fix systemd service

CHANGELOG.html

@@ -0,0 +1,146 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="CHANGELOG.html">
+                CHANGELOG
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <p>
+      2021-12-16
+      * app.Version = “0.2.11”
+      * include license file in plugin
+    </p>
+    <p>
+      2021-12-14
+      * app.Version = “0.2.10”
+      * restart changelog
+      * fix websiteURL in plugin.config
+    </p>
+    <p>
+      2019-04-21
+      * app.Version = “0.1.7”
+      * enabling TLS 1.3
+      <em>
+        only
+      </em>
+    </p>
+    <p>
+      2016-12-21
+      * deactivating previous random time delta, makes only sense when patching ri too
+      * app.Version = “0.1.6”
+    </p>
+    <p>
+      2016-10-09
+      * seed the math random generator with time.Now().UnixNano()
+      * added 6h+6h random time delta at su3-age to increase anonymity
+      * app.Version = “0.1.5”
+    </p>
+    <p>
+      2016-05-15
+      * README.md updated
+      * allowed routerInfos age increased from 96 to 192 hours
+      * app.Version = “0.1.4”
+    </p>
+    <p>
+      2016-03-05
+      * app.Version = “0.1.3”
+      * CRL creation added
+    </p>
+    <p>
+      2016-01-31
+      * allowed TLS ciphers updated (hardened)
+      * TLS certificate generation: RSA 4096 –&gt; ECDSAWithSHA512 384bit secp384r1
+      * ECDHE handshake: only CurveP384 + CurveP521, default CurveP256 removed
+      * TLS certificate valid: 2y –&gt; 5y
+      * throttled.PerDay(4) –&gt; PerHour(4), to enable limited testing
+      * su3 RebuildInterval: 24h –&gt; 90h, higher anonymity for the running i2p-router
+      * numRi per su3 file: 75 –&gt; 77
+    </p>
+    <p>
+      2016-01
+      * fork from
+      <a href="https://i2pgit.org/idk/reseed-tools" rel="nofollow">
+        https://i2pgit.org/idk/reseed-tools
+      </a>
+    </p>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        I2P
+      </a>
+    </div>
+  </body>
+</html>

CHANGELOG.md

@@ -1,3 +1,12 @@
+2021-12-16
+ * app.Version = "0.2.11"
+ * include license file in plugin
+
+2021-12-14
+ * app.Version = "0.2.10"
+ * restart changelog
+ * fix websiteURL in plugin.config
+
 2019-04-21
  * app.Version = "0.1.7"
  * enabling TLS 1.3 *only*

DOCKER.html

@@ -0,0 +1,168 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="CHANGELOG.html">
+                CHANGELOG
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <h3>
+      Docker
+    </h3>
+    <p>
+      To make it easier to deploy reseeds, it is possible to run this software as a
+      Docker image. Because the software requires access to a network database to host
+      a reseed, you will need to mount the netDb as a volume inside your docker
+      container to provide access to it, and you will need to run it as the same user
+      and group inside the container as I2P.
+    </p>
+    <p>
+      When you run a reseed under Docker in this fashion, it will automatically
+      generate a self-signed certificate for your reseed server in a Docker volume
+      mamed reseed-keys.
+      <em>
+        Back up this directory
+      </em>
+      , if it is lost it is impossible
+      to reproduce.
+    </p>
+    <p>
+      Please note that Docker is not currently compatible with .onion reseeds unless
+      you pass the –network=host tag.
+    </p>
+    <h4>
+      If I2P is running as your user, do this:
+    </h4>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --publish 443:8443 \
+        --restart always \
+        --volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <h4>
+      If I2P is running as another user, do this:
+    </h4>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --user $(I2P_UID) \
+        --group-add $(I2P_GID) \
+        --publish 443:8443 \
+        --restart always \
+        --volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <h4>
+      <strong>
+        Debian/Ubuntu and Docker
+      </strong>
+    </h4>
+    <p>
+      In many cases I2P will be running as the Debian system user
+      <code>
+        i2psvc
+      </code>
+      . This
+      is the case for all installs where Debian’s Advanced Packaging Tool(apt) was
+      used to peform the task. If you used
+      <code>
+        apt-get install
+      </code>
+      this command will
+      work for you. In that case, just copy-and-paste:
+    </p>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --user $(id -u i2psvc) \
+        --group-add $(id -g i2psvc) \
+        --publish 443:8443 \
+        --restart always \
+        --volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        I2P
+      </a>
+    </div>
+  </body>
+</html>

