MSL Setup Personal (FREE)

Automation scripts and tools for freelancers and personal use.

Getting Started

Quickstart

Personal(FREE) Quickstart

apt update -y
apt install -y git ipcalc jq zip
git clone https://github.com/zelogx/msl-setup.git
cd msl-setup

# Phase 1: Network Setup (check config + SDN setup)
./01_networkSetup.sh en   # Language: en|jp (default en)
MSL Setup Personal network layout

Network Planning

a. MainLan (existing vmbr0): (e.g., 192.168.77.0/24 GW: .254)

The network address of your company or home lab’s Main LAN.

b. Proxmox PVE’s mainlan IP: (e.g., 192.168.77.7)

This becomes the destination IP when adding a static route to the Internet router.

c. vpndmzvn (new): (e.g., 192.168.80.0/24 GW: 192.168.80.1)

Route used by VPN clients to access tenant subnets.

Requires at least a /30 network.

d. Client IP pool: (e.g., 192.168.81.0/24)

Separated for wg and ovpn. e.g. 192.168.81.2–126/25 for OpenVPN, 192.168.81.129–254/25 for WireGuard

e. Number of tenants (number of projects) to create: (e.g., 8)

Minimum is 2, and must be a power of two: 2, 4, 8, 16, etc.

f. Network address assigned to each tenant (vnetpjxx) (new): (e.g., 172.16.16.0/20)

Network segment for each tenant.

g. Pritunl mainlan-side IP: (e.g., 192.168.77.10)

This becomes the destination IP when adding port-forwarding rules on the Internet router.

h. Pritunl vpndmzvn-side IP: (e.g., 192.168.80.2)

Subnet used by VPN clients when they exit toward each tenant’s subnet.

i. UDP ports:

Number of tenants × 2 = (16)

# Manual router configuration is needed
# After manual configuration, proceed to next step
./02_vpnSetup.sh en   # Language: en|jp (default en)

# Phase 3 (Pro Corporate only): RBAC Self-Care Portal Setup
./0203_setupSelfCarePortal.sh en   # Language: en|jp (default en)

# (Optional) Uninstall MSL setup completely
./99_uninstall.sh en   # Language: en|jp (default en)

Features

MSL Setup Personal (FREE) features

AutoPilot

We automate all Basic workflows to perform repeatable builds; router static routes and port-forwarding remain manual. We also provide helpers to build and configure a Pritunl VM and its initial server settings. With these automations, tasks that used to take days can typically be completed in about 10 minutes (excluding router changes).

Scale Tiers

Select the number of isolated projects (e.g. 2, 4, 8, 16). Network addresses, Pritunl VM address, and VPN port numbers are all flexible and configurable to fit your environment.

SafeOps

User-friendly safety: automatically detect network addresses, avoid collisions by proposing non-conflicting addresses, and restore SDN/firewall settings before runs to prevent misconfiguration.

SDN & FW integration

Auto-apply and restore support for Proxmox SDN and firewall settings.

ReachGuard

Automated advanced reachability checker that validates main-router port-forward behavior and verifies Pritunl VM reachability to each isolated network gateway.

NotesKit

Notes-based tools that auto-configure Pritunl server settings (initial Org/Users) and generate network diagrams from host Notes.

EasyConnect

Guides are provided for connecting VMs to each isolated network and for operating VPN access users.

License

Suitable for freelancers and personal isolated environments.