idk/reseed-tools
1
0
Fork 0
Code Issues 4 Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: idk:acme
Branches Tags
idk:master idk:yggdrasil-direct idk:acme idk:make-a-plugin-su3 idk:one-time-links idk:docker idk:RTradeLtd-libp2p
idk:v0.3.4 idk:v0.3.3-5 idk:v0.3.3-4 idk:v0.3.3-3 idk:v0.3.3-2 idk:v0.3.3-1 idk:v0.3.3 idk:v0.3.2 idk:v0.3.1 idk:v0.3.0 idk:v0.2.34 idk:v0.2.33 idk:v0.2.32 idk:v0.2.30 idk:v0.2.13 idk:v0.2.11 idk:v0.2.10 idk:v0.2.9 idk:v0.2.8 idk:v0.2.7 idk:v0.2.6 idk:v0.2.5 idk:v0.2.4 idk:v0.2.3 idk:v0.2.2 idk:v0.2.1 idk:v0.2.0 idk:v0.1.9 idk:v0.0.9 idk:v0.0.8 idk:v0.0.7 idk:v0.0.6 idk:v0.0.5 idk:v0.0.4 idk:v0.0.3 idk:v0.0.2 idk:v0.0.1
...
compare: idk:v0.2.34
Branches Tags
idk:master idk:yggdrasil-direct idk:acme idk:make-a-plugin-su3 idk:one-time-links idk:docker idk:RTradeLtd-libp2p
idk:v0.3.4 idk:v0.3.3-5 idk:v0.3.3-4 idk:v0.3.3-3 idk:v0.3.3-2 idk:v0.3.3-1 idk:v0.3.3 idk:v0.3.2 idk:v0.3.1 idk:v0.3.0 idk:v0.2.34 idk:v0.2.33 idk:v0.2.32 idk:v0.2.30 idk:v0.2.13 idk:v0.2.11 idk:v0.2.10 idk:v0.2.9 idk:v0.2.8 idk:v0.2.7 idk:v0.2.6 idk:v0.2.5 idk:v0.2.4 idk:v0.2.3 idk:v0.2.2 idk:v0.2.1 idk:v0.2.0 idk:v0.1.9 idk:v0.0.9 idk:v0.0.8 idk:v0.0.7 idk:v0.0.6 idk:v0.0.5 idk:v0.0.4 idk:v0.0.3 idk:v0.0.2 idk:v0.0.1

182 Commits
acme ... v0.2.34

Author SHA1 Message Date
eyedeekay
a63463321a Update gothub to github-release 2024-06-25 12:25:39 -04:00
eyedeekay
3af2c1dfaa Update for release 2024-06-25 12:22:35 -04:00
eyedeekay
66311b9951 Bump version 2024-06-25 12:20:33 -04:00
eyedeekay
547e168bb9 Update gitignore 2024-06-25 12:20:03 -04:00
eyedeekay
e208f52e50 update the dependencies 2024-06-25 12:19:05 -04:00
eyedeekay
dff0057eb9 Eliminate superfluous logging, clarify important logging 2024-06-25 11:41:11 -04:00
eyedeekay
06c2d61577 Enable more sophisticated RI selection 2024-06-24 22:27:28 -04:00
eyedeekay
8beaf13dec ditch libp2p support 2024-05-28 20:25:58 -04:00
eyedeekay
b267cfa928 Start parsing the whole RouterInfo into a useful struct for processing prior to entry in a resed bundle. Uses go-i2p as an import, that's a cool milestone :). 2024-05-28 14:41:57 -04:00
idk
6c95b64750 Add support for generating binary debs to non-amd64 packages 2023-01-29 22:39:16 +00:00
idk
f89dd04d13 fix makefile 2023-01-28 01:42:44 +00:00
idk
7b5270eb70 don't forget to rate-limit the new ping feature, once per 24 hours 2023-01-28 01:37:44 +00:00
idk
1f31b5551b fix makefile 2023-01-28 00:56:08 +00:00
idk
fbeb8c43b3 Fix makefile 2023-01-28 00:51:16 +00:00
idk
15681930fa Fixes version, adds features to changelog 2023-01-28 00:44:09 +00:00
idk
b34b866cec enable configuration of reseed friends who we can poll for upness. Fix some bugs in that whole process so it works better. 2023-01-28 00:33:01 +00:00
idk
d01fdd5911 enable configuration of reseed friends who we can poll for upness. Fix some bugs in that whole process so it works better. 2023-01-28 00:30:43 +00:00
idk
1563e66dd5 embed the content in the binary and unpack it if content is not available 2023-01-27 22:36:17 +00:00
idk
2a676d60eb tidy go modules 2023-01-25 04:14:48 +00:00
idk
a339a6ab35 start proxy instructions 2023-01-05 19:34:09 +00:00
idk
b6ace31668 Always serve script.js and style.css files to homepage no matter what directory homepage is served from 2023-01-05 17:20:53 +00:00
idk
94ba4191ca page generation update for: 2023-01-04 21:21:49.831813802 +0000 UTC m=+8.267718413 2023-01-04 21:21:49 +00:00
idk
09e2f36bea page generation update for: 2023-01-04 21:15:13.799753279 +0000 UTC m=+8.224601059 2023-01-04 21:15:13 +00:00
idk
4aaa95cdb0 page generation update for: 2023-01-04 21:09:45.524495241 +0000 UTC m=+8.184625253 2023-01-04 21:09:45 +00:00
idk
92dc4dba3d page generation update for: 2023-01-04 21:06:08.741639263 +0000 UTC m=+8.552234763 2023-01-04 21:06:08 +00:00
idk
3a54f075fd page generation update for: 2023-01-04 21:04:52.629922613 +0000 UTC m=+8.286383654 2023-01-04 21:04:52 +00:00
idk
4136cfb7be update service config docs 2023-01-04 21:04:44 +00:00
idk
5ab8bc07b1 page generation update for: 2023-01-04 20:59:59.360506363 +0000 UTC m=+7.706706616 2023-01-04 20:59:59 +00:00
idk
8c369acad2 page generation update for: 2023-01-04 20:59:45.165185867 +0000 UTC m=+8.041414454 2023-01-04 20:59:45 +00:00
idk
b25f2b65c9 page generation update for: 2023-01-04 20:54:55.956720379 +0000 UTC m=+7.520331386 2023-01-04 20:54:56 +00:00
idk
6b31cdac25 page generation update for: 2023-01-04 20:05:15.935774085 +0000 UTC m=+6.635887628 2023-01-04 20:05:16 +00:00
idk
0f6c289409 page generation update for: 2023-01-04 19:45:01.909517175 +0000 UTC m=+7.394937180 2023-01-04 19:45:02 +00:00
idk
b7cff2d050 update README.md in docs to guide people through debian setup 2023-01-04 19:44:48 +00:00
idk
f29c5b3590 update to urfave/cli v3 2023-01-04 17:26:14 +00:00
idk
ec7b186718 page generation update for: 2023-01-04 16:43:02.600167041 +0000 UTC m=+6.042692734 2023-01-04 16:43:02 +00:00
idk
9df9b988f3 update some docs 2023-01-04 16:42:54 +00:00
idk
aeb54da5de page generation update for: 2023-01-04 05:46:12.685084935 +0000 UTC m=+5.978859660 2023-01-04 05:46:12 +00:00
idk
749647487a page generation update for: 2023-01-04 05:44:41.752725693 +0000 UTC m=+5.782093600 2023-01-04 05:44:41 +00:00
idk
aaa65f3d03 page generation update for: 2023-01-04 05:35:14.994024992 +0000 UTC m=+4.924969117 2023-01-04 05:35:15 +00:00
idk
baec0780c9 move files 2023-01-04 05:35:08 +00:00
idk
634f84b575 move docs to own directory 2023-01-04 05:34:29 +00:00
idk
e94e17701c start debian install guide 2023-01-04 05:24:56 +00:00
idk
c4f606a775 page generation update for: 2023-01-04 05:23:35.407028361 +0000 UTC m=+3.597643958 2023-01-04 05:23:35 +00:00
idk
9c919297b7 fix systemd service 2023-01-04 05:16:16 +00:00
idk
7e875acae7 fix systemd service 2023-01-04 03:46:35 +00:00
idk
4ff9439ffb fix systemd service 2023-01-04 03:41:37 +00:00
idk
fa142b976f fix systemd service 2023-01-04 03:37:32 +00:00
idk
77e5e43b0f move systemd unit directory 2023-01-04 03:19:51 +00:00
idk
b70a66501c move systemd unit directory 2023-01-04 03:18:46 +00:00
idk
18320ecd4b move systemd unit directory 2023-01-04 03:18:13 +00:00
idk
99158347ad add postremove-pak 2023-01-04 00:14:22 +00:00
idk
b5ee7e0b52 enable systemd unit in postinstall script 2023-01-04 00:09:35 +00:00
idk
3832a15848 delete init.d scripts in systemd systems 2023-01-03 23:26:16 +00:00
idk
ea68dfc33b delete init.d scripts in systemd systems 2023-01-03 23:17:12 +00:00
idk
ba06de9375 fix erroneous trustProxy statement 2022-12-06 00:48:45 +00:00
idk
8855a42802 add options to adjust rate-limiting 2022-12-02 18:47:52 +00:00
idk
6f6f3d718c accept custom keystore directories when verifying bundles. 2022-08-02 15:23:13 -04:00
idk
79a15087ad switch i2pkeys libraries 2022-08-01 16:08:56 -04:00
idk
4f29f5c941 update EXAMPLES.html 2022-07-31 19:00:52 -04:00
idk
c801e530a8 update DOCKER.html 2022-07-31 19:00:49 -04:00
idk
c9c67104d6 update CHANGELOG.html 2022-07-31 19:00:45 -04:00
idk
fdea0eeab0 update index.html 2022-07-31 19:00:42 -04:00
idk
24c6ff88dd bulk release update 2022-04-11 11:10:34 -04:00
idk
8da5f98b0c bulk release update 2022-04-01 19:06:27 -04:00
idk
416399e78f bulk release update 2022-04-01 17:39:27 -04:00
idk
80cde5f300 switch to wget-ds to download su3 files 2022-03-29 01:42:56 -04:00
idk
3413faf5c9 comment out shellservice copy line it's not required anymore 2022-03-25 23:19:31 -04:00
idk
eb5d4f5cce expand go-i2pd stup just slightly to trigger yet another runner build 2022-02-14 01:04:04 -05:00
idk
60d2f906d2 add i2pd.go stub, trying to see if a non-retry CI build uses the correct domain 2022-02-14 00:52:14 -05:00
idk
fac4d0147f Adds an arbitrary line to the readme to trigger the gitlab runner 2022-02-13 02:24:16 -05:00
idk
c2d32d78f0 <div><p> around reseed server status paragraph 2022-02-07 12:00:15 -05:00
idk
e95797eca1 Only display ping stats from the current date 2022-02-07 11:46:44 -05:00
idk
2db015addb Adds the ability to monitor other reseed servers from the reseed server 2022-02-05 11:43:20 -05:00
idk
d8289a4834 eliminate some superfluous logging 2022-02-04 19:29:50 -05:00
idk
59431496db Adds the ability to monitor other reseed servers from the reseed server 2022-02-04 18:57:31 -05:00
idk
7fefd783b2 trim newlines from default keynames 2022-01-31 19:33:44 -05:00
idk
69ef8a0344 limit poster width 2022-01-05 12:27:59 -05:00
idk
f74f7f8c98 fix status in initscript, add --background to initscript 2022-01-05 12:22:42 -05:00
idk
421bba5f03 poster on readme 2022-01-05 12:18:58 -05:00
idk
7689fb1321 poster on readme 2022-01-05 12:18:45 -05:00
idk
04c94cd2ba changelog and version 2021-12-16 14:44:34 -05:00
idk
64b79e0f82 include license in the plugin package 2021-12-16 14:42:23 -05:00
idk
5e5c9c0d2f Allow configuration of the signer email with a file 2021-12-14 22:44:52 -05:00
idk
3088a5b6d0 Allow configuration of the signer email with a file 2021-12-14 22:26:47 -05:00
idk
3859e539c5 fail when signer==you@mail.i2p 2021-12-14 22:12:05 -05:00
idk
6249b3f41e bump, update changelog, re-release 2021-12-14 19:13:57 -05:00
idk
8ed93440a4 Add index 2021-12-14 17:45:07 -05:00
idk
bd4f7d746d Re-enable autostart but delay it by 24hrs. For some reason permissions are not set correctly if autostart isn't set 2021-12-14 17:23:55 -05:00
idk
d7bf080c43 version bump 2021-12-14 16:24:34 -05:00
idk
acaf528e9b 0.2.8 bump 2021-12-13 10:22:04 -05:00
idk
98293c4ded Don't autostart the reseed server, use an HTTPS link on the router console homepage 2021-12-13 10:21:20 -05:00
idk
c9c938911d Don't rm su3's anymore 2021-12-12 00:04:09 -05:00
idk
7b27889b3b bump version 2021-12-11 21:01:00 -05:00
idk
a8b0285358 bump version 2021-12-09 17:54:37 -05:00
idk
a734aef44b bump version 2021-12-09 17:52:52 -05:00
idk
3cdda753f2 trustProxy should disable TLS 2021-12-09 17:47:51 -05:00
idk
1bddf97144 don't generate certs if --trustProxy is passed 2021-12-09 17:19:15 -05:00
idk
e07fffd966 don't generate certs if --trustProxy is passed 2021-12-09 17:08:26 -05:00
idk
ca652b3ecd Forcibly disable CGO in make targets 2021-12-09 16:27:19 -05:00
idk
2c0f017eb0 change directory in docker entry script 2021-12-09 16:02:18 -05:00
idk
78caae5ac0 Update dockerignore 2021-12-08 17:20:48 -05:00
idk
82252bc50d Nope 2021-12-08 17:13:23 -05:00
idk
7ac0b1d9a1 Try new CSS on homepage 2021-12-08 17:12:21 -05:00
idk
573a2d900c Try new CSS on homepage 2021-12-08 17:10:56 -05:00
idk
9e4aa1ca50 Enable initial machine translations of languages 2021-12-08 16:44:27 -05:00
idk
3491bbc9dc Add initial machine translations of languages 2021-12-08 15:54:15 -05:00
idk
045b11ce3b Remove colons 2021-12-08 14:53:37 -05:00
idk
492e0e2bbf Remove colons 2021-12-08 14:52:19 -05:00
idk
21cea69829 increase top margins 2021-12-08 14:44:27 -05:00
idk
1cb8a524ba increase top margins 2021-12-08 14:40:50 -05:00
idk
7ca050375f Change button text 2021-12-08 14:37:21 -05:00
idk
45605da257 Update CSS 2021-12-08 14:30:40 -05:00
idk
3f37746aed Update poster 2021-12-08 14:14:05 -05:00
idk
aa1948d04f Update default icon. Closes #5 2021-12-08 12:42:17 -05:00
idk
a41291ec20 Update default copy. Closes #6 2021-12-08 12:40:03 -05:00
idk
2cfa5fda1e bump versio 2021-12-08 12:21:39 -05:00
idk
e6ed4250e2 remove .link-button css 2021-12-08 12:11:07 -05:00
idk
49e6d184c1 gofmt 2021-12-08 12:01:59 -05:00
idk
63cd3e5189 updates to css credit @shoalsteed 2021-12-08 11:30:47 -05:00
idk
645d80cc7c updates to css credit @shoalsteed 2021-12-08 00:03:15 -05:00
idk
b3cdb618a6 fix --chuid in start-stop-daemon 2021-12-06 23:16:17 -05:00
idk
3f5922db47 fix --pidfile in start-stop-daemon 2021-12-06 23:00:29 -05:00
idk
8eb780f6a0 update go modules 2021-12-06 20:16:02 -05:00
idk
9611dfee04 update go modules 2021-12-06 20:15:35 -05:00
idk
11b64d04eb Version upgrade will only affect Windows users, it forces the use of the .exe file extension in clients.config 2021-12-05 23:28:14 -05:00
idk
eaa091971e install content directory on Debian services 2021-12-05 20:09:42 -05:00
idk
1203fbbc53 install content directory on Debian services 2021-12-05 19:23:48 -05:00
idk
104b5d7486 add -N flag to wget command 2021-12-05 04:16:37 -05:00
idk
716c56967c Ignore if there are no su3s in site build 2021-12-05 04:08:28 -05:00
idk
d1d2721e36 ShellService=>CorrectedShellService 2021-12-04 16:16:06 -05:00
idk
a46870bb72 ShellService=>CorrectedShellService 2021-12-04 16:13:35 -05:00
idk
797165ad8b Scale down the website image to make something more passable as an icon while I figure out an icon 2021-12-04 15:45:24 -05:00
idk
3366f0ffdc Re-bump 2021-12-04 13:59:04 -05:00
idk
2d3f1a540d Regenerate homepage with plugin URLS, which should be live in 2 hours 2021-12-04 12:06:22 -05:00
idk
710a1faac2 Switch to wget for downloading the plugins back 2021-12-04 11:50:26 -05:00
idk
99ae995fa0 Bump down version in Makefile to test page builder 2021-12-04 11:46:49 -05:00
idk
76b5e6b2e8 Remove example clutter from readme 2021-12-04 11:31:50 -05:00
idk
1acf807a13 Give it a page, add the page to my site 2021-12-04 11:25:05 -05:00
idk
9a7353a6e8 Use one from my build directory instead so I can check out a tag and build from it. 2021-12-04 11:09:53 -05:00
idk
166f62cbe3 include an updated i2p.jar file inside the plugin libdir 2021-12-04 11:05:02 -05:00
idk
7188a28ebd Bump version 2021-12-04 01:30:18 -05:00
idk
231c9f07bd Bump version 2021-12-04 01:29:20 -05:00
idk
5abecda122 Auto-detect hostname 2021-12-04 01:28:08 -05:00
idk
48ee44606a fine-tune the release engineering 2021-12-04 00:26:36 -05:00
idk
5107f25aa5 Add sums to release labels 2021-12-04 00:16:50 -05:00
idk
6b847ca8b3 Add release target 2021-12-04 00:13:43 -05:00
idk
bb7dff6890 Add release target 2021-12-04 00:13:24 -05:00
idk
d86a60af37 Add release target 2021-12-04 00:13:09 -05:00
idk
6a1365956b More tweaks 2021-12-04 00:11:10 -05:00
idk
06ebccb4ee More tweaks 2021-12-04 00:10:38 -05:00
idk
07b4e1fb53 Add a description pak 2021-12-03 23:59:00 -05:00
idk
683dbc85fc Add a postinstall script 2021-12-03 23:56:32 -05:00
idk
5ecc79b054 Re-Remove --trustProxy from plugin defaults. Add content resources to plugin directory. 2021-12-03 23:24:53 -05:00
idk
c607bb9fd3 Re-Remove --trustProxy from plugin defaults. Add content resources to plugin directory. 2021-12-03 23:16:54 -05:00
idk
8e89742f4a Change command 2021-12-03 22:51:53 -05:00
idk
3776c09db5 Fix plugin builder target 2021-12-03 18:07:05 -05:00
idk
0f5a04da1b Fix plugin builder target 2021-12-03 17:50:45 -05:00
idk
0dd22d990a move all binaries sections 2021-12-03 17:38:01 -05:00
idk
8c8ba765cd make it possible to create a fake deb which auto-configures the reseed 2021-12-03 17:23:44 -05:00
idk
c7ac947d70 Fix make install target, add checkinstall target 2021-12-03 17:19:16 -05:00
idk
d6c67830f9 readme fixups 2021-12-03 17:01:39 -05:00
idk
d6354e2bc2 reseed-tools/reseed-tools reseed 2021-12-03 16:32:39 -05:00
idk
8b7ba5a4a5 make install should create runtime directory too 2021-12-03 16:23:29 -05:00
idk
ac8a6dbe91 Make systemd create RuntimeDirectory, add plugin icon, add make convenience targets 2021-12-03 16:18:48 -05:00
idk
f33d1592c8 Generate plugins for every platform 2021-12-03 15:26:51 -05:00
idk
641eb5dfa4 Use environment variables in initsystem launch to configure email. Will fail by default if an email is not configured. 2021-12-03 14:41:49 -05:00
idk
694b2a67c0 Allow setting email using environment variables 2021-12-03 14:14:33 -05:00
idk
ca2fd4873a Auto-fill path to netDB based on platform details 2021-12-03 13:59:40 -05:00
idk
4f39a50ce6 add initscript and systemd services to readme 2021-12-03 00:35:12 -05:00
idk
2f067908ba take out littleboss remnants, rewrite initscript to use start-stop-daemon 2021-12-01 16:28:52 -05:00
idk
2a286e1383 Fix path in systemd service unit 2021-12-01 11:54:41 -05:00
idk
65a150c5b2 Add a systemd service, part of #4 2021-12-01 11:51:01 -05:00
idk
d9efd86c21 Add note about debian username/netDb directory 2021-11-28 12:13:18 -05:00
idk
054a28c22a update build/install instructions 2021-11-28 12:03:22 -05:00
idk
8775895d20 Upload release binaries to github, add build dependencies to README.md 2021-11-28 11:27:45 -05:00
idk
a8d6b05fb9 Update Dockerfile 2021-08-20 12:42:50 -04:00
idk
d79ea5d92f Bump version and re-release, repos were out of sync 2021-08-19 19:56:21 -04:00
idk
77c7e6c08c produce a windows executable as well 2021-08-17 19:38:49 -04:00
idk
36783b4587 make it build unmanaged plugins so that you can run a reseed server from a desktop I2P installation. Defaults to hosting both an .onion and .i2p service for now, even though the .i2p service is arguably useless, because it's much easier to test. In the future I will either need to disable .onion or embed libtor so that there is a Tor SOCKSPort and Control Port to connect to 2021-08-17 19:25:29 -04:00
idk
71e6743206 make it build unmanaged plugins so that you can run a reseed server from a desktop I2P installation. Defaults to hosting both an .onion and .i2p service for now, even though the .i2p service is arguably useless, because it's much easier to test. In the future I will either need to disable .onion or embed libtor so that there is a Tor SOCKSPort and Control Port to connect to 2021-08-17 19:24:08 -04:00
idk
33cdebd325 Merge branch 'acme' into 'master' 
Adds support for generating certificates using Let's Encrypt or other ACME providers