EXAMPLES.html

@@ -0,0 +1,132 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="CHANGELOG.html">
+                CHANGELOG
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <h2>
+      Example Commands:
+    </h2>
+    <h3>
+      Without a webserver, standalone, automatic OnionV3 with TLS support
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, serve P2P with LibP2P
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, upload a single signed .su3 to github
+    </h3>
+    <ul>
+      <li>
+        This one isn’t working yet, I’ll get to it eventually, I’ve got a cooler idea now.
+        <code>
+          ./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --github --ghrepo=reseed-tools --ghuser=eyedeekay
+        </code>
+      </li>
+    </ul>
+    <h3>
+      Without a webserver, standalone, in-network reseed
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, Regular TLS, OnionV3 with TLS
+    </h3>
+    <pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
+</code></pre>
+    <h3>
+      Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
+    </h3>
+    <pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, Regular TLS, OnionV3 with TLS, I2P In-Network reseed, and LibP2P, self-supervising
+    </h3>
+    <pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p --littleboss=start
+</code></pre>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        I2P
+      </a>
+    </div>
+  </body>
+</html>

Makefile

@@ -1,9 +1,11 @@
 
-VERSION=0.2.6
+VERSION=0.2.30
 APP=reseed-tools
 USER_GH=eyedeekay
 CGO_ENABLED=0
 export CGO_ENABLED=0
+PLUGIN_PORT=7671
+export PLUGIN_PORT=7671
 
 GOOS?=$(shell uname -s | tr A-Z a-z)
 GOARCH?="amd64"
@@ -49,20 +51,20 @@ install:
 	install -m755 reseed-tools-$(GOOS)-$(GOARCH) /usr/bin/reseed-tools
 	install -m644 etc/default/reseed /etc/default/reseed
 	install -m755 etc/init.d/reseed /etc/init.d/reseed
-	mkdir -p /etc/systemd/system/reseed.d/
-	mkdir -p /var/lib/i2p
+	mkdir -p /etc/systemd/system/reseed.service.d/
+	mkdir -p /var/lib/i2p/i2p-config/reseed/
 	install -g i2psvc -o i2psvc -d /var/lib/i2p/i2p-config/reseed/
 	cp -r content /var/lib/i2p/i2p-config/reseed/content
 	chown -R i2psvc:i2psvc /var/lib/i2p/i2p-config/reseed/
-	install -m644 etc/systemd/system/reseed.d/reseed.conf /etc/systemd/system/reseed.d/reseed.conf
-	install -m644 etc/systemd/system/reseed.d/reseed.service /etc/systemd/system/reseed.d/reseed.service
+	install -m644 etc/systemd/system/reseed.service.d/override.conf /etc/systemd/system/reseed.service.d/override.conf
+	install -m644 etc/systemd/system/reseed.service.d/reseed.service /etc/systemd/system/reseed.service
 
 uninstall:
 	rm /usr/bin/reseed-tools
 	rm /etc/default/reseed
 	rm /etc/init.d/reseed
-	rm /etc/systemd/system/reseed.d/reseed.conf
-	rm /etc/systemd/system/reseed.d/reseed.service
+	rm /etc/systemd/system/reseed.service.d/reseed.conf
+	rm /etc/systemd/system/reseed.service.d/reseed.service
 	rm -rf /var/lib/i2p/i2p-config/reseed/
 
 checkinstall: build
@@ -182,7 +184,7 @@ jar: gojava
 release: version upload checkinstall upload-single-deb plugins upload-su3s upload-bin 
 
 version:
-	cat README.md | gothub release -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -
+	cat README.md | gothub release -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -; true
 
 delete-version:
 	gothub delete -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION)
@@ -235,7 +237,7 @@ upload-bin:
 rm-su3s:
 	rm *.su3 -f
 
-download-su3s: rm-su3s
+download-su3s:
 	GOOS=darwin GOARCH=amd64 make download-single-su3
 	GOOS=darwin GOARCH=arm64 make download-single-su3
 	GOOS=linux GOARCH=386 make download-single-su3
@@ -262,7 +264,7 @@ upload-su3s:
 	GOOS=windows GOARCH=386 make upload-single-su3
 
 download-single-su3:
-	wget -N -c "https://github.com/eyedeekay/reseed-tools/releases/download/v$(VERSION)/reseed-tools-$(GOOS)-$(GOARCH).su3"
+	wget-ds "https://github.com/eyedeekay/reseed-tools/releases/download/v$(VERSION)/reseed-tools-$(GOOS)-$(GOARCH).su3"
 
