:00

2.7 KiB
Raw Blame History

OSTP Linux Deployment Package

Contents

  • ostp-server (4.0 MB) - Stealth VPN Server Binary
  • oncp-master (4.7 MB) - CDN Control Plane Binary
  • install.sh - Automated installation script
  • README.md - Complete deployment guide
  • SHA256SUMS - Binary checksums for verification
  • ostp-server.service - Systemd service file
  • oncp-master.service - Systemd service file
  • server.json.example - Server configuration template
  • server-enrollment.json.example - Auto-enrollment config template

Quick Start

1. Verify Checksums

sha256sum -c SHA256SUMS

2. Run Installation Script

sudo bash install.sh

3. Configure Server

# Generate PSK
ostp-server gen-key

# Edit config
sudo nano /etc/ostp/server.json
# Replace PSK with generated key

# Start service
sudo systemctl enable ostp-server
sudo systemctl start ostp-server
sudo systemctl status ostp-server

System Requirements

  • OS: Debian 13+ / Ubuntu 24.04+ / RHEL 9+
  • Architecture: x86_64
  • glibc: 2.41+
  • Libraries: libssl3, libcrypto3
  • Privileges: Root/sudo required

Build Information

  • Date: January 2, 2026
  • Rust Version: 1.85.0
  • Target: x86_64-unknown-linux-gnu
  • glibc: 2.41 (Debian Trixie)
  • Profile: Release (optimized)

Features

ostp-server

  • AEAD encryption (ChaCha20-Poly1305)
  • X25519 key exchange
  • TLS mimicry
  • Anti-DPI protection
  • UDP-over-TCP framing
  • Silent PSK validation
  • Anti-debugging protection
  • Auto-enrollment to CDN

oncp-master

  • REST API for node management
  • Node enrollment system (Pending→Approved→Active)
  • CDN steering by country code
  • User billing and quota tracking
  • Dynamic SNI management
  • Real-time dashboard CLI
  • Network statistics
  • SQLite backend

Deployment Scenarios

Standalone Server

Use server.json.example - manual PSK configuration

CDN Network Node

Use server-enrollment.json.example - automatic enrollment with master node

Security Considerations

  1. PSK Protection: Keep PSKs secure, never commit to version control
  2. Firewall: Restrict master node API to known IPs
  3. TLS: Use reverse proxy for API TLS termination
  4. Updates: Keep binaries updated for security patches
  5. Monitoring: Use systemd logs and oncp-master dashboard

Documentation

Full documentation in README.md

Support

Note: ostp-server requires root privileges for TUN device creation and port binding. Anti-debugging protection (ostp-guard) is enabled in release builds.

Reference in New Issue View Git Blame Copy Permalink