See merge request idk/reseed-tools!5
 2021-08-17 22:40:14 +00:00
idk
86a183c9fa add missing update types to su3.go 2021-07-01 21:00:53 -04:00
73 changed files with 4310 additions and 923 deletions
Expand all files Collapse all files

15
.dockerignore
View File

@@ -6,3 +6,18 @@
# CI cache folder storing docker images # CI cache folder storing docker images
ci-exports ci-exports
/i2p-tools
/cert.pem
/key.pem
/_netdb
i2pseeds.su3
*.pem
onion.key
tmp/
i2p-tools-*
*.crl
*.crt
*.pem
plugin
reseed-tools*
data-dir*

7
.gitignore vendored
View File

@@ -7,3 +7,10 @@ i2pseeds.su3
onion.key onion.key
tmp/ tmp/
i2p-tools-* i2p-tools-*
*.crl
*.crt
*.pem
plugin
reseed-tools*
data-dir*
audit.json

0
content/script.js → .nojekyll
View File

2
.vscode/settings.json vendored
View File

@@ -11,7 +11,7 @@
"editor.snippetSuggestions": "none", "editor.snippetSuggestions": "none",
"editor.formatOnSave": true, "editor.formatOnSave": true,
"editor.codeActionsOnSave": { "editor.codeActionsOnSave": {
"source.organizeImports": true "source.organizeImports": "explicit"
}, },
}, },
"gopls": { "gopls": {

215
CHANGELOG.html Normal file
View File

@@ -0,0 +1,215 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="CHANGELOG.html">
CHANGELOG
</a>
</li>
<li>
<a href="content/index.html">
content/index.html
</a>
</li>
<li>
<a href="docs/index.html">
docs/index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="docs/DEBIAN.html">
docs/DEBIAN
</a>
</li>
<li>
<a href="docs/DOCKER.html">
docs/DOCKER
</a>
</li>
<li>
<a href="docs/EXAMPLES.html">
docs/EXAMPLES
</a>
</li>
<li>
<a href="docs/PLUGIN.html">
docs/PLUGIN
</a>
</li>
<li>
<a href="docs/index.html">
docs/index
</a>
</li>
<li>
<a href="docs/SERVICES.html">
docs/SERVICES
</a>
</li>
<li>
<a href="docs/TLS.html">
docs/TLS
</a>
</li>
<li>
<a href="docs/index.html">
docs/index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<p>
2021-12-16
* app.Version = &ldquo;0.2.11&rdquo;
* include license file in plugin
</p>
<p>
2021-12-14
* app.Version = &ldquo;0.2.10&rdquo;
* restart changelog
* fix websiteURL in plugin.config
</p>
<p>
2019-04-21
* app.Version = &ldquo;0.1.7&rdquo;
* enabling TLS 1.3
<em>
only
</em>
</p>
<p>
2016-12-21
* deactivating previous random time delta, makes only sense when patching ri too
* app.Version = &ldquo;0.1.6&rdquo;
</p>
<p>
2016-10-09
* seed the math random generator with time.Now().UnixNano()
* added 6h+6h random time delta at su3-age to increase anonymity
* app.Version = &ldquo;0.1.5&rdquo;
</p>
<p>
2016-05-15
* README.md updated
* allowed routerInfos age increased from 96 to 192 hours
* app.Version = &ldquo;0.1.4&rdquo;
</p>
<p>
2016-03-05
* app.Version = &ldquo;0.1.3&rdquo;
* CRL creation added
</p>
<p>
2016-01-31
* allowed TLS ciphers updated (hardened)
* TLS certificate generation: RSA 4096 &ndash;&gt; ECDSAWithSHA512 384bit secp384r1
* ECDHE handshake: only CurveP384 + CurveP521, default CurveP256 removed
* TLS certificate valid: 2y &ndash;&gt; 5y
* throttled.PerDay(4) &ndash;&gt; PerHour(4), to enable limited testing
* su3 RebuildInterval: 24h &ndash;&gt; 90h, higher anonymity for the running i2p-router
* numRi per su3 file: 75 &ndash;&gt; 77
</p>
<p>
2016-01
* fork from
<a href="https://i2pgit.org/idk/reseed-tools">
https://i2pgit.org/idk/reseed-tools
</a>
</p>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

29
CHANGELOG.md
View File

@@ -1,3 +1,32 @@
2024-06-25
* app.Version = 2.4
* Remove dependency on libp2p
* Use go-i2p to parse RouterInfos prior to inclusion in reseed bundles, exclude less-useful RIs
2023-01-27
* app.Version = "0.2.32"
* This changelog has been inadequately updated.
* At this time, there have been features added.
* All flags but signer will be filled in with default values or left unused.
* signer may be configured with an environment variable.
* A fake homepage is served when a user-agent does not match eepget.
* Static resources have been embedded in the binary to support the homepage.
* ACME support has been added.
* Support for operating an `.onion` service has been added.
* Support for operating an in-network(`.b32.i2p`) interface to the reseed has been added.
* Reseed servers can monitor eachother on a rate-limited basis.
* Support has been added for running as an I2P plugin.
* Limited support has been added for Debian packages.
2021-12-16
* app.Version = "0.2.11"
* include license file in plugin
2021-12-14
* app.Version = "0.2.10"
* restart changelog
* fix websiteURL in plugin.config
2019-04-21 2019-04-21
* app.Version = "0.1.7" * app.Version = "0.1.7"
* enabling TLS 1.3 *only* * enabling TLS 1.3 *only*

4
Dockerfile
View File

@@ -5,10 +5,10 @@ COPY . /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools
WORKDIR /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools WORKDIR /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools
RUN apt-get update && \ RUN apt-get update && \
apt-get dist-upgrade -y && \ apt-get dist-upgrade -y && \
apt-get install -y git golang-1.13-go make && \ apt-get install -y git golang-go make && \
mkdir -p /var/lib/i2p/i2p-config/reseed && \ mkdir -p /var/lib/i2p/i2p-config/reseed && \
chown -R $I2P_UID:$I2P_GID /var/lib/i2p && chmod -R o+rwx /var/lib/i2p chown -R $I2P_UID:$I2P_GID /var/lib/i2p && chmod -R o+rwx /var/lib/i2p
RUN /usr/lib/go-1.13/bin/go build -v -tags netgo -ldflags '-w -extldflags "-static"' RUN go build -v -tags netgo -ldflags '-w -extldflags "-static"'
USER $I2P_UID USER $I2P_UID
WORKDIR /var/lib/i2p/i2p-config/reseed WORKDIR /var/lib/i2p/i2p-config/reseed
ENTRYPOINT [ "/var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/entrypoint.sh" ] ENTRYPOINT [ "/var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/entrypoint.sh" ]

236
Makefile
View File

@@ -1,7 +1,11 @@
VERSION=0.0.6 VERSION=0.2.34
APP=i2p-tools-1 APP=reseed-tools
USER_GH=eyedeekay USER_GH=eyedeekay
CGO_ENABLED=0
export CGO_ENABLED=0
PLUGIN_PORT=7671
export PLUGIN_PORT=7671
GOOS?=$(shell uname -s | tr A-Z a-z) GOOS?=$(shell uname -s | tr A-Z a-z)
GOARCH?="amd64" GOARCH?="amd64"
@@ -9,7 +13,7 @@ GOARCH?="amd64"
ARG=-v -tags netgo -ldflags '-w -extldflags "-static"' ARG=-v -tags netgo -ldflags '-w -extldflags "-static"'
#MIN_GO_VERSION=`ls /usr/lib/go-1.14 2>/dev/null >/dev/null && echo 1.14` #MIN_GO_VERSION=`ls /usr/lib/go-1.14 2>/dev/null >/dev/null && echo 1.14`
MIN_GO_VERSION?=1.15 MIN_GO_VERSION?=1.16
I2P_UID=$(shell id -u i2psvc) I2P_UID=$(shell id -u i2psvc)
I2P_GID=$(shell id -g i2psvc) I2P_GID=$(shell id -g i2psvc)
@@ -19,47 +23,70 @@ WHOAMI=$(shell whoami)
echo: echo:
@echo "type make version to do release $(APP) $(VERSION) $(GOOS) $(GOARCH) $(MIN_GO_VERSION) $(I2P_UID) $(I2P_GID)" @echo "type make version to do release $(APP) $(VERSION) $(GOOS) $(GOARCH) $(MIN_GO_VERSION) $(I2P_UID) $(I2P_GID)"
version: index:
cat README.md | gothub release -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d - edgar
edit: build:
cat README.md | gothub edit -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d - go build $(ARG) -o reseed-tools-$(GOOS)-$(GOARCH)
upload: binary tar 1.15-build: gofmt
gothub upload -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -f ../i2p-tools.tar.xz -n "i2p-tools.tar.xz" /usr/lib/go-$(MIN_GO_VERSION)/bin/go build $(ARG) -o reseed-tools-$(GOOS)-$(GOARCH)
build: gofmt
/usr/lib/go-$(MIN_GO_VERSION)/bin/go build $(ARG) -o i2p-tools-$(GOOS)-$(GOARCH)
clean: clean:
rm i2p-tools-* *.key *.i2pKeys *.crt *.crl *.pem tmp -rf rm reseed-tools-* tmp -rfv *.deb plugin reseed-tools
binary:
GOOS=darwin GOARCH=amd64 make build
GOOS=linux GOARCH=386 make build
GOOS=linux GOARCH=amd64 make build
GOOS=linux GOARCH=arm make build
GOOS=linux GOARCH=arm64 make build
GOOS=openbsd GOARCH=amd64 make build
GOOS=freebsd GOARCH=386 make build
GOOS=freebsd GOARCH=amd64 make build
tar: tar:
tar --exclude="./.git" --exclude="./tmp" -cvf ../i2p-tools.tar.xz . tar --exclude="./.git" --exclude="./tmp" --exclude=".vscode" --exclude="./*.pem" --exclude="./*.crl" --exclude="./*.crt" -cvf ../reseed-tools.tar.xz .
install: install:
install -m755 i2p-tools-$(GOOS)-$(GOARCH) /usr/local/bin/i2p-tools install -m755 reseed-tools-$(GOOS)-$(GOARCH) /usr/bin/reseed-tools
install -m644 etc/default/reseed /etc/default/reseed
install -m755 etc/init.d/reseed /etc/init.d/reseed install -m755 etc/init.d/reseed /etc/init.d/reseed
mkdir -p /etc/systemd/system/reseed.service.d/
mkdir -p /var/lib/i2p/
mkdir -p /var/lib/i2p/i2p-config/reseed/
install -g i2psvc -o i2psvc -d /var/lib/i2p/i2p-config/reseed/
cp -r reseed/content /var/lib/i2p/i2p-config/reseed/content
chown -R i2psvc:i2psvc /var/lib/i2p/i2p-config/reseed/
install -m644 etc/systemd/system/reseed.service.d/override.conf /etc/systemd/system/reseed.service.d/override.conf
install -m644 etc/systemd/system/reseed.service /etc/systemd/system/reseed.service
uninstall:
rm /usr/bin/reseed-tools
rm /etc/default/reseed
rm /etc/init.d/reseed
rm /etc/systemd/system/reseed.service.d/reseed.conf
rm /etc/systemd/system/reseed.service
rm -rf /var/lib/i2p/i2p-config/reseed/
checkinstall: build
fakeroot checkinstall \
--arch=$(GOARCH) \
--default \
--install=no \
--fstrans=yes \
--pkgname=reseed-tools \
--pkgversion=$(VERSION) \
--pkggroup=net \
--pkgrelease=1 \
--pkgsource="https://i2pgit.org/idk/reseed-tools" \
--maintainer="$(SIGNER)" \
--requires="i2p,i2p-router" \
--suggests="i2p,i2p-router,syndie,tor,tsocks" \
--nodoc \
--deldoc=yes \
--deldesc=yes \
--backup=no
### You shouldn't need to use these now that the go mod require rule is fixed, ### You shouldn't need to use these now that the go mod require rule is fixed,
## but I'm leaving them in here because it made it easier to test that both ## but I'm leaving them in here because it made it easier to test that both
## versions behaved the same way. -idk ## versions behaved the same way. -idk
build-fork: build-fork:
/usr/lib/go-$(MIN_GO_VERSION)/bin/go build -o i2p-tools-idk /usr/lib/go-$(MIN_GO_VERSION)/bin/go build -o reseed-tools-idk
build-unfork: build-unfork:
/usr/lib/go-$(MIN_GO_VERSION)/bin/go build -o i2p-tools-md /usr/lib/go-$(MIN_GO_VERSION)/bin/go build -o reseed-tools-md
fork: fork:
sed -i 's|idk/reseed-tools|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go sed -i 's|idk/reseed-tools|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go
@@ -67,7 +94,7 @@ fork:
unfork: unfork:
sed -i 's|idk/reseed-tools|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go sed -i 's|idk/reseed-tools|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go
sed -i 's|RTradeLtd/i2p-tools-1|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go sed -i 's|RTradeLtd/reseed-tools|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go
make gofmt build-unfork make gofmt build-unfork
gofmt: gofmt:
@@ -76,18 +103,18 @@ gofmt:
try: try:
mkdir -p tmp && \ mkdir -p tmp && \
cd tmp && \ cd tmp && \
../i2p-tools-$(GOOS)-$(GOARCH) reseed --signer=you@mail.i2p --netdb=/home/idk/.i2p/netDb --tlsHost=your-domain.tld --onion --p2p --i2p --littleboss=start ../reseed-tools-$(GOOS)-$(GOARCH) reseed --signer=you@mail.i2p --netdb=/home/idk/.i2p/netDb --tlsHost=your-domain.tld --onion --p2p --i2p
stop: stop:
mkdir -p tmp && \ mkdir -p tmp && \
cd tmp && \ cd tmp && \
../i2p-tools-$(GOOS)-$(GOARCH) reseed --signer=you@mail.i2p --netdb=/home/idk/.i2p/netDb --tlsHost=your-domain.tld --onion --p2p --i2p --littleboss=stop ../reseed-tools-$(GOOS)-$(GOARCH) reseed --signer=you@mail.i2p --netdb=/home/idk/.i2p/netDb --tlsHost=your-domain.tld --onion --p2p --i2p
docker: docker:
docker build -t eyedeekay/reseed . docker build -t eyedeekay/reseed .
docker-push: docker docker-push: docker
docker push --disable-content-trust false eyedeekay/reseed:$(VERSION) docker push --disable-content-trust=false eyedeekay/reseed:$(VERSION)
users: users:
docker run --rm eyedeekay/reseed cat /etc/passwd docker run --rm eyedeekay/reseed cat /etc/passwd
@@ -109,7 +136,7 @@ docker-server:
--publish 8443:8443 \ --publish 8443:8443 \
--restart=always \ --restart=always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \ --volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keyss:/var/lib/i2p/i2p-config/reseed \ --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \ eyedeekay/reseed \
--signer=hankhill19580@gmail.com --signer=hankhill19580@gmail.com
docker logs -f reseed docker logs -f reseed
@@ -147,3 +174,148 @@ jar: gojava
echo $(JAVA_HOME) echo $(JAVA_HOME)
./gojava -v -o reseed.jar -s . build ./reseed ./gojava -v -o reseed.jar -s . build ./reseed
release: version upload debs upload-deps plugins upload-bin
version:
head -n 5 README.md | github-release release -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -; true
delete-version:
github-release delete -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION)
edit:
cat README.md | github-release edit -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -
upload: tar
github-release upload -R -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -f ../reseed-tools.tar.xz -n "reseed-tools.tar.xz"
binary:
##export GOOS=darwin; export GOARCH=amd64; make build
###export GOOS=darwin; export GOARCH=arm64; make build
export GOOS=linux; export GOARCH=amd64; make build
export GOOS=linux; export GOARCH=386; make build
export GOOS=linux; export GOARCH=arm; make build
export GOOS=linux; export GOARCH=arm64; make build
export GOOS=openbsd; export GOARCH=amd64; make build
export GOOS=freebsd; export GOARCH=386; make build
export GOOS=freebsd; export GOARCH=amd64; make build
export GOOS=windows; export GOARCH=amd64; make build
export GOOS=windows; export GOARCH=386; make build
plugins:
#export GOOS=darwin; export GOARCH=amd64; make su3s
#export GOOS=darwin; export GOARCH=arm64; make su3s
export GOOS=linux; export GOARCH=amd64; make su3s
export GOOS=linux; export GOARCH=386; make su3s
export GOOS=linux; export GOARCH=arm; make su3s
export GOOS=linux; export GOARCH=arm64; make su3s
export GOOS=openbsd; export GOARCH=amd64; make su3s
export GOOS=freebsd; export GOARCH=386; make su3s
export GOOS=freebsd; export GOARCH=amd64; make su3s
export GOOS=windows; export GOARCH=amd64; make su3s
export GOOS=windows; export GOARCH=386; make su3s
debs:
export GOOS=linux; export GOARCH=amd64; make build checkinstall
export GOOS=linux; export GOARCH=386; make build checkinstall
export GOOS=linux; export GOARCH=arm; make build checkinstall
export GOOS=linux; export GOARCH=arm64; make build checkinstall
upload-debs:
export GOOS=linux; export GOARCH=386; make upload-single-su3
export GOOS=linux; export GOARCH=amd64; make upload-single-su3
export GOOS=linux; export GOARCH=arm; make upload-single-su3
export GOOS=linux; export GOARCH=arm64; make upload-single-su3
upload-bin:
#export GOOS=darwin; export GOARCH=amd64; make upload-single-bin
#export GOOS=darwin; export GOARCH=arm64; make upload-single-bin
export GOOS=linux; export GOARCH=386; make upload-single-bin
export GOOS=linux; export GOARCH=amd64; make upload-single-bin
export GOOS=linux; export GOARCH=arm; make upload-single-bin
export GOOS=linux; export GOARCH=arm64; make upload-single-bin
export GOOS=openbsd; export GOARCH=amd64; make upload-single-bin
export GOOS=freebsd; export GOARCH=386; make upload-single-bin
export GOOS=freebsd; export GOARCH=amd64; make upload-single-bin
export GOOS=windows; export GOARCH=amd64; make upload-single-bin
export GOOS=windows; export GOARCH=386; make upload-single-bin
rm-su3s:
rm *.su3 -f
download-su3s:
#export GOOS=darwin; export GOARCH=amd64; make download-single-su3
#export GOOS=darwin; export GOARCH=arm64; make download-single-su3
export GOOS=linux; export GOARCH=386; make download-single-su3
export GOOS=linux; export GOARCH=amd64; make download-single-su3
export GOOS=linux; export GOARCH=arm; make download-single-su3
export GOOS=linux; export GOARCH=arm64; make download-single-su3
export GOOS=openbsd; export GOARCH=amd64; make download-single-su3
export GOOS=freebsd; export GOARCH=386; make download-single-su3
export GOOS=freebsd; export GOARCH=amd64; make download-single-su3
export GOOS=windows; export GOARCH=amd64; make download-single-su3
export GOOS=windows; export GOARCH=386; make download-single-su3
upload-su3s:
#export GOOS=darwin; export GOARCH=amd64; make upload-single-su3
#export GOOS=darwin; export GOARCH=arm64; make upload-single-su3
export GOOS=linux; export GOARCH=386; make upload-single-su3
export GOOS=linux; export GOARCH=amd64; make upload-single-su3
export GOOS=linux; export GOARCH=arm; make upload-single-su3
export GOOS=linux; export GOARCH=arm64; make upload-single-su3
export GOOS=openbsd; export GOARCH=amd64; make upload-single-su3
export GOOS=freebsd; export GOARCH=386; make upload-single-su3
export GOOS=freebsd; export GOARCH=amd64; make upload-single-su3
export GOOS=windows; export GOARCH=amd64; make upload-single-su3
export GOOS=windows; export GOARCH=386; make upload-single-su3
download-single-su3:
wget-ds "https://github.com/eyedeekay/reseed-tools/releases/download/v$(VERSION)/reseed-tools-$(GOOS)-$(GOARCH).su3"
upload-single-deb:
github-release upload -R -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -f reseed-tools_$(VERSION)-1_amd64.deb -l "`sha256sum reseed-tools_$(VERSION)-1_$(GOARCH).deb`" -n "reseed-tools_$(VERSION)-1_amd64.deb"
upload-single-bin:
github-release upload -R -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -f reseed-tools-"$(GOOS)"-"$(GOARCH)" -l "`sha256sum reseed-tools-$(GOOS)-$(GOARCH)`" -n "reseed-tools-$(GOOS)"-"$(GOARCH)"
upload-single-su3:
github-release upload -R -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -f reseed-tools-"$(GOOS)"-"$(GOARCH).su3" -l "`sha256sum reseed-tools-$(GOOS)-$(GOARCH).su3`" -n "reseed-tools-$(GOOS)"-"$(GOARCH).su3"
tmp/content:
mkdir -p tmp
cp -rv reseed/content tmp/content
echo "you@mail.i2p" > tmp/signer
tmp/lib:
mkdir -p tmp/lib
# cp "$(HOME)/build/shellservice.jar" tmp/lib/shellservice.jar
tmp/LICENSE:
cp LICENSE tmp/LICENSE
SIGNER_DIR=$(HOME)/i2p-go-keys/
su3s: tmp/content tmp/lib tmp/LICENSE build
rm -f plugin.yaml client.yaml
i2p.plugin.native -name=reseed-tools-$(GOOS)-$(GOARCH) \
-signer=hankhill19580@gmail.com \
-signer-dir=$(SIGNER_DIR) \
-version "$(VERSION)" \
-author=hankhill19580@gmail.com \
-autostart=true \
-clientname=reseed-tools-$(GOOS)-$(GOARCH) \
-command="reseed-tools-$(GOOS)-$(GOARCH) reseed --yes --signer=\$$PLUGIN/signer --port=$(PLUGIN_PORT)" \
-consolename="Reseed Tools" \
-consoleurl="https://127.0.0.1:$(PLUGIN_PORT)" \
-updateurl="http://idk.i2p/reseed-tools/reseed-tools-$(GOOS)-$(GOARCH).su3" \
-website="http://idk.i2p/reseed-tools/" \
-icondata="content/images/reseed-icon.png" \
-delaystart="1" \
-desc="`cat description-pak`" \
-exename=reseed-tools-$(GOOS)-$(GOARCH) \
-targetos="$(GOOS)" \
-res=tmp/ \
-license=MIT
#unzip -o reseed-tools-$(GOOS)-$(GOARCH).zip -d reseed-tools-$(GOOS)-$(GOARCH)-zip
#export sumbblinux=`sha256sum "../reseed-tools-linux.su3"`
#export sumbbwindows=`sha256sum "../reseed-tools-windows.su3"`