 upload-single-deb:
 	gothub upload -R -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -f reseed-tools_$(VERSION)-1_amd64.deb -l "`sha256sum reseed-tools_$(VERSION)-1_amd64.deb`" -n "reseed-tools_$(VERSION)-1_amd64.deb"
@@ -276,25 +278,32 @@ upload-single-su3:
 tmp/content:
 	mkdir -p tmp
 	cp -rv content tmp/content
+	echo "you@mail.i2p" > tmp/signer
 
 tmp/lib:
 	mkdir -p tmp/lib
-	cp "$(HOME)/Workspace/GIT_WORK/i2p.i2p/build/shellservice.jar" tmp/lib/shellservice.jar
+#	cp "$(HOME)/build/shellservice.jar" tmp/lib/shellservice.jar
 
-su3s: tmp/content tmp/lib
+tmp/LICENSE:
+	cp LICENSE.md tmp/LICENSE
+
+SIGNER_DIR=$(HOME)/i2p-go-keys/
+
+su3s: tmp/content tmp/lib tmp/LICENSE
 	i2p.plugin.native -name=reseed-tools-$(GOOS)-$(GOARCH) \
 		-signer=hankhill19580@gmail.com \
+		-signer-dir=$(SIGNER_DIR) \
 		-version "$(VERSION)" \
 		-author=hankhill19580@gmail.com \
 		-autostart=true \
 		-clientname=reseed-tools-$(GOOS)-$(GOARCH) \
-		-command="reseed-tools-$(GOOS)-$(GOARCH) reseed --yes --signer=you@mail.i2p --netdb=\$$CONFIG/netDb" \
+		-command="reseed-tools-$(GOOS)-$(GOARCH) reseed --yes --signer=\$$PLUGIN/signer --port=$(PLUGIN_PORT)" \
 		-consolename="Reseed Tools" \
-		-consoleurl="http://127.0.0.1:8443" \
+		-consoleurl="https://127.0.0.1:$(PLUGIN_PORT)" \
 		-updateurl="http://idk.i2p/reseed-tools/reseed-tools-$(GOOS)-$(GOARCH).su3" \
 		-website="http://idk.i2p/reseed-tools/" \
 		-icondata="content/images/reseed-icon.png" \
-		-delaystart="3" \
+		-delaystart="1" \
 		-desc="`cat description-pak`" \
 		-exename=reseed-tools-$(GOOS)-$(GOARCH) \
 		-targetos="$(GOOS)" \

README.md

@@ -1,6 +1,8 @@
 I2P Reseed Tools
 ==================
 
+![Reseed Tools Poster](content/images/reseed.png)
+
 This tool provides a secure and efficient reseed server for the I2P network.
 There are several utility commands to create, sign, and validate SU3 files.
 Please note that this requires at least Go version 1.13, and uses Go Modules.
@@ -34,6 +36,14 @@ and via the github mirror at https://github.com/eyedeekay/reseed-tools/releases.
 These can be installed by adding them on the 
 [http://127.0.0.1:7657/configplugins](http://127.0.0.1:7657/configplugins).
 
+After installing the plugin, you should immediately edit the `$PLUGIN/signer`
+file in order to set your `--signer` email, which is used to name your keys.
+You can find the `$PLUGIN` directory in your I2P config directory, which is
+usually `$HOME/.i2p` on Unixes.
+
+This will allow the developers to contact you if your reseed has issues
+and will authenticate your reseed to the I2P routers that use it.
+
 - darwin/amd64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3)
 - darwin/arm64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3)
 - linux/386: [http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3)
@@ -65,7 +75,12 @@ Debian users who are running I2P as a system service must also run the
 the I2P service's netDb directory. On Debian and Ubuntu, that user is `i2psvc`
 and the netDb directory is: `/var/lib/i2p/i2p-config/netDb`.
 