172
README.md
View File

@@ -1,157 +1,75 @@
I2P Reseed Tools I2P Reseed Tools
================== ==================
This tool provides a secure and efficient reseed server for the I2P network. There are several utility commands to ![Reseed Tools Poster](content/images/reseed.png)
create, sign, and validate SU3 files. Please note that this requires at least Go version 1.13, and uses Go Modules.
This tool provides a secure and efficient reseed server for the I2P network.
There are several utility commands to create, sign, and validate SU3 files.
Please note that this requires at least Go version 1.13, and uses Go Modules.
Standard reseeds are distributed with the I2P packages. To get your reseed
included, apply on [i2pforum.i2p](http://i2pforum.i2p).
## Dependencies
`go`, `git`, and optionally `make` are required to build the project.
Precompiled binaries for most platforms are available at my github mirror
https://github.com/eyedeekay/i2p-tools-1.
In order to install the build-dependencies on Ubuntu or Debian, you may use:
```sh
sudo apt-get install golang-go git make
```
## Installation ## Installation
If you have go installed you can download, build, and install this tool with `go get` Reseed-tools can be run as a user, as a freestanding service, or be installed
as an I2P Plugin. It will attempt to configure itself automatically. You should
make sure to set the `--signer` flag or the `RESEED_EMAIL` environment variable
to configure your signing keys/contact info.
### Installation(From Source)
``` ```
go get i2pgit.org/idk/reseed-tools git clone https://i2pgit.org/idk/reseed-tools
reseed-tools -h cd reseed-tools
make build
# Optionally, if you want to install to /usr/bin/reseed-tools
sudo make install
``` ```
## Usage ## Usage
### Docker! #### Debian/Ubuntu note:
To make it easier to deploy reseeds, it is possible to run this software as a It is possible to create a `.deb` package using [these instructions](docs/DEBIAN.md).
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
When you run a reseed under Docker in this fashion, it will automatically Debian users who are running I2P as a system service must also run the
generate a self-signed certificate for your reseed server in a Docker volume `reseed-tools` as the same user. This is so that the reseed-tools can access
mamed reseed-keys. *Back up this directory*, if it is lost it is impossible the I2P service's netDb directory. On Debian and Ubuntu, that user is `i2psvc`
to reproduce. and the netDb directory is: `/var/lib/i2p/i2p-config/netDb`.
Please note that Docker is not currently compatible with .onion reseeds unless ## Example Commands:
you pass the --network=host tag.
#### If I2P is running as your user, do this:
docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
#### If I2P is running as another user, do this:
docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
#### **Debian/Ubuntu and Docker**
In many cases I2P will be running as the Debian system user ```i2psvc```. This
is the case for all installs where Debian's Advanced Packaging Tool(apt) was
used to peform the task. If you used ```apt-get install``` this command will
work for you. In that case, just copy-and-paste:
docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
### Locally behind a webserver (reverse proxy setup), preferred:
```
reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
```
### Without a webserver, standalone with TLS support ### Without a webserver, standalone with TLS support
```
reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
```
If this is your first time running a reseed server (ie. you don't have any existing keys), If this is your first time running a reseed server (ie. you don't have any existing keys),
you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates. you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates.
Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory
(a TLS key, certificate and crl, and a su3-file signing key, certificate and crl). (a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).
Get the source code here on github or a pre-build binary anonymously on
http://reseed.i2p/
http://j7xszhsjy7orrnbdys7yykrssv5imkn4eid7n5ikcnxuhpaaw6cq.b32.i2p/
also a short guide and complete tech info.
## Experimental, currently only available from idk/reseed-tools fork
Requires ```go mod``` and at least go 1.13. To build the idk/reseed-tools
fork, from anywhere:
git clone https://i2pgit.org/idk/reseed-tools
cd reseed-tools
make build
### Without a webserver, standalone, self-supervising(Automatic restarts)
``` ```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --littleboss=start reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
``` ```
### Without a webserver, standalone, automatic OnionV3 with TLS support ### Locally behind a webserver (reverse proxy setup), preferred:
If you are using a reverse proxy server it may provide the TLS certificate instead.
``` ```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
``` ```
### Without a webserver, standalone, serve P2P with LibP2P - **Usage** [More examples can be found here.](docs/EXAMPLES.md)
- **Docker** [Docker examples can be found here](docs/DOCKER.md)
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
```
### Without a webserver, standalone, upload a single signed .su3 to github
* This one isn't working yet, I'll get to it eventually, I've got a cooler idea now.
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --github --ghrepo=reseed-tools --ghuser=eyedeekay
```
### Without a webserver, standalone, in-network reseed
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, I2P In-Network reseed, and LibP2P, self-supervising
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p --littleboss=start
```

12
cmd/i2pd.go Normal file
View File

@@ -0,0 +1,12 @@
//go:build i2pd
// +build i2pd
package cmd
import (
i2pd "github.com/eyedeekay/go-i2pd/goi2pd"
)
func InitializeI2PD() func() {
return i2pd.InitI2PSAM(nil)
}

28
cmd/keygen.go
View File

@@ -3,20 +3,20 @@ package cmd
import ( import (
"fmt" "fmt"
"github.com/urfave/cli" "github.com/urfave/cli/v3"
) )
func NewKeygenCommand() cli.Command { func NewKeygenCommand() *cli.Command {
return cli.Command{ return &cli.Command{
Name: "keygen", Name: "keygen",
Usage: "Generate keys for reseed su3 signing and TLS serving.", Usage: "Generate keys for reseed su3 signing and TLS serving.",
Action: keygenAction, Action: keygenAction,
Flags: []cli.Flag{ Flags: []cli.Flag{
cli.StringFlag{ &cli.StringFlag{
Name: "signer", Name: "signer",
Usage: "Generate a private key and certificate for the given su3 signing ID (ex. something@mail.i2p)", Usage: "Generate a private key and certificate for the given su3 signing ID (ex. something@mail.i2p)",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "tlsHost", Name: "tlsHost",
Usage: "Generate a self-signed TLS certificate and private key for the given host", Usage: "Generate a self-signed TLS certificate and private key for the given host",
}, },
@@ -24,26 +24,30 @@ func NewKeygenCommand() cli.Command {
} }
} }
func keygenAction(c *cli.Context) { func keygenAction(c *cli.Context) error {
signerID := c.String("signer") signerID := c.String("signer")
tlsHost := c.String("tlsHost") tlsHost := c.String("tlsHost")
trustProxy := c.Bool("trustProxy")
if signerID == "" && tlsHost == "" { if signerID == "" && tlsHost == "" {
fmt.Println("You must specify either --tlsHost or --signer") fmt.Println("You must specify either --tlsHost or --signer")
return return fmt.Errorf("You must specify either --tlsHost or --signer")
} }
if signerID != "" { if signerID != "" {
if err := createSigningCertificate(signerID); nil != err { if err := createSigningCertificate(signerID); nil != err {
fmt.Println(err) fmt.Println(err)
return return err
} }
} }
if tlsHost != "" { if trustProxy {
if err := createTLSCertificate(tlsHost); nil != err { if tlsHost != "" {
fmt.Println(err) if err := createTLSCertificate(tlsHost); nil != err {
return fmt.Println(err)
return err
}
} }
} }
return nil
} }

263
cmd/reseed.go
View File

@@ -1,7 +1,8 @@
package cmd package cmd
import ( import (
"context" "strings"
//"flag" //"flag"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
@@ -12,136 +13,174 @@ import (
"strconv" "strconv"
"time" "time"
//"crawshaw.io/littleboss"
"github.com/cretz/bine/tor" "github.com/cretz/bine/tor"
"github.com/cretz/bine/torutil" "github.com/cretz/bine/torutil"
"github.com/cretz/bine/torutil/ed25519" "github.com/cretz/bine/torutil/ed25519"
"github.com/eyedeekay/i2pkeys"
"github.com/eyedeekay/sam3" "github.com/eyedeekay/sam3"
"github.com/eyedeekay/sam3/i2pkeys" "github.com/urfave/cli/v3"
"github.com/libp2p/go-libp2p"
"github.com/libp2p/go-libp2p-core/host"
"github.com/urfave/cli"
"i2pgit.org/idk/reseed-tools/reseed" "i2pgit.org/idk/reseed-tools/reseed"
"github.com/eyedeekay/checki2cp/getmeanetdb"
) )
func NewReseedCommand() cli.Command { func getDefaultSigner() string {
return cli.Command{ intentionalsigner := os.Getenv("RESEED_EMAIL")
if intentionalsigner == "" {
adminsigner := os.Getenv("MAILTO")
if adminsigner != "" {
return strings.Replace(adminsigner, "\n", "", -1)
}
return ""
}
return strings.Replace(intentionalsigner, "\n", "", -1)
}
func getHostName() string {
hostname := os.Getenv("RESEED_HOSTNAME")
if hostname == "" {
hostname, _ = os.Hostname()
}
return strings.Replace(hostname, "\n", "", -1)
}
func providedReseeds(c *cli.Context) []string {
reseedArg := c.StringSlice("friends")
reseed.AllReseeds = reseedArg
return reseed.AllReseeds
}
func NewReseedCommand() *cli.Command {
ndb, err := getmeanetdb.WhereIstheNetDB()
if err != nil {
log.Fatal(err)
}
return &cli.Command{
Name: "reseed", Name: "reseed",
Usage: "Start a reseed server", Usage: "Start a reseed server",
Action: reseedAction, Action: reseedAction,
Flags: []cli.Flag{ Flags: []cli.Flag{
cli.StringFlag{ &cli.StringFlag{
Name: "signer", Name: "signer",
Value: getDefaultSigner(),
Usage: "Your su3 signing ID (ex. something@mail.i2p)", Usage: "Your su3 signing ID (ex. something@mail.i2p)",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "tlsHost", Name: "tlsHost",
Value: getHostName(),
Usage: "The public hostname used on your TLS certificate", Usage: "The public hostname used on your TLS certificate",
}, },
cli.BoolFlag{ &cli.BoolFlag{
Name: "onion", Name: "onion",
Usage: "Present an onionv3 address", Usage: "Present an onionv3 address",
}, },
cli.BoolFlag{ &cli.BoolFlag{
Name: "singleOnion", Name: "singleOnion",
Usage: "Use a faster, but non-anonymous single-hop onion", Usage: "Use a faster, but non-anonymous single-hop onion",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "onionKey", Name: "onionKey",
Value: "onion.key", Value: "onion.key",
Usage: "Specify a path to an ed25519 private key for onion", Usage: "Specify a path to an ed25519 private key for onion",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "key", Name: "key",
Usage: "Path to your su3 signing private key", Usage: "Path to your su3 signing private key",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "netdb", Name: "netdb",
Value: ndb,
Usage: "Path to NetDB directory containing routerInfos", Usage: "Path to NetDB directory containing routerInfos",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "tlsCert", Name: "tlsCert",
Usage: "Path to a TLS certificate", Usage: "Path to a TLS certificate",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "tlsKey", Name: "tlsKey",
Usage: "Path to a TLS private key", Usage: "Path to a TLS private key",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "ip", Name: "ip",
Value: "0.0.0.0", Value: "0.0.0.0",
Usage: "IP address to listen on", Usage: "IP address to listen on",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "port", Name: "port",
Value: "8443", Value: "8443",
Usage: "Port to listen on", Usage: "Port to listen on",
}, },
cli.IntFlag{ &cli.IntFlag{
Name: "numRi", Name: "numRi",
Value: 77, Value: 77,
Usage: "Number of routerInfos to include in each su3 file", Usage: "Number of routerInfos to include in each su3 file",
}, },
cli.IntFlag{ &cli.IntFlag{
Name: "numSu3", Name: "numSu3",
Value: 0, Value: 50,
Usage: "Number of su3 files to build (0 = automatic based on size of netdb)", Usage: "Number of su3 files to build (0 = automatic based on size of netdb)",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "interval", Name: "interval",
Value: "90h", Value: "90h",
Usage: "Duration between SU3 cache rebuilds (ex. 12h, 15m)", Usage: "Duration between SU3 cache rebuilds (ex. 12h, 15m)",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "prefix", Name: "prefix",
Value: "", Value: "",
Usage: "Prefix path for the HTTP(S) server. (ex. /netdb)", Usage: "Prefix path for the HTTP(S) server. (ex. /netdb)",
}, },
cli.BoolFlag{ &cli.BoolFlag{
Name: "trustProxy", Name: "trustProxy",
Usage: "If provided, we will trust the 'X-Forwarded-For' header in requests (ex. behind cloudflare)", Usage: "If provided, we will trust the 'X-Forwarded-For' header in requests (ex. behind cloudflare)",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "blacklist", Name: "blacklist",
Value: "", Value: "",
Usage: "Path to a txt file containing a list of IPs to deny connections from.", Usage: "Path to a txt file containing a list of IPs to deny connections from.",
}, },
cli.DurationFlag{ &cli.DurationFlag{
Name: "stats", Name: "stats",
Value: 0, Value: 0,
Usage: "Periodically print memory stats.", Usage: "Periodically print memory stats.",
}, },
cli.BoolFlag{ &cli.BoolFlag{
Name: "p2p",
Usage: "Listen for reseed request via libp2p",
},
cli.BoolFlag{
Name: "i2p", Name: "i2p",
Usage: "Listen for reseed request inside the I2P network", Usage: "Listen for reseed request inside the I2P network",
}, },
cli.BoolFlag{ &cli.BoolFlag{
Name: "yes", Name: "yes",
Usage: "Automatically answer 'yes' to self-signed SSL generation", Usage: "Automatically answer 'yes' to self-signed SSL generation",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "samaddr", Name: "samaddr",
Value: "127.0.0.1:7656", Value: "127.0.0.1:7656",
Usage: "Use this SAM address to set up I2P connections for in-network reseed", Usage: "Use this SAM address to set up I2P connections for in-network reseed",
}, },
cli.StringFlag{ &cli.StringSliceFlag{
Name: "littleboss", Name: "friends",
Value: "start", Value: cli.NewStringSlice(reseed.AllReseeds...),
Usage: "Self-Supervise this application", Usage: "Ping other reseed servers and display the result on the homepage to provide information about reseed uptime.",
}, },
cli.BoolFlag{ &cli.BoolFlag{
Name: "acme", Name: "acme",
Usage: "Automatically generate a TLS certificate with the ACME protocol, defaults to Let's Encrypt", Usage: "Automatically generate a TLS certificate with the ACME protocol, defaults to Let's Encrypt",
}, },
cli.StringFlag{ &cli.StringFlag{
Name: "acmeserver", Name: "acmeserver",
Value: "https://acme-staging-v02.api.letsencrypt.org/directory", Value: "https://acme-staging-v02.api.letsencrypt.org/directory",
Usage: "Use this server to issue a certificate with the ACME protocol", Usage: "Use this server to issue a certificate with the ACME protocol",
}, },
&cli.IntFlag{
Name: "ratelimit",
Value: 4,
Usage: "Maximum number of reseed bundle requests per-IP address, per-hour.",
},
&cli.IntFlag{
Name: "ratelimitweb",
Value: 40,
Usage: "Maxiumum number of web-visits per-IP address, per-hour",
},
}, },
} }
} }
@@ -191,22 +230,40 @@ func LoadKeys(keysPath string, c *cli.Context) (i2pkeys.I2PKeys, error) {
} }
} }
func reseedAction(c *cli.Context) { // fileExists checks if a file exists and is not a directory before we
// validate flags // try using it to prevent further errors.
if c.String("littleboss") != "start" { func fileExists(filename string) bool {
log.Println("--littleboss", c.String("littleboss")) info, err := os.Stat(filename)
return if os.IsNotExist(err) {
return false
} }
return !info.IsDir()
}
func reseedAction(c *cli.Context) error {
providedReseeds(c)
netdbDir := c.String("netdb") netdbDir := c.String("netdb")
if netdbDir == "" { if netdbDir == "" {
fmt.Println("--netdb is required") fmt.Println("--netdb is required")
return return fmt.Errorf("--netdb is required")
} }
signerID := c.String("signer") signerID := c.String("signer")
if signerID == "" { if signerID == "" || signerID == "you@mail.i2p" {
fmt.Println("--signer is required") fmt.Println("--signer is required")
return return fmt.Errorf("--signer is required")
}
if !strings.Contains(signerID, "@") {
if !fileExists(signerID) {
fmt.Println("--signer must be an email address or a file containing an email address.")
return fmt.Errorf("--signer must be an email address or a file containing an email address.")
}
bytes, err := ioutil.ReadFile(signerID)
if err != nil {
fmt.Println("--signer must be an email address or a file containing an email address.")
return fmt.Errorf("--signer must be an email address or a file containing an email address.")
}
signerID = string(bytes)
} }
var tlsCert, tlsKey string var tlsCert, tlsKey string
@@ -238,18 +295,21 @@ func reseedAction(c *cli.Context) {
// prompt to create tls keys if they don't exist? // prompt to create tls keys if they don't exist?
auto := c.Bool("yes") auto := c.Bool("yes")
// use ACME? ignore := c.Bool("trustProxy")
acme := c.Bool("acme") if !ignore {
if acme { // use ACME?
acmeserver := c.String("acmeserver") acme := c.Bool("acme")
err := checkUseAcmeCert(tlsHost, signerID, acmeserver, &tlsCert, &tlsKey, auto) if acme {
if nil != err { acmeserver := c.String("acmeserver")
log.Fatalln(err) err := checkUseAcmeCert(tlsHost, signerID, acmeserver, &tlsCert, &tlsKey, auto)
} if nil != err {
} else { log.Fatalln(err)
err := checkOrNewTLSCert(tlsHost, &tlsCert, &tlsKey, auto) }
if nil != err { } else {
log.Fatalln(err) err := checkOrNewTLSCert(tlsHost, &tlsCert, &tlsKey, auto)
if nil != err {
log.Fatalln(err)
}
} }
} }
@@ -277,9 +337,12 @@ func reseedAction(c *cli.Context) {
// prompt to create tls keys if they don't exist? // prompt to create tls keys if they don't exist?
auto := c.Bool("yes") auto := c.Bool("yes")
err := checkOrNewTLSCert(i2pTlsHost, &i2pTlsCert, &i2pTlsKey, auto) ignore := c.Bool("trustProxy")
if nil != err { if !ignore {
log.Fatalln(err) err := checkOrNewTLSCert(i2pTlsHost, &i2pTlsCert, &i2pTlsKey, auto)
if nil != err {
log.Fatalln(err)
}
} }
} }
} }
@@ -319,9 +382,12 @@ func reseedAction(c *cli.Context) {
// prompt to create tls keys if they don't exist? // prompt to create tls keys if they don't exist?
auto := c.Bool("yes") auto := c.Bool("yes")
err := checkOrNewTLSCert(onionTlsHost, &onionTlsCert, &onionTlsKey, auto) ignore := c.Bool("trustProxy")
if nil != err { if !ignore {
log.Fatalln(err) err := checkOrNewTLSCert(onionTlsHost, &onionTlsCert, &onionTlsKey, auto)
if nil != err {
log.Fatalln(err)
}
} }
} }
} }
@@ -329,7 +395,7 @@ func reseedAction(c *cli.Context) {
reloadIntvl, err := time.ParseDuration(c.String("interval")) reloadIntvl, err := time.ParseDuration(c.String("interval"))
if nil != err { if nil != err {
fmt.Printf("'%s' is not a valid time interval.\n", reloadIntvl) fmt.Printf("'%s' is not a valid time interval.\n", reloadIntvl)
return return fmt.Errorf("'%s' is not a valid time interval.\n", reloadIntvl)
} }
signerKey := c.String("key") signerKey := c.String("key")
@@ -375,26 +441,21 @@ func reseedAction(c *cli.Context) {
reseedI2P(c, i2pTlsCert, i2pTlsKey, i2pkey, reseeder) reseedI2P(c, i2pTlsCert, i2pTlsKey, i2pkey, reseeder)
} }
} }
if c.Bool("p2p") { if !c.Bool("trustProxy") {
log.Printf("libP2P listener starting\n")
if tlsHost != "" && tlsCert != "" && tlsKey != "" {
go reseedP2P(c, reseeder)
} else {
reseedP2P(c, reseeder)
}
}
if tlsHost != "" && tlsCert != "" && tlsKey != "" {
log.Printf("HTTPS server starting\n") log.Printf("HTTPS server starting\n")
reseedHTTPS(c, tlsCert, tlsKey, reseeder) reseedHTTPS(c, tlsCert, tlsKey, reseeder)
} else { } else {
log.Printf("HTTP server starting on\n") log.Printf("HTTP server starting on\n")
reseedHTTP(c, reseeder) reseedHTTP(c, reseeder)
} }
return nil
} }
func reseedHTTPS(c *cli.Context, tlsCert, tlsKey string, reseeder *reseed.ReseederImpl) { func reseedHTTPS(c *cli.Context, tlsCert, tlsKey string, reseeder *reseed.ReseederImpl) {
server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy")) server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
server.Reseeder = reseeder server.Reseeder = reseeder
server.RequestRateLimit = c.Int("ratelimit")
server.WebRateLimit = c.Int("ratelimitweb")
server.Addr = net.JoinHostPort(c.String("ip"), c.String("port")) server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))
// load a blacklist // load a blacklist
@@ -423,6 +484,8 @@ func reseedHTTPS(c *cli.Context, tlsCert, tlsKey string, reseeder *reseed.Reseed
func reseedHTTP(c *cli.Context, reseeder *reseed.ReseederImpl) { func reseedHTTP(c *cli.Context, reseeder *reseed.ReseederImpl) {
server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy")) server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
server.RequestRateLimit = c.Int("ratelimit")
server.WebRateLimit = c.Int("ratelimitweb")
server.Reseeder = reseeder server.Reseeder = reseeder
server.Addr = net.JoinHostPort(c.String("ip"), c.String("port")) server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))
@@ -450,52 +513,6 @@ func reseedHTTP(c *cli.Context, reseeder *reseed.ReseederImpl) {
} }
} }
func makeRandomHost(port int) (host.Host, error) {
host, err := libp2p.New(context.Background(), libp2p.ListenAddrStrings(fmt.Sprintf("/ip4/127.0.0.1/tcp/%d", port)))
if err != nil {
return nil, err
}
return host, nil
}
func reseedP2P(c *cli.Context, reseeder *reseed.ReseederImpl) {
server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
server.Reseeder = reseeder
server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))
// load a blacklist
blacklist := reseed.NewBlacklist()
server.Blacklist = blacklist
blacklistFile := c.String("blacklist")
if "" != blacklistFile {
blacklist.LoadFile(blacklistFile)
}
// print stats once in a while
if c.Duration("stats") != 0 {
go func() {
var mem runtime.MemStats
for range time.Tick(c.Duration("stats")) {
runtime.ReadMemStats(&mem)
log.Printf("TotalAllocs: %d Kb, Allocs: %d Kb, Mallocs: %d, NumGC: %d", mem.TotalAlloc/1024, mem.Alloc/1024, mem.Mallocs, mem.NumGC)
}
}()
}
port, err := strconv.Atoi(c.String("port"))
if err != nil {
log.Fatalln(err.Error())
}
port += 2
host, err := makeRandomHost(port)
if err != nil {
log.Fatalln(err.Error())
}
log.Printf("P2P listener started on %s\n", host.ID())
if err := server.ListenAndServeLibP2P(host); err != nil {
log.Fatalln(err)
}
}
func reseedOnion(c *cli.Context, onionTlsCert, onionTlsKey string, reseeder *reseed.ReseederImpl) { func reseedOnion(c *cli.Context, onionTlsCert, onionTlsKey string, reseeder *reseed.ReseederImpl) {
server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy")) server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
server.Reseeder = reseeder server.Reseeder = reseeder
@@ -573,6 +590,8 @@ func reseedOnion(c *cli.Context, onionTlsCert, onionTlsKey string, reseeder *res
func reseedI2P(c *cli.Context, i2pTlsCert, i2pTlsKey string, i2pIdentKey i2pkeys.I2PKeys, reseeder *reseed.ReseederImpl) { func reseedI2P(c *cli.Context, i2pTlsCert, i2pTlsKey string, i2pIdentKey i2pkeys.I2PKeys, reseeder *reseed.ReseederImpl) {
server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy")) server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
server.RequestRateLimit = c.Int("ratelimit")
server.WebRateLimit = c.Int("ratelimitweb")
server.Reseeder = reseeder server.Reseeder = reseeder
server.Addr = net.JoinHostPort(c.String("ip"), c.String("port")) server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))

4
cmd/utils.go
View File

@@ -347,6 +347,10 @@ func createSigningCertificate(signerID string) error {
} }
func createTLSCertificate(host string) error { func createTLSCertificate(host string) error {
return CreateTLSCertificate(host)
}
func CreateTLSCertificate(host string) error {
fmt.Println("Generating TLS keys. This may take a minute...") fmt.Println("Generating TLS keys. This may take a minute...")
priv, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader) priv, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
if err != nil { if err != nil {

71
cmd/verify.go
View File

@@ -3,50 +3,98 @@ package cmd
import ( import (
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"log"
"os"
"os/user"
"path/filepath"
"github.com/urfave/cli" "github.com/urfave/cli/v3"
"i2pgit.org/idk/reseed-tools/reseed" "i2pgit.org/idk/reseed-tools/reseed"
"i2pgit.org/idk/reseed-tools/su3" "i2pgit.org/idk/reseed-tools/su3"
) )
func NewSu3VerifyCommand() cli.Command { func I2PHome() string {
return cli.Command{ envCheck := os.Getenv("I2P")
if envCheck != "" {
return envCheck
}
// get the current user home
usr, err := user.Current()
if nil != err {
panic(err)
}
sysCheck := filepath.Join(usr.HomeDir, "i2p-config")
if _, err := os.Stat(sysCheck); nil == err {
return sysCheck
}
usrCheck := filepath.Join(usr.HomeDir, "i2p")
if _, err := os.Stat(usrCheck); nil == err {
return usrCheck
}
return ""
}
func NewSu3VerifyCommand() *cli.Command {
return &cli.Command{
Name: "verify", Name: "verify",
Usage: "Verify a Su3 file", Usage: "Verify a Su3 file",
Description: "Verify a Su3 file", Description: "Verify a Su3 file",
Action: su3VerifyAction, Action: su3VerifyAction,
Flags: []cli.Flag{ Flags: []cli.Flag{
cli.BoolFlag{ &cli.BoolFlag{
Name: "extract", Name: "extract",
Usage: "Also extract the contents of the su3", Usage: "Also extract the contents of the su3",
}, },
&cli.StringFlag{
Name: "signer",
Value: getDefaultSigner(),
Usage: "Your su3 signing ID (ex. something@mail.i2p)",
},
&cli.StringFlag{
Name: "keystore",
Value: filepath.Join(I2PHome(), "/certificates/reseed"),
Usage: "Path to the keystore",
},
}, },
} }
} }
func su3VerifyAction(c *cli.Context) { func su3VerifyAction(c *cli.Context) error {
su3File := su3.New() su3File := su3.New()
data, err := ioutil.ReadFile(c.Args().Get(0)) data, err := ioutil.ReadFile(c.Args().Get(0))
if nil != err { if nil != err {
panic(err) return err
} }
if err := su3File.UnmarshalBinary(data); err != nil { if err := su3File.UnmarshalBinary(data); err != nil {
panic(err) return err
} }
fmt.Println(su3File.String()) fmt.Println(su3File.String())
absPath, err := filepath.Abs(c.String("keystore"))
if nil != err {
return err
}
keyStorePath := filepath.Dir(absPath)
reseedDir := filepath.Base(absPath)
// get the reseeder key // get the reseeder key
ks := reseed.KeyStore{Path: "./certificates"} ks := reseed.KeyStore{Path: keyStorePath}
cert, err := ks.ReseederCertificate(su3File.SignerID)
if c.String("signer") != "" {
su3File.SignerID = []byte(c.String("signer"))
}
log.Println("Using keystore:", absPath, "for purpose", reseedDir, "and", string(su3File.SignerID))
cert, err := ks.DirReseederCertificate(reseedDir, su3File.SignerID)
if nil != err { if nil != err {
fmt.Println(err) fmt.Println(err)
return return err
} }
if err := su3File.VerifySignature(cert); nil != err { if err := su3File.VerifySignature(cert); nil != err {
panic(err) return err
} }
fmt.Printf("Signature is valid for signer '%s'\n", su3File.SignerID) fmt.Printf("Signature is valid for signer '%s'\n", su3File.SignerID)
@@ -55,4 +103,5 @@ func su3VerifyAction(c *cli.Context) {
// @todo: don't assume zip // @todo: don't assume zip
ioutil.WriteFile("extracted.zip", su3File.BodyBytes(), 0755) ioutil.WriteFile("extracted.zip", su3File.BodyBytes(), 0755)
} }
return nil
} }

BIN
content/images/reseed.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 198 KiB

18
content/lang/en/homepage.md
View File

@@ -1,18 +0,0 @@
You have found an I2P Reseed
============================
Maybe it was by accident, or maybe you visited the URL because you saw it in the software somewhere. While we've got
your attention, we're going to take this opportunity to tell you a little about what we do here. I2P is a peer-to-peer
network which uses "Garlic Routing" to maintain privacy. Reseed nodes help you get connected to I2P for the first time,
and even though you should only have to use them once in a great while, they are very important services.
[To learn more about I2P, visit the project website](https://geti2p.net)
------------------------------------------------------------------------
[![Help reseed](images/reseed.png)](https://geti2p.net)
- [Learn more about reseeds here:](https://geti2p.net/en/docs/reseed)
- [Learn how to run a reseed here:](https://geti2p.net/en/get-involved/guides/reseed)
- [Read the reseed server code and learn about more reseed options here:](https://i2pgit.org/idk/reseed-tools)
### Here on purpose? Here's a one-time link to a reseed bundle for you.

37
content/style.css
View File

@@ -1,37 +0,0 @@
body {
font-family: monospace;
text-align: justify;
}
h1 {
text-align: center;
}
img {
display: block;
margin-left: auto;
margin-right: auto;
width: 50%;
}
.inline {
display: inline;
}
.link-button {
background: none;
border: none;
color: blue;
text-decoration: underline;
cursor: pointer;
font-size: 1em;
font-family: serif;
}
.link-button:focus {
outline: none;
}
.link-button:active {
color:red;
}

1
description-pak Normal file
View File

@@ -0,0 +1 @@
Reseed tools is a self-contained, easy-to-configure I2P reseed service which can be run on any OS.

179
docs/DEBIAN.html Normal file
View File

@@ -0,0 +1,179 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Debian and Ubuntu Packages
</h1>
<p>
It&rsquo;s possible to generate a package which is compatible with Debian and Ubuntu,
using the command:
</p>
<pre><code class="language-sh">
make checkinstall
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
</code></pre>
<p>
This requires you to have
<code>
fakeroot
</code>
and
<code>
checkinstall
</code>
installed. Use the command
</p>
<pre><code class="language-sh">
sudo apt-get install fakeroot checkinstall
</code></pre>
<p>
to install them.
</p>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

19
docs/DEBIAN.md Normal file
View File

@@ -0,0 +1,19 @@
# Debian and Ubuntu Packages
It's possible to generate a package which is compatible with Debian and Ubuntu,
using the command:
```sh
make checkinstall
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
```
This requires you to have `fakeroot` and `checkinstall` installed. Use the command
```sh
sudo apt-get install fakeroot checkinstall
```
to install them.

232
docs/DOCKER.html Normal file
View File

@@ -0,0 +1,232 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Docker
</h1>
<p>
To make it easier to deploy reseeds, it is possible to run this software as a
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
</p>
<p>
When you run a reseed under Docker in this fashion, it will automatically
generate a self-signed certificate for your reseed server in a Docker volume
named reseed-keys.
<em>
Back up this directory
</em>
, if it is lost it is impossible
to reproduce.
</p>
<p>
Additional flags can be passed to the application in the Docker container by
appending them to the command. Please note that Docker is not currently
compatible with .onion reseeds unless you pass the &ndash;network=host tag.
</p>
<h2>
If I2P is running as your user, do this:
</h2>
<pre><code> docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
<h2>
If I2P is running as another user, do this:
</h2>
<pre><code> docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
<h2>
<strong>
Debian/Ubuntu and Docker
</strong>
</h2>
<p>
In many cases I2P will be running as the Debian system user
<code>
i2psvc
</code>
. This
is the case for all installs where Debian&rsquo;s Advanced Packaging Tool(apt) was
used to peform the task. If you used
<code>
apt-get install
</code>
this command will
work for you. In that case, just copy-and-paste:
</p>
<pre><code> docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

58
docs/DOCKER.md Normal file
View File

@@ -0,0 +1,58 @@
# Docker
To make it easier to deploy reseeds, it is possible to run this software as a
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
When you run a reseed under Docker in this fashion, it will automatically
generate a self-signed certificate for your reseed server in a Docker volume
named reseed-keys. *Back up this directory*, if it is lost it is impossible
to reproduce.
Additional flags can be passed to the application in the Docker container by
appending them to the command. Please note that Docker is not currently
compatible with .onion reseeds unless you pass the --network=host tag.
## If I2P is running as your user, do this:
docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
## If I2P is running as another user, do this:
docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
## **Debian/Ubuntu and Docker**
In many cases I2P will be running as the Debian system user ```i2psvc```. This
is the case for all installs where Debian's Advanced Packaging Tool(apt) was
used to peform the task. If you used ```apt-get install``` this command will
work for you. In that case, just copy-and-paste:
docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE

179
docs/EXAMPLES.html Normal file
View File

@@ -0,0 +1,179 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h2>
Example Commands:
</h2>
<h3>
Without a webserver, standalone, automatic OnionV3 with TLS support
</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
</code></pre>
<h3>
Without a webserver, standalone, serve P2P with LibP2P
</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
</code></pre>
<h3>
Without a webserver, standalone, in-network reseed
</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
</code></pre>
<h3>
Without a webserver, standalone, Regular TLS, OnionV3 with TLS
</h3>
<pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
</code></pre>
<h3>
Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
</h3>
<pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
</code></pre>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

32
docs/EXAMPLES.md Normal file
View File

@@ -0,0 +1,32 @@
## Example Commands:
### Without a webserver, standalone, automatic OnionV3 with TLS support
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
```
### Without a webserver, standalone, serve P2P with LibP2P
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
```
### Without a webserver, standalone, in-network reseed
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
```