-##### Systemd Service
+##### Service Integration
+
+Support for running as a system service as part of the reseed package
+is new. PR's that improve integration are welcome.
+
+###### Systemd Service
 
 A systemd service is provided which should work with the I2P Debian package
 when reseed-tools is installed in `/usr/bin/reseed-tools`. If you install with
@@ -83,7 +98,7 @@ this you should edit the `/etc/systemd/system/reseed.d/reseed.service`.
 - To reload the systemd services: `sudo systemctl daemon-reload`
 - To view the status/logs: `sudo journalctl -u reseed.service`
 
-##### SysV Service
+###### SysV Service
 
 An initscript is also provided. The initscript, unlike the systemd service,
 cannot schedule itself to restart. You should restart the service roughly once

cmd/i2pd.go

@@ -0,0 +1,12 @@
+//go:build i2pd
+// +build i2pd
+
+package cmd
+
+import (
+	i2pd "github.com/eyedeekay/go-i2pd/goi2pd"
+)
+
+func InitializeI2PD() func() {
+	return i2pd.InitI2PSAM(nil)
+}

cmd/reseed.go

@@ -2,6 +2,8 @@ package cmd
 
 import (
 	"context"
+	"strings"
+
 	//"flag"
 	"fmt"
 	"io/ioutil"
@@ -15,8 +17,8 @@ import (
 	"github.com/cretz/bine/tor"
 	"github.com/cretz/bine/torutil"
 	"github.com/cretz/bine/torutil/ed25519"
+	"github.com/eyedeekay/i2pkeys"
 	"github.com/eyedeekay/sam3"
-	"github.com/eyedeekay/sam3/i2pkeys"
 	"github.com/libp2p/go-libp2p"
 	"github.com/libp2p/go-libp2p-core/host"
 	"github.com/urfave/cli"
@@ -30,11 +32,11 @@ func getDefaultSigner() string {
 	if intentionalsigner == "" {
 		adminsigner := os.Getenv("MAILTO")
 		if adminsigner != "" {
-			return adminsigner
+			return strings.Replace(adminsigner, "\n", "", -1)
 		}
 		return ""
 	}
-	return intentionalsigner
+	return strings.Replace(intentionalsigner, "\n", "", -1)
 }
 
 func getHostName() string {
@@ -42,7 +44,7 @@ func getHostName() string {
 	if hostname == "" {
 		hostname, _ = os.Hostname()
 	}
-	return hostname
+	return strings.Replace(hostname, "\n", "", -1)
 }
 
 func NewReseedCommand() cli.Command {
@@ -165,6 +167,16 @@ func NewReseedCommand() cli.Command {
 				Value: "https://acme-staging-v02.api.letsencrypt.org/directory",
 				Usage: "Use this server to issue a certificate with the ACME protocol",
 			},
+			cli.IntFlag{
+				Name:  "ratelimit",
+				Value: 4,
+				Usage: "Maximum number of reseed bundle requests per-IP address, per-hour.",
+			},
+			cli.IntFlag{
+				Name:  "ratelimitweb",
+				Value: 40,
+				Usage: "Maxiumum number of web-visits per-IP address, per-hour",
+			},
 		},
 	}
 }
@@ -214,6 +226,16 @@ func LoadKeys(keysPath string, c *cli.Context) (i2pkeys.I2PKeys, error) {
 	}
 }
 
+// fileExists checks if a file exists and is not a directory before we
+// try using it to prevent further errors.
+func fileExists(filename string) bool {
+	info, err := os.Stat(filename)
+	if os.IsNotExist(err) {
+		return false
+	}
+	return !info.IsDir()
+}
+
 func reseedAction(c *cli.Context) {
 	netdbDir := c.String("netdb")
 	if netdbDir == "" {
@@ -222,10 +244,22 @@ func reseedAction(c *cli.Context) {
 	}
 
 	signerID := c.String("signer")
-	if signerID == "" {
+	if signerID == "" || signerID == "you@mail.i2p" {
 		fmt.Println("--signer is required")
 		return
 	}
+	if !strings.Contains(signerID, "@") {
+		if !fileExists(signerID) {
+			fmt.Println("--signer must be an email address or a file containing an email address.")
+			return
+		}
+		bytes, err := ioutil.ReadFile(signerID)
+		if err != nil {
+			fmt.Println("--signer must be an email address or a file containing an email address.")
+			return
+		}
+		signerID = string(bytes)
+	}
 
 	var tlsCert, tlsKey string
 	tlsHost := c.String("tlsHost")
@@ -256,7 +290,7 @@ func reseedAction(c *cli.Context) {
 
 		// prompt to create tls keys if they don't exist?
 		auto := c.Bool("yes")
-		ignore := c.Bool("ignore")
+		ignore := c.Bool("trustProxy")
 		if !ignore {
 			// use ACME?
 			acme := c.Bool("acme")
@@ -422,6 +456,8 @@ func reseedAction(c *cli.Context) {
 func reseedHTTPS(c *cli.Context, tlsCert, tlsKey string, reseeder *reseed.ReseederImpl) {
 	server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
 	server.Reseeder = reseeder
+	server.RequestRateLimit = c.Int("ratelimit")
+	server.WebRateLimit = c.Int("ratelimitweb")
 	server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))
 