263
docs/PLUGIN.html Normal file
View File

@@ -0,0 +1,263 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Plugin install URL&rsquo;s
</h1>
<p>
Plugin releases are available inside of i2p at
<a href="http://idk.i2p/reseed-tools/">
http://idk.i2p/reseed-tools/
</a>
and via the github mirror at
<a href="https://github.com/eyedeekay/reseed-tools/releases">
https://github.com/eyedeekay/reseed-tools/releases
</a>
.
These can be installed by adding them on the
<a href="http://127.0.0.1:7657/configplugins">
http://127.0.0.1:7657/configplugins
</a>
.
</p>
<p>
After installing the plugin, you should immediately edit the
<code>
$PLUGIN/signer
</code>
file in order to set your
<code>
--signer
</code>
email, which is used to name your keys.
You can find the
<code>
$PLUGIN
</code>
directory in your I2P config directory, which is
usually
<code>
$HOME/.i2p
</code>
on Unixes.
</p>
<p>
This will allow the developers to contact you if your reseed has issues
and will authenticate your reseed to the I2P routers that use it.
</p>
<ul>
<li>
darwin/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3
</a>
</li>
<li>
darwin/arm64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3">
http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3
</a>
</li>
<li>
linux/386:
<a href="http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3">
http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3
</a>
</li>
<li>
linux/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3
</a>
</li>
<li>
linux/arm:
<a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3">
http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3
</a>
</li>
<li>
linux/arm64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3">
http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3
</a>
</li>
<li>
openbsd/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3
</a>
</li>
<li>
freebsd/386:
<a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3">
http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3
</a>
</li>
<li>
freebsd/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3
</a>
</li>
<li>
windows/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3
</a>
</li>
<li>
windows/386:
<a href="http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3">
http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3
</a>
</li>
</ul>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

26
docs/PLUGIN.md Normal file
View File

@@ -0,0 +1,26 @@
# Plugin install URL's
Plugin releases are available inside of i2p at http://idk.i2p/reseed-tools/
and via the github mirror at https://github.com/eyedeekay/reseed-tools/releases.
These can be installed by adding them on the
[http://127.0.0.1:7657/configplugins](http://127.0.0.1:7657/configplugins).
After installing the plugin, you should immediately edit the `$PLUGIN/signer`
file in order to set your `--signer` email, which is used to name your keys.
You can find the `$PLUGIN` directory in your I2P config directory, which is
usually `$HOME/.i2p` on Unixes.
This will allow the developers to contact you if your reseed has issues
and will authenticate your reseed to the I2P routers that use it.
- darwin/amd64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3)
- darwin/arm64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3)
- linux/386: [http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3)
- linux/amd64: [http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3)
- linux/arm: [http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3)
- linux/arm64: [http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3)
- openbsd/amd64: [http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3)
- freebsd/386: [http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3](http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3)
- freebsd/amd64: [http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3)
- windows/amd64: [http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3)
- windows/386: [http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3](http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3)

0
docs/PROXY.md Normal file
View File

91
docs/README.md Normal file
View File

@@ -0,0 +1,91 @@
Configure an I2P Reseed Server Very Rapidly on Debian and Ubuntu
================================================================
It is possible to easily and automatically configure a reseed server
with a self-signed certificate on any Debian-based operating system,
including Ubuntu and it's downstreams. This is achieved using the `checkinstall`
tool to set up the software dependencies and the operating system to
run the `I2P` service and the `reseed` service.
Using a binary package
----------------------
If you do not wish to build from source, you can use a binary package
from me. This package is built from this repo with the `make checkinstall`
target and uploaded by me. I build it on an up-to-date Debian `sid` system
at tag time. It contains a static binary and files for configuring it as a
system service.
```sh
wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
# Obtain the checksum from the release web page
echo "38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb" > SHA256SUMS
sha256sums -c SHA256SUMS
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
```
Building the `.deb` package from the source(Optional)
-----------------------------------------------------
If your software is too old, it's possible that the binary package I build will
not work for you. It's very easy to generate your own from the source code in this
repository.
\\**1.** Install the build dependencies
```sh
sudo apt-get install fakeroot checkinstall go git make
```
\\**2.** Clone the source code
```sh
git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
```
\\**3.** Generate the `.deb` package using the `make checkinstall` target
```sh
cd ~/go/src/i2pgit.org/idk/reseed-tools
make checkinstall
```
\\**4.** Install the `.deb` package
```sh
sudo apt-get install ./reseed-tools_*.deb
```
Running the Service
-------------------
\\**1.** First, ensure that the I2P service is already running. The longer the better,
if you have to re-start the service, or if the service has very few peers, allow it to
run for 24 hours before advancing to step **2.**
```sh
sudo systemctl start i2p
# or, if you use sysvinit
sudo service i2p start
```
\\**2.** Once your I2P router is "Well-Integrated," start the reseed service.
```sh
sudo systemctl start reseed
# or, if you use sysvinit
sudo service reseed start
```
Your reseed will auto-configure with a self-signed certificate on port `:8443`. The
certificates themselves are available in `/var/lib/i2p/i2p-config/reseed`. When
you are ready, you should copy the `*.crt` files from that directory and share them
witth the I2P community on [`zzz.i2p`](http://zzz.i2p). These will allow I2P users
to authenticate your reseed services and secure the I2P network.

254
docs/SERVICES.html Normal file
View File

@@ -0,0 +1,254 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Service Integration
</h1>
<p>
Support for running as a system service as part of the reseed package
is new. PR&rsquo;s that improve integration are welcome.
</p>
<h2>
Systemd Service
</h2>
<p>
A systemd service is provided which should work with the I2P Debian package
when reseed-tools is installed in
<code>
/usr/bin/reseed-tools
</code>
. If you install with
<code>
make install
</code>
this service is also installed. This service will cause the
bundles to regenerate every 12 hours.
</p>
<p>
The contact email for your reseed should be added in:
<code>
/etc/systemd/system/reseed.service.d/override.conf
</code>
.
</p>
<p>
Self-signed certificates will be auto-generated for these services. To change
this you should edit the
<code>
/etc/systemd/system/reseed.service
</code>
. For instance:
</p>
<pre><code>ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb --trustProxy --ip=127.0.0.1
</code></pre>
<p>
to disable self-signed certificate generation.
</p>
<ul>
<li>
To enable starting the reseed service automatically with the system:
<code>
sudo systemctl enable reseed.service
</code>
</li>
<li>
To run the service manually:
<code>
sudo sysctl start reseed.service
</code>
<br />
</li>
<li>
To reload the systemd services:
<code>
sudo systemctl daemon-reload
</code>
</li>
<li>
To view the status/logs:
<code>
sudo journalctl -u reseed.service
</code>
</li>
</ul>
<h2>
SysV Service
</h2>
<p>
An initscript is also provided. The initscript, unlike the systemd service,
cannot schedule itself to restart. You should restart the service roughly once
a day to ensure that the information does not expire.
</p>
<p>
The contact email for your reseed should be added in:
<code>
/etc/init.d/reseed
</code>
.
</p>
<p>
Self-signed certificates will be auto-generated for these services.
To change this you should edit the
<code>
/etc/default/reseed
</code>
.
Create a
<code>
MORE_OPTIONS=&quot;&quot;
</code>
field. For instance:
</p>
<pre><code class="language-sh">MORE_OPTIONS=&quot;--trustProxy --ip=127.0.0.1&quot;
</code></pre>
<p>
will disable self-signed certificate generation.
</p>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

47
docs/SERVICES.md Normal file
View File

@@ -0,0 +1,47 @@
# Service Integration
Support for running as a system service as part of the reseed package
is new. PR's that improve integration are welcome.
## Systemd Service
A systemd service is provided which should work with the I2P Debian package
when reseed-tools is installed in `/usr/bin/reseed-tools`. If you install with
`make install` this service is also installed. This service will cause the
bundles to regenerate every 12 hours.
The contact email for your reseed should be added in:
`/etc/systemd/system/reseed.service.d/override.conf`.
Self-signed certificates will be auto-generated for these services. To change
this you should edit the `/etc/systemd/system/reseed.service`. For instance:
```
ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb --trustProxy --ip=127.0.0.1
```
to disable self-signed certificate generation.
- To enable starting the reseed service automatically with the system: `sudo systemctl enable reseed.service`
- To run the service manually: `sudo sysctl start reseed.service`
- To reload the systemd services: `sudo systemctl daemon-reload`
- To view the status/logs: `sudo journalctl -u reseed.service`
## SysV Service
An initscript is also provided. The initscript, unlike the systemd service,
cannot schedule itself to restart. You should restart the service roughly once
a day to ensure that the information does not expire.
The contact email for your reseed should be added in:
`/etc/init.d/reseed`.
Self-signed certificates will be auto-generated for these services.
To change this you should edit the `/etc/default/reseed`.
Create a `MORE_OPTIONS=""` field. For instance:
```sh
MORE_OPTIONS="--trustProxy --ip=127.0.0.1"
```
will disable self-signed certificate generation.

263
docs/TLS.html Normal file
View File

@@ -0,0 +1,263 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
TLS Configuration for your Reseed Server
</h1>
<p>
By default,
<code>
reseed-tools
</code>
will generate self-signed certificates for your reseed service.
This is so that it can use TLS by default, and so that it can offer self-signed certificates when operating in
<code>
.onion
</code>
mode.
It is also possible to configure
<code>
reseed-tools
</code>
without TLS certificates,
or to configure it to use ACME in order to automtically obtain a certificate from Let&rsquo;s Encrypt.
</p>
<p>
I2P does not rely on TLS Certificate Authorities to authenticate reseed servers.
Instead, the certificates are effectively &ldquo;Pinned&rdquo; in the software, after manual review by the I2P developers and the community.
It is acceptable to use self-signed certificates in this fashion because they are not summarily trusted.
A self-signed certificate which is not configured in the I2P software will not work when serving a reseed to an I2P router.
</p>
<h2>
Disable TLS
</h2>
<p>
If you do this, it is highly recommended that you use a reverse proxy such as
<code>
Apache2
</code>
or
<code>
nginx
</code>
to provide a TLS connection to clients.
Alternatively, you could run
<code>
reseed-tools
</code>
as an
<code>
.onion
</code>
service and rely on Tor for encryption and authentication.
</p>
<p>
You can disable automatic TLS configuration with the
<code>
--trustProxy
</code>
flag like this:
</p>
<pre><code class="language-sh">
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --trustProxy --ip=127.0.0.1
</code></pre>
<h2>
Setup Self-Signed TLS non-interactively
</h2>
<p>
If you don&rsquo;t want to interactively configure TLS but still want to use self-signed certificates, you can pass the
<code>
--yes
</code>
flag, which will use the defaults for all config values.
</p>
<pre><code class="language-sh">
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --yes
</code></pre>
<h2>
Use ACME to acquire TLS certificate
</h2>
<p>
Instead of self-signed certificates, if you want to chain up to a TLS CA, you can.
To automate this process using an ACME CA, like Let&rsquo;s Encrypt, you can use the
<code>
--acme
</code>
flag.
Be sure to change the
<code>
--acmeserver
</code>
option in order to use a
<strong>
production
</strong>
ACME server, as
the software defaults to a
<strong>
staging
</strong>
ACME server for testing purposes.
</p>
<p>
This functionality is new and may have issues. Please file bug reports at (i2pgit)[
<a href="https://i2pgit.org/idk/reseed-tools)">
https://i2pgit.org/idk/reseed-tools)
</a>
or
<a href="https://github.com/eyedeekay/reseed-tools">
github
</a>
.
</p>
<pre><code class="language-sh">
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --acme --acmeserver=&quot;https://acme-v02.api.letsencrypt.org/directory&quot;
</code></pre>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

50
docs/TLS.md Normal file
View File

@@ -0,0 +1,50 @@
TLS Configuration for your Reseed Server
========================================
By default, `reseed-tools` will generate self-signed certificates for your reseed service.
This is so that it can use TLS by default, and so that it can offer self-signed certificates when operating in `.onion` mode.
It is also possible to configure `reseed-tools` without TLS certificates,
or to configure it to use ACME in order to automtically obtain a certificate from Let's Encrypt.
I2P does not rely on TLS Certificate Authorities to authenticate reseed servers.
Instead, the certificates are effectively "Pinned" in the software, after manual review by the I2P developers and the community.
It is acceptable to use self-signed certificates in this fashion because they are not summarily trusted.
A self-signed certificate which is not configured in the I2P software will not work when serving a reseed to an I2P router.
Disable TLS
-----------
If you do this, it is highly recommended that you use a reverse proxy such as `Apache2` or `nginx` to provide a TLS connection to clients.
Alternatively, you could run `reseed-tools` as an `.onion` service and rely on Tor for encryption and authentication.
You can disable automatic TLS configuration with the `--trustProxy` flag like this:
```sh
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --trustProxy --ip=127.0.0.1
```
Setup Self-Signed TLS non-interactively
---------------------------------------
If you don't want to interactively configure TLS but still want to use self-signed certificates, you can pass the `--yes` flag, which will use the defaults for all config values.
```sh
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --yes
```
Use ACME to acquire TLS certificate
-----------------------------------
Instead of self-signed certificates, if you want to chain up to a TLS CA, you can.
To automate this process using an ACME CA, like Let's Encrypt, you can use the `--acme` flag.
Be sure to change the `--acmeserver` option in order to use a **production** ACME server, as
the software defaults to a **staging** ACME server for testing purposes.
This functionality is new and may have issues. Please file bug reports at (i2pgit)[https://i2pgit.org/idk/reseed-tools) or [github](https://github.com/eyedeekay/reseed-tools).
```sh
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --acme --acmeserver="https://acme-v02.api.letsencrypt.org/directory"
```

318
docs/index.html Normal file
View File

@@ -0,0 +1,318 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Configure an I2P Reseed Server Very Rapidly on Debian and Ubuntu
</h1>
<p>
It is possible to easily and automatically configure a reseed server
with a self-signed certificate on any Debian-based operating system,
including Ubuntu and it&rsquo;s downstreams. This is achieved using the
<code>
checkinstall
</code>
tool to set up the software dependencies and the operating system to
run the
<code>
I2P
</code>
service and the
<code>
reseed
</code>
service.
</p>
<h2>
Using a binary package
</h2>
<p>
If you do not wish to build from source, you can use a binary package
from me. This package is built from this repo with the
<code>
make checkinstall
</code>
target and uploaded by me. I build it on an up-to-date Debian
<code>
sid
</code>
system
at tag time. It contains a static binary and files for configuring it as a
system service.
</p>
<pre><code class="language-sh">
wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
# Obtain the checksum from the release web page
echo &quot;38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb&quot; &gt; SHA256SUMS
sha256sums -c SHA256SUMS
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
</code></pre>
<h2>
Building the
<code>
.deb
</code>
package from the source(Optional)
</h2>
<p>
If your software is too old, it&rsquo;s possible that the binary package I build will
not work for you. It&rsquo;s very easy to generate your own from the source code in this
repository.
</p>
<p>
\
<strong>
1.
</strong>
Install the build dependencies
</p>
<pre><code class="language-sh">
sudo apt-get install fakeroot checkinstall go git make
</code></pre>
<p>
\
<strong>
2.
</strong>
Clone the source code
</p>
<pre><code class="language-sh">
git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
</code></pre>
<p>
\
<strong>
3.
</strong>
Generate the
<code>
.deb
</code>
package using the
<code>
make checkinstall
</code>
target
</p>
<pre><code class="language-sh">
cd ~/go/src/i2pgit.org/idk/reseed-tools
make checkinstall
</code></pre>
<p>
\
<strong>
4.
</strong>
Install the
<code>
.deb
</code>
package
</p>
<pre><code class="language-sh">
sudo apt-get install ./reseed-tools_*.deb
</code></pre>
<h2>
Running the Service
</h2>
<p>
\
<strong>
1.
</strong>
First, ensure that the I2P service is already running. The longer the better,
if you have to re-start the service, or if the service has very few peers, allow it to
run for 24 hours before advancing to step
<strong>
2.
</strong>
</p>
<pre><code class="language-sh">
sudo systemctl start i2p
# or, if you use sysvinit
sudo service i2p start
</code></pre>
<p>
\
<strong>
2.
</strong>
Once your I2P router is &ldquo;Well-Integrated,&rdquo; start the reseed service.
</p>
<pre><code class="language-sh">
sudo systemctl start reseed
# or, if you use sysvinit
sudo service reseed start
</code></pre>
<p>
Your reseed will auto-configure with a self-signed certificate on port
<code>
:8443
</code>
. The
certificates themselves are available in
<code>
/var/lib/i2p/i2p-config/reseed
</code>
. When
you are ready, you should copy the
<code>
*.crt
</code>
files from that directory and share them
witth the I2P community on
<a href="http://zzz.i2p">
<code>
zzz.i2p
</code>
</a>
. These will allow I2P users
to authenticate your reseed services and secure the I2P network.
</p>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

15
docs/showhider.css Normal file
View File

@@ -0,0 +1,15 @@
/* edgar showhider CSS file */
#show {display:none; }
#hide {display:block; }
#show:target {display: block; }
#hide:target {display: none; }
#shownav {display:none; }
#hidenav {display:block; }
#shownav:target {display: block; }
#hidenav:target {display: none; }
#donate {display:none; }
#hidedonate {display:block; }
#donate:target {display: block; }
#hidedonate:target {display: none; }

165
docs/style.css Normal file
View File

@@ -0,0 +1,165 @@
/* edgar default CSS file */
body {
font-family: "Roboto";
font-family: monospace;
text-align: justify;
background-color: #373636;
color: whitesmoke;
font-size: 1.15em;
}
ul {
width: 55%;
display: block;
}
ol {
width: 55%;
display: block;
}
li {
margin-top: 1%;
}
p {
max-width: 90%;
margin-top: 1%;
margin-left: 3%;
margin-right: 3%;
}
img {
float: left;
top: 5%;
left: 5%;
max-width: 60%;
display: inline;
padding-right: 2%;
}
.inline {
display: inline;
}
.link-button:focus {
outline: none;
}
.link-button:active {
color: red;
}
code {
font-family: monospace;
border-radius: 5%;
padding: 1%;
border-color: darkgray;
font-size: .9em;
}
a {
color: #C6D9FE;
padding: 1%;
}
ul li {
color: #C6D9FE;
}
iframe {
background: aliceblue;
border-radius: 15%;
margin: 2%;
}
.container {
width: 36vw;
height: 64vh;
display: inline-block;
margin: 0;
padding: 0;
}
.editor-toolbar a {
display: inline-block;
text-align: center;
text-decoration: none !important;
color: whitesmoke !important;
}
#feed {
width: 60vw;
height: unset !important;
margin: 0;
padding: 0;
float: right;
background-color: #373636;
color: whitesmoke;
border: #C6D9FE solid 1px;
}
.thread-post,
.thread {
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.thread-post {
margin-left: 4%;
}
input {
text-align: center;
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font: normal normal normal 14px/1 FontAwesome;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.thread-hash {
text-align: right;
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.post-body {
text-align: left;
color: whitesmoke !important;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
#show {display:none; }
#hide {display:block; }
#show:target {display: block; }
#hide:target {display: none; }
#shownav {display:none; }
#hidenav {display:block; }
#shownav:target {display: block; }
#hidenav:target {display: none; }
#navbar {
float: right;
width: 15%;
}
#returnhome {
font-size: xxx-large;
display: inline;
}
h1 {
display: inline;
}

2
entrypoint.sh
View File

@@ -1,5 +1,7 @@
#! /usr/bin/env sh #! /usr/bin/env sh
cd /var/lib/i2p/i2p-config/reseed
cp -r /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/content ./content cp -r /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/content ./content
/var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb $@ /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb $@

2
etc/default/reseed Normal file
View File

@@ -0,0 +1,2 @@
#Edit the contact/signing email used by your reseed server here
export RESEED_EMAIL=""

37
etc/init.d/reseed
View File

@@ -1,49 +1,38 @@
#!/bin/sh #!/bin/sh
### BEGIN INIT INFO ### BEGIN INIT INFO
# Provides: samcatd # Provides: reseed
# Required-Start: $local_fs $network $named $time $syslog # Required-Start: $local_fs $network $named $time $syslog
# Required-Stop: $local_fs $network $named $time $syslog # Required-Stop: $local_fs $network $named $time $syslog
# Default-Start: 2 3 4 5 # Default-Start: 2 3 4 5
# Default-Stop: 0 1 6 # Default-Stop: 0 1 6
# Description: <DESCRIPTION> # Description: an I2P reseed server
### END INIT INFO ### END INIT INFO
SCRIPT='/usr/local/bin/i2p-tools' SCRIPT='/usr/bin/reseed-tools'
RUNAS=i2psvc RUNAS=i2psvc
NETDBDIR=/var/lib/i2p/i2p-config/netDb NETDBDIR=/var/lib/i2p/i2p-config/netDb
RUNDIR=/var/lib/i2p/i2p-config/reseed RUNDIR=/var/lib/i2p/i2p-config/reseed
SIGNER=you@mail.i2p
MORE_OPTIONS="" MORE_OPTIONS=""
if [ -f /etc/default/reseed ]; then if [ -f /etc/default/reseed ]; then
source /etc/default/reseed . /etc/default/reseed
fi fi
RUNOPTS=" reseed --signer=$SIGNER --netdb=$NETDBDIR $MORE_OPTIONS " RUNOPTS=" reseed --yes=true --netdb=$NETDBDIR $MORE_OPTIONS "
rundir(){
if [ !-d $RUNDIR ]; then
install -d -oi2psvc -m2770 $RUNDIR
fi
cd $RUNDIR
}
start() { start() {
rundir start-stop-daemon --background --user $RUNAS --chuid $RUNAS --exec $SCRIPT --chdir $RUNDIR --make-pidfile --pidfile $RUNDIR/reseed.pid --start -- $RUNOPTS
su - $RUNAS $SCRIPT $RUNOPTS --restart=start
} }
stop() { stop() {
rundir start-stop-daemon --background --user $RUNAS --exec $SCRIPT --chdir $RUNDIR --remove-pidfile --pidfile $RUNDIR/reseed.pid --stop
su - $RUNAS $SCRIPT $RUNOPTS --restart=stop
}
start() {
rundir
su - $RUNAS $SCRIPT $RUNOPTS --restart=restart
} }
status() { status() {
rundir start-stop-daemon --background --user $RUNAS --exec $SCRIPT --chdir $RUNDIR --pidfile $RUNDIR/reseed.pid --status
su - $RUNAS $SCRIPT $RUNOPTS --restart=status }
restart() {
stop
start
} }
uninstall() { uninstall() {

16
etc/systemd/system/reseed.service Normal file
View File

@@ -0,0 +1,16 @@
[Unit]
Description=I2P reseed service
After=network.target
StartLimitIntervalSec=0
Requires=i2p.service
[Service]
User=i2psvc
WorkingDirectory=/var/lib/i2p/i2p-config/reseed
ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb
Restart=always
RestartSec=10
RuntimeMaxSec=43200
[Install]
WantedBy=multi-user.target

5
etc/systemd/system/reseed.service.d/override.conf Normal file
View File

@@ -0,0 +1,5 @@
# Use this file to configure the contact/signer email used for the reseed service.
# without it the reseed will fail to start.
[Service]
Environment="RESEED_EMAIL="

21
go.mod
View File

@@ -1,19 +1,22 @@
module i2pgit.org/idk/reseed-tools module i2pgit.org/idk/reseed-tools
go 1.13 go 1.16
require ( require (
github.com/cretz/bine v0.1.0 github.com/cretz/bine v0.2.0
github.com/eyedeekay/sam3 v0.32.32 github.com/eyedeekay/checki2cp v0.0.21
github.com/eyedeekay/go-i2pd v0.0.0-20220213070306-9807541b2dfc
github.com/eyedeekay/i2pkeys v0.33.0
github.com/eyedeekay/sam3 v0.33.5
github.com/eyedeekay/unembed v0.0.0-20230123014222-9916b121855b
github.com/go-acme/lego/v4 v4.3.1 github.com/go-acme/lego/v4 v4.3.1
github.com/go-i2p/go-i2p v0.0.0-20240625160418-ac705dee767b
github.com/gorilla/handlers v1.5.1 github.com/gorilla/handlers v1.5.1
github.com/justinas/alice v1.2.0 github.com/justinas/alice v1.2.0
github.com/libp2p/go-libp2p v0.13.0
github.com/libp2p/go-libp2p-core v0.8.0
github.com/libp2p/go-libp2p-gostream v0.3.1
github.com/libp2p/go-libp2p-http v0.2.0
github.com/throttled/throttled/v2 v2.7.1 github.com/throttled/throttled/v2 v2.7.1
github.com/urfave/cli v1.22.5 github.com/urfave/cli/v3 v3.0.0-alpha
gitlab.com/golang-commonmark/markdown v0.0.0-20191127184510-91b5b3c99c19 gitlab.com/golang-commonmark/markdown v0.0.0-20191127184510-91b5b3c99c19
golang.org/x/text v0.3.5 golang.org/x/text v0.15.0
) )
//replace github.com/go-i2p/go-i2p => ../../../github.com/go-i2p/go-i2p

639
go.sum
View File

File diff suppressed because it is too large Load Diff

BIN
i2plogo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 46 KiB

302
index.html Normal file
View File

@@ -0,0 +1,302 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="CHANGELOG.html">
CHANGELOG
</a>
</li>
<li>
<a href="content/index.html">
content/index.html
</a>
</li>
<li>
<a href="docs/index.html">
docs/index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="docs/DEBIAN.html">
docs/DEBIAN
</a>
</li>
<li>
<a href="docs/DOCKER.html">
docs/DOCKER
</a>
</li>
<li>
<a href="docs/EXAMPLES.html">
docs/EXAMPLES
</a>
</li>
<li>
<a href="docs/PLUGIN.html">
docs/PLUGIN
</a>
</li>
<li>
<a href="docs/index.html">
docs/index
</a>
</li>
<li>
<a href="docs/SERVICES.html">
docs/SERVICES
</a>
</li>
<li>
<a href="docs/TLS.html">
docs/TLS
</a>
</li>
<li>
<a href="docs/index.html">
docs/index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
I2P Reseed Tools
</h1>
<p>
<img src="content/images/reseed.png" alt="Reseed Tools Poster" />
</p>
<p>
This tool provides a secure and efficient reseed server for the I2P network.
There are several utility commands to create, sign, and validate SU3 files.
Please note that this requires at least Go version 1.13, and uses Go Modules.
</p>
<p>
Standard reseeds are distributed with the I2P packages. To get your reseed
included, apply on
<a href="http://zzz.i2p">
zzz.i2p
</a>
.
</p>
<h2>
Dependencies
</h2>
<p>
<code>
go
</code>
,
<code>
git
</code>
, and optionally
<code>
make
</code>
are required to build the project.
Precompiled binaries for most platforms are available at my github mirror
<a href="https://github.com/eyedeekay/i2p-tools-1">
https://github.com/eyedeekay/i2p-tools-1
</a>
.
</p>
<p>
In order to install the build-dependencies on Ubuntu or Debian, you may use:
</p>
<pre><code class="language-sh">sudo apt-get install golang-go git make
</code></pre>
<h2>
Installation
</h2>
<p>
Reseed-tools can be run as a user, as a freestanding service, or be installed
as an I2P Plugin. It will attempt to configure itself automatically. You should
make sure to set the
<code>
--signer
</code>
flag or the
<code>
RESEED_EMAIL
</code>
environment variable
to configure your signing keys/contact info.
</p>
<h3>
Installation(From Source)
</h3>
<pre><code>git clone https://i2pgit.org/idk/reseed-tools
cd reseed-tools
make build
# Optionally, if you want to install to /usr/bin/reseed-tools
sudo make install
</code></pre>
<h2>
Usage
</h2>
<h4>
Debian/Ubuntu note:
</h4>
<p>
It is possible to create a
<code>
.deb
</code>
package using
<a href="docs/DEBIAN.md">
these instructions
</a>
.
</p>
<p>
Debian users who are running I2P as a system service must also run the
<code>
reseed-tools
</code>
as the same user. This is so that the reseed-tools can access
the I2P service&rsquo;s netDb directory. On Debian and Ubuntu, that user is
<code>
i2psvc
</code>
and the netDb directory is:
<code>
/var/lib/i2p/i2p-config/netDb
</code>
.
</p>
<h2>
Example Commands:
</h2>
<h3>
Without a webserver, standalone with TLS support
</h3>
<p>
If this is your first time running a reseed server (ie. you don&rsquo;t have any existing keys),
you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates.
Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory
(a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).
</p>
<pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
</code></pre>
<h3>
Locally behind a webserver (reverse proxy setup), preferred:
</h3>
<p>
If you are using a reverse proxy server it may provide the TLS certificate instead.
</p>
<pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
</code></pre>
<ul>
<li>
<strong>
Usage
</strong>
<a href="docs/EXAMPLES.md">
More examples can be found here.
</a>
</li>
<li>
<strong>
Docker
</strong>
<a href="docs/DOCKER.md">
Docker examples can be found here
</a>
</li>
</ul>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

15
main.go
View File

@@ -4,7 +4,7 @@ import (
"os" "os"
"runtime" "runtime"
"github.com/urfave/cli" "github.com/urfave/cli/v3"
"i2pgit.org/idk/reseed-tools/cmd" "i2pgit.org/idk/reseed-tools/cmd"
) )
@@ -18,13 +18,16 @@ func main() {
runtime.GOMAXPROCS(runtime.NumCPU() / 2) runtime.GOMAXPROCS(runtime.NumCPU() / 2)
app := cli.NewApp() app := cli.NewApp()
app.Name = "i2p-tools-1" app.Name = "reseed-tools"
app.Version = "0.1.7" app.Version = "0.2.4"
app.Usage = "I2P tools and reseed server" app.Usage = "I2P tools and reseed server"
app.Author = "eyedeekay" auth := &cli.Author{
app.Email = "hankhill19580@gmail.com" Name: "eyedeekay",
Email: "hankhill19580@gmail.com",
}
app.Authors = append(app.Authors, auth)
app.Flags = []cli.Flag{} app.Flags = []cli.Flag{}
app.Commands = []cli.Command{ app.Commands = []*cli.Command{
cmd.NewReseedCommand(), cmd.NewReseedCommand(),
cmd.NewSu3VerifyCommand(), cmd.NewSu3VerifyCommand(),
cmd.NewKeygenCommand(), cmd.NewKeygenCommand(),

49
postinstall-pak Executable file
View File

@@ -0,0 +1,49 @@
#! /usr/bin/env sh
RESEED_MESSAGE="Reseed Tools requires you to set an email for contact purposes.
This is in case your reseed goes down.
Please enter your email below."
RESEED_CONF="# Use this file to configure the contact/signer email used for the reseed service.
# without it the reseed will fail to start.
[Service]
Environment=\"RESEED_EMAIL="
RESEED_DEFAULT="#Edit the contact/signing email used by your reseed server here
export RESEED_EMAIL=\""
mkdir -p /etc/systemd/system/reseed.service.d/
INIT=$(file /sbin/init 2>&1 | grep systemd)
if [ ! -z "$INIT" ]; then
rm -f /etc/default/reseed /etc/init.d/reseed
fi
if [ -t 1 ] ; then
if [ -f /usr/bin/whiptail ]; then
RESEED_EMAIL=$(whiptail --inputbox "$RESEED_MESSAGE" 10 30 3>&1 1>&2 2>&3)
if [ ! -z "$INIT" ]; then
echo "$RESEED_CONF$RESEED_EMAIL\"" | tee /etc/systemd/system/reseed.service.d/override.conf
systemctl enable reseed.service
systemctl daemon-reload
else
echo "$RESEED_DEFAULT$RESEED_EMAIL\"" | tee /etc/default/reseed
fi
exit 0
fi
else
if [ -f /usr/bin/zenity ]; then
RESEED_EMAIL=$(zenity --entry --title "Reseed Configuration" --text "$RESEED_MESSAGE" 10 30 3>&1 1>&2 2>&3)
if [ ! -z "$INIT" ]; then
echo "$RESEED_CONF$RESEED_EMAIL\"" | tee /etc/systemd/system/reseed.service.d/override.conf
#systemctl enable /etc/systemd/system/reseed.service.d/reseed.service
systemctl enable reseed.service
systemctl daemon-reload
else
echo "$RESEED_DEFAULT$RESEED_EMAIL\"" | tee /etc/default/reseed
fi
exit 0
fi
fi

7
postremove-pak Executable file
View File

@@ -0,0 +1,7 @@
#! /usr/bin/env sh
INIT=$(file /sbin/init 2>&1 | grep systemd)
if [ ! -z "$INIT" ]; then
systemctl daemon-reload
fi

BIN
reseed/content/images/reseed-icon.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 18 KiB

BIN
reseed/content/images/reseed.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 116 KiB

10
reseed/content/index.html Normal file
View File

@@ -0,0 +1,10 @@
<h1 id="you-have-found-an-i2p-reseed">You have found an I2P Reseed</h1>
<p>Maybe it was by accident, or maybe you visited the URL because you saw it in the software somewhere. While weve got your attention, were going to take this opportunity to tell you a little about what we do here. I2P is a peer-to-peer network which uses “Garlic Routing” to maintain privacy. Reseed nodes help you get connected to I2P for the first time, and even though you should only have to use them once in a great while, they are very important services.</p>
<h2 id="to-learn-more-about-i2p-visit"><a href="https://geti2p.net">To learn more about I2P, visit</a></h2>
<p><a href="https://geti2p.net"><img src="images/reseed.png" alt="Help reseed" /></a></p>
<ul>
<li><a href="https://geti2p.net/en/docs/reseed">Learn more about reseeds here:</a></li>
<li><a href="https://geti2p.net/en/get-involved/guides/reseed">Learn how to run a reseed here:</a></li>
<li><a href="https://i2pgit.org/idk/reseed-tools">Read the reseed server code and learn about more reseed options here:</a></li>
</ul>
<p>Here on purpose? Heres a one-time link to a reseed bundle for you.</p>

18
reseed/content/lang/ar/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
هذا هو خادم I2P Reseed
=============================
I2P هي شبكة نظير إلى نظير تستخدم "توجيه الثوم" للحفاظ على الخصوصية.
تساعدك عقد Reseed على الاتصال بـ I2P لأول مرة ، وعلى الرغم من ذلك
يجب عليك فقط استخدامها مرة واحدة كل فترة ، فهي مهمة جدًا
خدمات.
[لمزيد من المعلومات حول I2P ، قم بزيارة موقع المشروع] (https://geti2p.net)
------------------------------------------------------------------------
[! [إعادة المساعدة] (images / reseed.png)] (https://geti2p.net)
- [مزيد من المعلومات حول عمليات إعادة التوريد] (https://geti2p.net/en/docs/reseed)
- [تعرف على كيفية تشغيل Reseed] (https://geti2p.net/en/get-involved/guides/reseed)
- [اقرأ رمز خادم إعادة التزويد وتعرّف على المزيد من خيارات إعادة التزويد] (https://i2pgit.org/idk/reseed-tools)
### هل لديك مشاكل في الاتصال؟ إليك رابط لمرة واحدة لحزمة إعادة إرسال لك.