 	// load a blacklist
@@ -450,6 +486,8 @@ func reseedHTTPS(c *cli.Context, tlsCert, tlsKey string, reseeder *reseed.Reseed
 
 func reseedHTTP(c *cli.Context, reseeder *reseed.ReseederImpl) {
 	server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
+	server.RequestRateLimit = c.Int("ratelimit")
+	server.WebRateLimit = c.Int("ratelimitweb")
 	server.Reseeder = reseeder
 	server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))
 
@@ -600,6 +638,8 @@ func reseedOnion(c *cli.Context, onionTlsCert, onionTlsKey string, reseeder *res
 
 func reseedI2P(c *cli.Context, i2pTlsCert, i2pTlsKey string, i2pIdentKey i2pkeys.I2PKeys, reseeder *reseed.ReseederImpl) {
 	server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
+	server.RequestRateLimit = c.Int("ratelimit")
+	server.WebRateLimit = c.Int("ratelimitweb")
 	server.Reseeder = reseeder
 	server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))
 

cmd/utils.go

@@ -347,6 +347,10 @@ func createSigningCertificate(signerID string) error {
 }
 
 func createTLSCertificate(host string) error {
+	return CreateTLSCertificate(host)
+}
+
+func CreateTLSCertificate(host string) error {
 	fmt.Println("Generating TLS keys. This may take a minute...")
 	priv, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
 	if err != nil {

cmd/verify.go

@@ -3,12 +3,38 @@ package cmd
 import (
 	"fmt"
 	"io/ioutil"
+	"log"
+	"os"
+	"os/user"
+	"path/filepath"
 
 	"github.com/urfave/cli"
 	"i2pgit.org/idk/reseed-tools/reseed"
 	"i2pgit.org/idk/reseed-tools/su3"
 )
 
+func I2PHome() string {
+	envCheck := os.Getenv("I2P")
+	if envCheck != "" {
+		return envCheck
+	}
+	// get the current user home
+	usr, err := user.Current()
+	if nil != err {
+		panic(err)
+	}
+	sysCheck := filepath.Join(usr.HomeDir, "i2p-config")
+	if _, err := os.Stat(sysCheck); nil == err {
+		return sysCheck
+	}
+	usrCheck := filepath.Join(usr.HomeDir, "i2p")
+	if _, err := os.Stat(usrCheck); nil == err {
+		return usrCheck
+	}
+	return ""
+
+}
+
 func NewSu3VerifyCommand() cli.Command {
 	return cli.Command{
 		Name:        "verify",
@@ -20,6 +46,16 @@ func NewSu3VerifyCommand() cli.Command {
 				Name:  "extract",
 				Usage: "Also extract the contents of the su3",
 			},
+			cli.StringFlag{
+				Name:  "signer",
+				Value: getDefaultSigner(),
+				Usage: "Your su3 signing ID (ex. something@mail.i2p)",
+			},
+			cli.StringFlag{
+				Name:  "keystore",
+				Value: filepath.Join(I2PHome(), "/certificates/reseed"),
+				Usage: "Path to the keystore",
+			},
 		},
 	}
 }
@@ -36,10 +72,22 @@ func su3VerifyAction(c *cli.Context) {
 	}
 
 	fmt.Println(su3File.String())
+	absPath, err := filepath.Abs(c.String("keystore"))
+	if nil != err {
+		panic(err)
+	}
+	keyStorePath := filepath.Dir(absPath)
+	reseedDir := filepath.Base(absPath)
 
 	// get the reseeder key
-	ks := reseed.KeyStore{Path: "./certificates"}
-	cert, err := ks.ReseederCertificate(su3File.SignerID)
+	ks := reseed.KeyStore{Path: keyStorePath}
+
+	if c.String("signer") != "" {
+		su3File.SignerID = []byte(c.String("signer"))
+	}
+	log.Println("Using keystore:", absPath, "for purpose", reseedDir, "and", string(su3File.SignerID))
+
+	cert, err := ks.DirReseederCertificate(reseedDir, su3File.SignerID)
 	if nil != err {
 		fmt.Println(err)
 		return

content/style.css

@@ -70,3 +70,8 @@ img {
 .link-button:active {
 	color:red;
 }
+
+figure > img {
+    max-width: 35%;
+    display: inline;
+}

description-pak

@@ -1,2 +1 @@
-Reseed tools is a self-contained, easy-to-configure I2P reseed service
- which can be run on any OS.
+Reseed tools is a self-contained, easy-to-configure I2P reseed service which can be run on any OS.