18
reseed/content/lang/bn/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
এটি একটি I2P রিসিড সার্ভার
============================
I2P হল একটি পিয়ার-টু-পিয়ার নেটওয়ার্ক যা গোপনীয়তা বজায় রাখতে "গার্লিক রাউটিং" ব্যবহার করে।
রিসিড নোড আপনাকে প্রথমবার I2P এর সাথে সংযুক্ত হতে সাহায্য করে, এবং যদিও
আপনি শুধুমাত্র একটি মহান সময়ের মধ্যে একবার তাদের ব্যবহার করা উচিত, তারা খুবই গুরুত্বপূর্ণ
সেবা.
[I2P সম্পর্কে আরও জানতে, প্রকল্পের ওয়েবসাইট দেখুন](https://geti2p.net)
-------------------------------------------------------------------------------------
[![রিসিড করতে সাহায্য করুন](images/reseed.png)](https://geti2p.net)
- [রিসিড সম্পর্কে আরও জানুন](https://geti2p.net/en/docs/reseed)
- [কিভাবে রিসিড চালাতে হয় তা জানুন](https://geti2p.net/en/get-involved/guides/reseed)
- [রিসিড সার্ভার কোড পড়ুন এবং আরও রিসিড বিকল্প সম্পর্কে জানুন](https://i2pgit.org/idk/reseed-tools)
### সংযোগ সমস্যা হচ্ছে? এখানে আপনার জন্য একটি রিসিড বান্ডেলের একটি এককালীন লিঙ্ক রয়েছে৷

18
reseed/content/lang/de/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
Dies ist ein I2P-Reseed-Server
============================
I2P ist ein Peer-to-Peer-Netzwerk, das „Garlic Routing“ verwendet, um die Privatsphäre zu wahren.
Reseed-Knoten helfen Ihnen, zum ersten Mal mit I2P verbunden zu werden, und das obwohl
Sie sollten sie nur ab und zu verwenden müssen, sie sind sehr wichtig
Dienstleistungen.
[Um mehr über I2P zu erfahren, besuchen Sie die Projektwebsite](https://geti2p.net)
------------------------------------------------------------------------
[![Hilfe neu aussäen](images/reseed.png)](https://geti2p.net)
- [Erfahren Sie mehr über Reseeds](https://geti2p.net/en/docs/reseed)
- [Erfahren Sie, wie Sie einen Reseed ausführen](https://geti2p.net/en/get-involved/guides/reseed)
- [Lesen Sie den Re-Seed-Server-Code und erfahren Sie mehr über Re-Seed-Optionen](https://i2pgit.org/idk/reseed-tools)
### Haben Sie Verbindungsprobleme? Hier ist ein einmaliger Link zu einem Re-Seed-Bundle für Sie.

18
reseed/content/lang/en/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
This is an I2P Reseed Server
============================
I2P is a peer-to-peer network which uses “Garlic Routing” to maintain privacy.
Reseed nodes help you get connected to I2P for the first time, and even though
you should only have to use them once in a great while, they are very important
services.
[To learn more about I2P, visit the project website](https://geti2p.net)
------------------------------------------------------------------------
[![Help reseed](images/reseed.png)](https://geti2p.net)
- [Learn more about reseeds](https://geti2p.net/en/docs/reseed)
- [Learn how to run a reseed](https://geti2p.net/en/get-involved/guides/reseed)
- [Read the reseed server code and learn about more reseed options](https://i2pgit.org/idk/reseed-tools)
### Having connection issues? Here is a one-time link to a reseed bundle for you.

18
reseed/content/lang/es/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
Este es un servidor de reinicio I2P
============================
I2P es una red de igual a igual que utiliza "Enrutamiento de ajo" para mantener la privacidad.
Los nodos de reseed le ayudan a conectarse a I2P por primera vez, y aunque
solo debería tener que usarlos de vez en cuando, son muy importantes
servicios.
[Para obtener más información sobre I2P, visite el sitio web del proyecto] (https://geti2p.net)
------------------------------------------------------------------------
[! [Help reseed] (images / reseed.png)] (https://geti2p.net)
- [Obtenga más información sobre reseeds] (https://geti2p.net/en/docs/reseed)
- [Aprenda a ejecutar un reseed] (https://geti2p.net/en/get-involved/guides/reseed)
- [Lea el código del servidor reseed y conozca más opciones de reseed] (https://i2pgit.org/idk/reseed-tools)
### ¿Tienes problemas de conexión? Aquí hay un enlace único a un paquete reseed para usted.

18
reseed/content/lang/fr/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
Ceci est un serveur de réensemencement I2P
============================
I2P est un réseau peer-to-peer qui utilise le « routage à l'ail » pour maintenir la confidentialité.
Les nœuds de réamorçage vous aident à vous connecter à I2P pour la première fois, et même si
vous ne devriez avoir à les utiliser qu'une fois de temps en temps, ils sont très importants
prestations de service.
[Pour en savoir plus sur I2P, visitez le site Web du projet](https://geti2p.net)
------------------------------------------------------------------------
[![Aide à reseed](images/reseed.png)](https://geti2p.net)
- [En savoir plus sur les réensemencements](https://geti2p.net/en/docs/reseed)
- [Apprenez à exécuter un reseed](https://geti2p.net/en/get-involved/guides/reseed)
- [Lire le code du serveur de réensemencement et en savoir plus sur les options de réensemencement] (https://i2pgit.org/idk/reseed-tools)
### Vous avez des problèmes de connexion ? Voici un lien unique vers un paquet de graines pour vous.

18
reseed/content/lang/hi/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
यह एक I2P शोधित सर्वर है
===========================
I2P एक पीयर-टू-पीयर नेटवर्क है जो गोपनीयता बनाए रखने के लिए "लहसुन रूटिंग" का उपयोग करता है।
रीसेड नोड्स आपको पहली बार I2P से कनेक्ट होने में मदद करते हैं, और भले ही
आपको उन्हें केवल एक बार ही उपयोग करना चाहिए, वे बहुत महत्वपूर्ण हैं
सेवाएं।
[I2P के बारे में अधिक जानने के लिए, प्रोजेक्ट वेबसाइट पर जाएँ](https://geti2p.net)
-------------------------------------------------------------------------
[![Reseed में मदद करें](images/reseed.png)](https://geti2p.net)
- [रिसेड्स के बारे में और जानें](https://geti2p.net/hi/docs/reseed)
- [रिसेड चलाना सीखें](https://geti2p.net/hi/get-involved/guides/reseed)
- [रीडेड सर्वर कोड पढ़ें और अधिक शोध विकल्पों के बारे में जानें](https://i2pgit.org/idk/reseed-tools)
### कनेक्शन की समस्या आ रही है? यहां आपके लिए एक शोधित बंडल का वन-टाइम लिंक दिया गया है।

18
reseed/content/lang/id/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
Ini adalah Server Reseed I2P
==============================
I2P adalah jaringan peer-to-peer yang menggunakan "Garlic Routing" untuk menjaga privasi.
Reseed node membantu Anda terhubung ke I2P untuk pertama kalinya, dan meskipun
Anda hanya perlu menggunakannya sesekali, itu sangat penting
jasa.
[Untuk mempelajari lebih lanjut tentang I2P, kunjungi situs web proyek](https://geti2p.net)
-------------------------------------------------- -----------------------
[![Bantu reseed](images/reseed.png)](https://geti2p.net)
- [Pelajari lebih lanjut tentang reseed](https://geti2p.net/en/docs/reseed)
- [Pelajari cara menjalankan reseed](https://geti2p.net/en/get-involved/guides/reseed)
- [Baca kode server reseed dan pelajari tentang opsi reseed lainnya](https://i2pgit.org/idk/reseed-tools)
### Mengalami masalah koneksi? Berikut ini tautan satu kali ke bundel reseed untuk Anda.

18
reseed/content/lang/jp/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
これはI2PReseedServerです
============================
I2Pは、プライバシーを維持するために「GarlicRouting」を使用するピアツーピアネットワークです。
再シードードは、I2Pに初めて接続するのに役立ちます。
たまに一度だけ使用する必要があります、それらは非常に重要です
サービス。
[I2Pの詳細については、プロジェクトのWebサイトにアクセスしてください]https://geti2p.net
------------------------------------------------------------------------
[[再シードのヘルプ]images / reseed.png]https://geti2p.net
-[再シードの詳細]https://geti2p.net/en/docs/reseed
-[再シードの実行方法を学ぶ]https://geti2p.net/en/get-involved/guides/reseed
-[再シードサーバーコードを読み、再シードオプションの詳細を確認してください]https://i2pgit.org/idk/reseed-tools
###接続に問題がありますか? これがあなたのための再シードバンドルへのワンタイムリンクです。

18
reseed/content/lang/ko/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
I2P Reseed 서버입니다.
==============================
I2P는 "Garlic Routing"을 사용하여 개인 정보를 유지하는 P2P 네트워크입니다.
Reseed 노드는 처음으로 I2P에 연결하는 데 도움이 됩니다.
아주 가끔은 한 번만 사용해야 하므로 매우 중요합니다.
서비스.
[I2P에 대한 자세한 내용은 프로젝트 웹 사이트를 방문하십시오.](https://geti2p.net)
------------------------------------------------------------------------
[![Help reseed](images/reseed.png)](https://geti2p.net)
- [리시드에 대해 자세히 알아보기](https://geti2p.net/en/docs/reseed)
- [리시드 실행 방법 알아보기](https://geti2p.net/en/get-involved/guides/reseed)
- [리시드 서버 코드를 읽고 더 많은 리시드 옵션에 대해 알아보세요](https://i2pgit.org/idk/reseed-tools)
### 연결 문제가 있습니까? 다음은 reseed 번들에 대한 일회성 링크입니다.

18
reseed/content/lang/pr/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
Este é um servidor I2P Reseed
==============================
I2P é uma rede ponto a ponto que usa “Roteamento de alho” para manter a privacidade.
Nós Reseed ajudam você a se conectar ao I2P pela primeira vez, e mesmo que
você só deve ter que usá-los de vez em quando, eles são muito importantes
Serviços.
[Para saber mais sobre I2P, visite o site do projeto] (https://geti2p.net)
------------------------------------------------------------------------
[! [Help reseed] (images / reseed.png)] (https://geti2p.net)
- [Saiba mais sobre reseeds] (https://geti2p.net/en/docs/reseed)
- [Saiba como executar uma nova propagação] (https://geti2p.net/en/get-involved/guides/reseed)
- [Leia o código do servidor de nova propagação e aprenda sobre mais opções de nova propagação] (https://i2pgit.org/idk/reseed-tools)
### Tendo problemas de conexão? Aqui está um link único para um pacote reenviado para você.

18
reseed/content/lang/ru/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
Это сервер I2P Reseed
============================
I2P - это одноранговая сеть, которая использует «Garlic Routing» для обеспечения конфиденциальности.
Узлы с повторным заполнением помогут вам впервые подключиться к I2P, и даже если
вы должны использовать их только время от времени, они очень важны
Сервисы.
[Чтобы узнать больше об I2P, посетите сайт проекта] (https://geti2p.net)
------------------------------------------------------------------------
[! [Повторное заполнение справки] (images / Reseed.png)] (https://geti2p.net)
- [Подробнее о Reseeds] (https://geti2p.net/en/docs/reseed)
- [Узнайте, как запустить повторное заполнение] (https://geti2p.net/en/get-involved/guides/reseed)
- [Прочтите код сервера повторного заполнения и узнайте о дополнительных параметрах повторного заполнения] (https://i2pgit.org/idk/reseed-tools)
### Возникли проблемы с подключением? Вот вам одноразовая ссылка на набор повторных рассылок.

18
reseed/content/lang/zh/homepage.md Normal file
View File

@@ -0,0 +1,18 @@
这是一个 I2P Reseed 服务器
============================
I2P 是一种点对点网络,它使用“大蒜路由”来维护隐私。
Reseed 节点可帮助您首次连接到 I2P即使
你应该只需要偶尔使用它们,它们非常重要
服务。
【了解更多关于I2P请访问项目网站】(https://geti2p.net)
-----------------------------------------------------------------
[![帮助重新播种](images/reseed.png)](https://geti2p.net)
- [了解更多关于 reseeds](https://geti2p.net/en/docs/reseed)
- [了解如何进行重新播种](https://geti2p.net/en/get-involved/guides/reseed)
- [阅读 reseed 服务器代码并了解更多 reseed 选项](https://i2pgit.org/idk/reseed-tools)
### 有连接问题? 这是为您提供的重新种子包的一次性链接。

0
reseed/content/script.js Normal file
View File

85
reseed/content/style.css Normal file
View File

@@ -0,0 +1,85 @@
body {
font-family: "Roboto", monospace;
text-align: justify;
background-color: #D9D9D9;
}
h1 {
width: 55%;
margin-left: 45%;
margin-top: 5%;
}
h2 {
width: 55%;
margin-left: 45%;
}
#homepage > h2:nth-child(3) > a:nth-child(1) {
text-decoration: none;
}
h3 {
width: 55%;
margin-left: 45%;
}
h4 {
width: 55%;
margin-left: 45%;
}
ul {
width: 55%;
display: block;
margin-left: 40%;
}
li {
margin-top: 1%;
margin-left: 20%;
}
p {
max-width: 55%;
font-size: 1.2em;
margin-right: 2%;
}
#homepage > p:nth-child(2){
margin-left: 45%;
}
.pingtest {
margin-left: 45%;
}
img {
position: absolute;
margin-top: 3%;
top: 5%;
left: 5%;
width: 35%;
display: inline;
margin-bottom: 5%;
padding-bottom: 5%;
}
.inline {
display: inline;
}
.link-button {
margin-top: 3%;
padding: 2%;
padding-left: 5%;
padding-right: 5%;
margin-left: -3%;
border-radius: 20%;
border-style: groove;
}
.link-button:focus {
outline: none;
}
.link-button:active {
color:red;
}
figure > img {
max-width: 35%;
display: inline;
}

65
reseed/homepage.go
View File

@@ -1,23 +1,52 @@
package reseed package reseed
import ( import (
"embed"
_ "embed"
"io/ioutil" "io/ioutil"
"log"
"net/http" "net/http"
"os" "os"
"path/filepath" "path/filepath"
"strings" "strings"
"github.com/eyedeekay/unembed"
"gitlab.com/golang-commonmark/markdown" "gitlab.com/golang-commonmark/markdown"
"golang.org/x/text/language" "golang.org/x/text/language"
) )
//go:embed content
var f embed.FS
var SupportedLanguages = []language.Tag{ var SupportedLanguages = []language.Tag{
language.English, language.English,
language.Russian,
language.SimplifiedChinese,
language.Arabic,
language.Portuguese,
language.German,
language.French,
language.Spanish,
language.Indonesian,
language.Hindi,
language.Japanese,
language.Korean,
language.Bengali,
} }
var CachedLanguagePages = map[string]string{} var CachedLanguagePages = map[string]string{}
var CachedDataPages = map[string][]byte{} var CachedDataPages = map[string][]byte{}
var BaseContentPath, ContentPathError = ContentPath() func StableContentPath() (string, error) {
var BaseContentPath, ContentPathError = ContentPath()
if _, err := os.Stat(BaseContentPath); os.IsNotExist(err) {
if err := unembed.Unembed(f, BaseContentPath); err != nil {
return "", err
} else {
return BaseContentPath, nil
}
}
return BaseContentPath, ContentPathError
}
var matcher = language.NewMatcher(SupportedLanguages) var matcher = language.NewMatcher(SupportedLanguages)
@@ -48,27 +77,44 @@ func ContentPath() (string, error) {
} }
func (srv *Server) HandleARealBrowser(w http.ResponseWriter, r *http.Request) { func (srv *Server) HandleARealBrowser(w http.ResponseWriter, r *http.Request) {
_, ContentPathError := StableContentPath()
if ContentPathError != nil { if ContentPathError != nil {
http.Error(w, "403 Forbidden", http.StatusForbidden) http.Error(w, "403 Forbidden", http.StatusForbidden)
return return
} }
lang, _ := r.Cookie("lang") lang, _ := r.Cookie("lang")
accept := r.Header.Get("Accept-Language") accept := r.Header.Get("Accept-Language")
log.Printf("lang: '%s', accept: '%s'\n", lang, accept)
for name, values := range r.Header {
// Loop over all values for the name.
for _, value := range values {
log.Printf("name: '%s', value: '%s'\n", name, value)
}
}
tag, _ := language.MatchStrings(matcher, lang.String(), accept) tag, _ := language.MatchStrings(matcher, lang.String(), accept)
log.Printf("tag: '%s'\n", tag)
base, _ := tag.Base() base, _ := tag.Base()
log.Printf("base: '%s'\n", base)
switch r.URL.Path { if strings.HasSuffix(r.URL.Path, "style.css") {
case "/style.css":
w.Header().Set("Content-Type", "text/css") w.Header().Set("Content-Type", "text/css")
HandleAFile(w, "", "style.css") HandleAFile(w, "", "style.css")
case "/script.js": } else if strings.HasSuffix(r.URL.Path, "script.js") {
w.Header().Set("Content-Type", "text/javascript") w.Header().Set("Content-Type", "text/javascript")
HandleAFile(w, "", "script.js") HandleAFile(w, "", "script.js")
default: } else {
image := strings.Replace(r.URL.Path, "/", "", -1) image := strings.Replace(r.URL.Path, "/", "", -1)
if strings.HasPrefix(image, "images") { if strings.HasPrefix(image, "images") {
w.Header().Set("Content-Type", "image/png") w.Header().Set("Content-Type", "image/png")
HandleAFile(w, "images", strings.TrimPrefix(strings.TrimPrefix(r.URL.Path, "/"), "images")) HandleAFile(w, "images", strings.TrimPrefix(strings.TrimPrefix(r.URL.Path, "/"), "images"))
} else if strings.HasPrefix(image, "ping") {
PingEverybody()
http.Redirect(w, r, "/", http.StatusFound)
} else if strings.HasPrefix(image, "readout") {
w.Header().Set("Content-Type", "text/html")
w.Write([]byte(header))
ReadOut(w)
w.Write([]byte(footer))
} else { } else {
w.Header().Set("Content-Type", "text/html") w.Header().Set("Content-Type", "text/html")
w.Write([]byte(header)) w.Write([]byte(header))
@@ -76,17 +122,19 @@ func (srv *Server) HandleARealBrowser(w http.ResponseWriter, r *http.Request) {
w.Write([]byte(`<ul><li><form method="post" action="/i2pseeds" class="inline"> w.Write([]byte(`<ul><li><form method="post" action="/i2pseeds" class="inline">
<input type="hidden" name="onetime" value="` + srv.Acceptable() + `"> <input type="hidden" name="onetime" value="` + srv.Acceptable() + `">
<button type="submit" name="submit_param" value="submit_value" class="link-button"> <button type="submit" name="submit_param" value="submit_value" class="link-button">
Bundle Reseed
</button> </button>
</form></li></ul>`)) </form></li></ul>`))
ReadOut(w)
w.Write([]byte(footer)) w.Write([]byte(footer))
} }
} }
} }
func HandleAFile(w http.ResponseWriter, dirPath, file string) { func HandleAFile(w http.ResponseWriter, dirPath, file string) {
BaseContentPath, _ := StableContentPath()
file = filepath.Join(dirPath, file) file = filepath.Join(dirPath, file)
if _, prs := CachedDataPages[file]; prs == false { if _, prs := CachedDataPages[file]; !prs {
path := filepath.Join(BaseContentPath, file) path := filepath.Join(BaseContentPath, file)
f, err := ioutil.ReadFile(path) f, err := ioutil.ReadFile(path)
if err != nil { if err != nil {
@@ -101,7 +149,8 @@ func HandleAFile(w http.ResponseWriter, dirPath, file string) {
} }
func HandleALocalizedFile(w http.ResponseWriter, dirPath string) { func HandleALocalizedFile(w http.ResponseWriter, dirPath string) {
if _, prs := CachedLanguagePages[dirPath]; prs == false { if _, prs := CachedLanguagePages[dirPath]; !prs {
BaseContentPath, _ := StableContentPath()
dir := filepath.Join(BaseContentPath, "lang", dirPath) dir := filepath.Join(BaseContentPath, "lang", dirPath)
files, err := ioutil.ReadDir(dir) files, err := ioutil.ReadDir(dir)
if err != nil { if err != nil {

166
reseed/ping.go Normal file
View File

@@ -0,0 +1,166 @@
package reseed
import (
"fmt"
"io/ioutil"
"log"
"net/http"
"net/url"
"os"
"path/filepath"
"strings"
"time"
)
// Ping requests an ".su3" from another reseed server and return true if
// the reseed server is alive If the reseed server is not alive, returns
// false and the status of the request as an error
func Ping(urlInput string) (bool, error) {
if !strings.HasSuffix(urlInput, "i2pseeds.su3") {
urlInput = fmt.Sprintf("%s%s", urlInput, "i2pseeds.su3")
}
log.Println("Pinging:", urlInput)
req, err := http.NewRequest("GET", urlInput, nil)
if err != nil {
return false, err
}
req.Header.Set("User-Agent", i2pUserAgent)
resp, err := http.DefaultClient.Do(req)
if err != nil {
return false, err
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
return false, fmt.Errorf("%s", resp.Status)
}
return true, nil
}
func trimPath(s string) string {
tmp := strings.ReplaceAll(s, "https://", "")
tmp = strings.ReplaceAll(s, "http://", "")
tmp = strings.ReplaceAll(s, "/", "")
return tmp
}
func PingWriteContent(urlInput string) error {
log.Println("Calling PWC", urlInput)
date := time.Now().Format("2006-01-02")
u, err := url.Parse(urlInput)
if err != nil {
log.Println("PWC", err)
return fmt.Errorf("PingWriteContent:%s", err)
}
path := trimPath(u.Host)
log.Println("Calling PWC path", path)
BaseContentPath, _ := StableContentPath()
path = filepath.Join(BaseContentPath, path+"-"+date+".ping")
if _, err := os.Stat(path); err != nil {
result, err := Ping(urlInput)
if result {
log.Printf("Ping: %s OK", urlInput)
err := ioutil.WriteFile(path, []byte("Alive: Status OK"), 0644)
return err
} else {
log.Printf("Ping: %s %s", urlInput, err)
err := ioutil.WriteFile(path, []byte("Dead: "+err.Error()), 0644)
return err
}
}
return nil
}
// TODO: make this a configuration option
/*var AllReseeds = []string{
"https://banana.incognet.io/",
"https://i2p.novg.net/",
"https://i2pseed.creativecowpat.net:8443/",
"https://reseed.diva.exchange/",
"https://reseed.i2pgit.org/",
"https://reseed.memcpy.io/",
"https://reseed.onion.im/",
"https://reseed2.i2p.net/",
}*/
var AllReseeds = []string{
"https://banana.incognet.io/",
"https://i2p.novg.net/",
"https://i2pseed.creativecowpat.net:8443/",
"https://reseed-fr.i2pd.xyz/",
"https://reseed-pl.i2pd.xyz/",
"https://reseed.diva.exchange/",
"https://reseed.i2pgit.org/",
"https://reseed.memcpy.io/",
"https://reseed.onion.im/",
"https://reseed2.i2p.net/",
"https://www2.mk16.de/",
}
func yday() time.Time {
today := time.Now()
yesterday := today.Add(-24 * time.Hour)
return yesterday
}
var lastPing = yday()
func PingEverybody() []string {
if lastPing.After(yday()) {
log.Println("Your ping was rate-limited")
return nil
}
lastPing = time.Now()
var nonerrs []string
for _, urlInput := range AllReseeds {
err := PingWriteContent(urlInput)
if err == nil {
nonerrs = append(nonerrs, urlInput)
} else {
nonerrs = append(nonerrs, err.Error()+"-"+urlInput)
}
}
return nonerrs
}
// Get a list of all files ending in ping in the BaseContentPath
func GetPingFiles() ([]string, error) {
var files []string
date := time.Now().Format("2006-01-02")
BaseContentPath, _ := StableContentPath()
err := filepath.Walk(BaseContentPath, func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
if strings.HasSuffix(path, ".ping") && strings.Contains(path, date) {
files = append(files, path)
}
return nil
})
if len(files) == 0 {
return nil, fmt.Errorf("No ping files found")
}
return files, err
}
func ReadOut(w http.ResponseWriter) {
pinglist, err := GetPingFiles()
if err == nil {
fmt.Fprintf(w, "<h3>Reseed Server Statuses</h3>")
fmt.Fprintf(w, "<div class=\"pingtest\">This feature is experimental and may not always provide accurate results.</div>")
fmt.Fprintf(w, "<div class=\"homepage\"><p><ul>")
for _, file := range pinglist {
ping, err := ioutil.ReadFile(file)
host := strings.Replace(file, ".ping", "", 1)
host = filepath.Base(host)
if err == nil {
fmt.Fprintf(w, "<li><strong>%s</strong> - %s</li>\n", host, ping)
} else {
fmt.Fprintf(w, "<li><strong>%s</strong> - No ping file found</li>\n", host)
}
}
fmt.Fprintf(w, "</ul></p></div>")
} else {
fmt.Fprintf(w, "<h4>No ping files found, check back later for reseed stats</h4>")
}
}

32
reseed/server.go
View File

@@ -14,13 +14,10 @@ import (
"time" "time"
"github.com/cretz/bine/tor" "github.com/cretz/bine/tor"
"github.com/eyedeekay/i2pkeys"
"github.com/eyedeekay/sam3" "github.com/eyedeekay/sam3"
"github.com/eyedeekay/sam3/i2pkeys"
"github.com/gorilla/handlers" "github.com/gorilla/handlers"
"github.com/justinas/alice" "github.com/justinas/alice"
"github.com/libp2p/go-libp2p-core/host"
gostream "github.com/libp2p/go-libp2p-gostream"
p2phttp "github.com/libp2p/go-libp2p-http"
throttled "github.com/throttled/throttled/v2" throttled "github.com/throttled/throttled/v2"
"github.com/throttled/throttled/v2/store" "github.com/throttled/throttled/v2/store"
) )
@@ -31,14 +28,16 @@ const (
type Server struct { type Server struct {
*http.Server *http.Server
I2P *sam3.SAM I2P *sam3.SAM
I2PSession *sam3.StreamSession I2PSession *sam3.StreamSession
I2PListener *sam3.StreamListener I2PListener *sam3.StreamListener
I2PKeys i2pkeys.I2PKeys I2PKeys i2pkeys.I2PKeys
Reseeder *ReseederImpl Reseeder *ReseederImpl
Blacklist *Blacklist Blacklist *Blacklist
OnionListener *tor.OnionService OnionListener *tor.OnionService
acceptables map[string]time.Time RequestRateLimit int
WebRateLimit int
acceptables map[string]time.Time
} }
func NewServer(prefix string, trustProxy bool) *Server { func NewServer(prefix string, trustProxy bool) *Server {
@@ -324,15 +323,6 @@ func (srv *Server) ListenAndServeI2P(samaddr string, I2PKeys i2pkeys.I2PKeys) er
return srv.Serve(srv.I2PListener) return srv.Serve(srv.I2PListener)
} }
// ListenAndServeLibP2P is used to serve the reseed server over libp2p http connections
func (srv *Server) ListenAndServeLibP2P(hst host.Host) error {
listener, err := gostream.Listen(hst, p2phttp.DefaultP2PProtocol)
if err != nil {
return err
}
return srv.Serve(listener)
}
func (srv *Server) reseedHandler(w http.ResponseWriter, r *http.Request) { func (srv *Server) reseedHandler(w http.ResponseWriter, r *http.Request) {
var peer Peer var peer Peer
if ip, _, err := net.SplitHostPort(r.RemoteAddr); err == nil { if ip, _, err := net.SplitHostPort(r.RemoteAddr); err == nil {

26
reseed/service.go
View File

@@ -15,6 +15,7 @@ import (
"sync" "sync"
"time" "time"
"github.com/go-i2p/go-i2p/lib/common/router_info"
"i2pgit.org/idk/reseed-tools/su3" "i2pgit.org/idk/reseed-tools/su3"
) )
@@ -22,6 +23,7 @@ type routerInfo struct {
Name string Name string
ModTime time.Time ModTime time.Time
Data []byte Data []byte
RI *router_info.RouterInfo
} }
type Peer string type Peer string
@@ -264,12 +266,24 @@ func (db *LocalNetDbImpl) RouterInfos() (routerInfos []routerInfo, err error) {
if age.Hours() > 192 { if age.Hours() > 192 {
continue continue
} }
riStruct, remainder, err := router_info.NewRouterInfo(riBytes)
routerInfos = append(routerInfos, routerInfo{ if err != nil {
Name: file.Name(), log.Println("RouterInfo Parsing Error:", err)
ModTime: file.ModTime(), log.Println("Leftover Data(for debugging):", remainder)
Data: riBytes, riStruct = nil
}) continue
}
// skip crappy routerInfos
if riStruct.Reachable() && riStruct.UnCongested() && riStruct.GoodVersion() {
routerInfos = append(routerInfos, routerInfo{
Name: file.Name(),
ModTime: file.ModTime(),
Data: riBytes,
RI: riStruct,
})
} else {
log.Println("Skipped less-useful RouterInfo Capabilities:", riStruct.RouterCapabilities(), riStruct.RouterVersion())
}
} }
return return

21
reseed/utils.go
View File

@@ -19,8 +19,16 @@ type KeyStore struct {
} }
func (ks *KeyStore) ReseederCertificate(signer []byte) (*x509.Certificate, error) { func (ks *KeyStore) ReseederCertificate(signer []byte) (*x509.Certificate, error) {
return ks.reseederCertificate("reseed", signer)
}
func (ks *KeyStore) DirReseederCertificate(dir string, signer []byte) (*x509.Certificate, error) {
return ks.reseederCertificate(dir, signer)
}
func (ks *KeyStore) reseederCertificate(dir string, signer []byte) (*x509.Certificate, error) {
certFile := filepath.Base(SignerFilename(string(signer))) certFile := filepath.Base(SignerFilename(string(signer)))
certString, err := ioutil.ReadFile(filepath.Join(ks.Path, "reseed", certFile)) certString, err := ioutil.ReadFile(filepath.Join(ks.Path, dir, certFile))
if nil != err { if nil != err {
return nil, err return nil, err
} }
@@ -34,8 +42,16 @@ func SignerFilename(signer string) string {
} }
func NewTLSCertificate(host string, priv *ecdsa.PrivateKey) ([]byte, error) { func NewTLSCertificate(host string, priv *ecdsa.PrivateKey) ([]byte, error) {
return NewTLSCertificateAltNames(priv, host)
}
func NewTLSCertificateAltNames(priv *ecdsa.PrivateKey, hosts ...string) ([]byte, error) {
notBefore := time.Now() notBefore := time.Now()
notAfter := notBefore.Add(5 * 365 * 24 * time.Hour) notAfter := notBefore.Add(5 * 365 * 24 * time.Hour)
host := ""
if len(hosts) > 0 {
host = hosts[0]
}
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
@@ -61,9 +77,10 @@ func NewTLSCertificate(host string, priv *ecdsa.PrivateKey) ([]byte, error) {
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
BasicConstraintsValid: true, BasicConstraintsValid: true,
IsCA: true, IsCA: true,
DNSNames: hosts[1:],
} }
hosts := strings.Split(host, ",") hosts = strings.Split(host, ",")
for _, h := range hosts { for _, h := range hosts {
if ip := net.ParseIP(h); ip != nil { if ip := net.ParseIP(h); ip != nil {
template.IPAddresses = append(template.IPAddresses, ip) template.IPAddresses = append(template.IPAddresses, ip)

15
showhider.css Normal file
View File

@@ -0,0 +1,15 @@
/* edgar showhider CSS file */
#show {display:none; }
#hide {display:block; }
#show:target {display: block; }
#hide:target {display: none; }
#shownav {display:none; }
#hidenav {display:block; }
#shownav:target {display: block; }
#hidenav:target {display: none; }
#donate {display:none; }
#hidedonate {display:block; }
#donate:target {display: block; }
#hidedonate:target {display: none; }

165
style.css Normal file
View File

@@ -0,0 +1,165 @@
/* edgar default CSS file */
body {
font-family: "Roboto";
font-family: monospace;
text-align: justify;
background-color: #373636;
color: whitesmoke;
font-size: 1.15em;
}
ul {
width: 55%;
display: block;
}
ol {
width: 55%;
display: block;
}
li {
margin-top: 1%;
}
p {
max-width: 90%;
margin-top: 1%;
margin-left: 3%;
margin-right: 3%;
}
img {
float: left;
top: 5%;
left: 5%;
max-width: 60%;
display: inline;
padding-right: 2%;
}
.inline {
display: inline;
}
.link-button:focus {
outline: none;
}
.link-button:active {
color: red;
}
code {
font-family: monospace;
border-radius: 5%;
padding: 1%;
border-color: darkgray;
font-size: .9em;
}
a {
color: #C6D9FE;
padding: 1%;
}
ul li {
color: #C6D9FE;
}
iframe {
background: aliceblue;
border-radius: 15%;
margin: 2%;
}
.container {
width: 36vw;
height: 64vh;
display: inline-block;
margin: 0;
padding: 0;
}
.editor-toolbar a {
display: inline-block;
text-align: center;
text-decoration: none !important;
color: whitesmoke !important;
}
#feed {
width: 60vw;
height: unset !important;
margin: 0;
padding: 0;
float: right;
background-color: #373636;
color: whitesmoke;
border: #C6D9FE solid 1px;
}
.thread-post,
.thread {
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.thread-post {
margin-left: 4%;
}
input {
text-align: center;
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font: normal normal normal 14px/1 FontAwesome;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.thread-hash {
text-align: right;
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.post-body {
text-align: left;
color: whitesmoke !important;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
#show {display:none; }
#hide {display:block; }
#show:target {display: block; }
#hide:target {display: none; }
#shownav {display:none; }
#hidenav {display:block; }
#shownav:target {display: block; }
#hidenav:target {display: none; }
#navbar {
float: right;
width: 15%;
}
#returnhome {
font-size: xxx-large;
display: inline;
}
h1 {
display: inline;
}

14
su3/su3.go
View File

@@ -23,16 +23,20 @@ const (
SigTypeRSAWithSHA384 = uint16(5) SigTypeRSAWithSHA384 = uint16(5)
SigTypeRSAWithSHA512 = uint16(6) SigTypeRSAWithSHA512 = uint16(6)
ContentTypeUnknown = uint8(0) ContentTypeUnknown = uint8(0)
ContentTypeRouter = uint8(1) ContentTypeRouter = uint8(1)
ContentTypePlugin = uint8(2) ContentTypePlugin = uint8(2)
ContentTypeReseed = uint8(3) ContentTypeReseed = uint8(3)
ContentTypeNews = uint8(4) ContentTypeNews = uint8(4)
ContentTypeBlocklist = uint8(5)
FileTypeZIP = uint8(0) FileTypeZIP = uint8(0)
FileTypeXML = uint8(1) FileTypeXML = uint8(1)
FileTypeHTML = uint8(2) FileTypeHTML = uint8(2)
FileTypeXMLGZ = uint8(3) FileTypeXMLGZ = uint8(3)
FileTypeTXTGZ = uint8(4)
FileTypeDMG = uint8(5)
FileTypeEXE = uint8(6)
magicBytes = "I2Psu3" magicBytes = "I2Psu3"
) )