etc/init.d/reseed

@@ -19,15 +19,15 @@ fi
 RUNOPTS=" reseed --yes=true --netdb=$NETDBDIR $MORE_OPTIONS "
 
 start() {
-    start-stop-daemon --user $RUNAS --chuid $RUNAS --exec $SCRIPT --chdir $RUNDIR --make-pidfile --pidfile $RUNDIR/reseed.pid --start -- $RUNOPTS
+    start-stop-daemon --background --user $RUNAS --chuid $RUNAS --exec $SCRIPT --chdir $RUNDIR --make-pidfile --pidfile $RUNDIR/reseed.pid --start -- $RUNOPTS
 }
 
 stop() {
-    start-stop-daemon --user $RUNAS --exec $SCRIPT --chdir $RUNDIR --remove-pidfile --pidfile $RUNDIR/reseed.pid --stop
+    start-stop-daemon --background --user $RUNAS --exec $SCRIPT --chdir $RUNDIR --remove-pidfile --pidfile $RUNDIR/reseed.pid --stop
 }
 
 status() {
-    start-stop-daemon --user $RUNAS --exec $SCRIPT --chdir $RUNDIR --remove-pidfile --pidfile $RUNDIR/reseed.pid --status
+    start-stop-daemon --background --user $RUNAS --exec $SCRIPT --chdir $RUNDIR --pidfile $RUNDIR/reseed.pid --status
 }
 
 restart() {

etc/systemd/system/reseed.service.d/reseed.service

@@ -6,7 +6,6 @@ Requires=i2p.service
 
 [Service]
 User=i2psvc
-RuntimeDirectory=/var/lib/i2p/i2p-config/reseed
 WorkingDirectory=/var/lib/i2p/i2p-config/reseed
 ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb
 Restart=always
@@ -14,4 +13,4 @@ RestartSec=10
 RuntimeMaxSec=43200
 
 [Install]
-WantedBy=multi-user.target
+WantedBy=multi-user.target

go.mod

@@ -5,7 +5,9 @@ go 1.13
 require (
 	github.com/cretz/bine v0.1.0
 	github.com/eyedeekay/checki2cp v0.0.21
-	github.com/eyedeekay/sam3 v0.32.32
+	github.com/eyedeekay/go-i2pd v0.0.0-20220213070306-9807541b2dfc
+	github.com/eyedeekay/i2pkeys v0.0.0-20220310055120-b97558c06ac8
+	github.com/eyedeekay/sam3 v0.33.2
 	github.com/go-acme/lego/v4 v4.3.1
 	github.com/gorilla/handlers v1.5.1
 	github.com/justinas/alice v1.2.0
@@ -26,3 +28,5 @@ replace github.com/libp2p/go-libp2p-core => github.com/libp2p/go-libp2p-core v0.
 replace github.com/libp2p/go-libp2p-gostream => github.com/libp2p/go-libp2p-gostream v0.3.1
 
 replace github.com/libp2p/go-libp2p-http => github.com/libp2p/go-libp2p-http v0.2.0
+
+//replace github.com/eyedeekay/go-i2pd v0.0.0-20220213070306-9807541b2dfc => ./go-i2pd

go.sum

@@ -137,10 +137,18 @@ github.com/eyedeekay/go-fpw v0.0.0-20200512022837-c8b4dcdc74d4/go.mod h1:RyCx7Ku
 github.com/eyedeekay/go-i2cp v0.0.0-20190716135428-6d41bed718b0 h1:rnn9OlD/3+tATEZNuiMR1C84O5CX8bZL2qqgttprKrw=
 github.com/eyedeekay/go-i2cp v0.0.0-20190716135428-6d41bed718b0/go.mod h1:+P0fIhkqIYjo7exMJRTlSteRMbRyHbiBiKw+YlPWk+c=
 github.com/eyedeekay/go-i2pcontrol v0.0.0-20200110011336-510cca77e350/go.mod h1:bhIQsVpbNNXMtcoZ9UF4hLQleOjaCgKGXiRRhNc8TOA=
+github.com/eyedeekay/go-i2pd v0.0.0-20220213070306-9807541b2dfc h1:ozp8Cxn9nsFF+p4tMcE63G0Kx+2lEywlCW0EvtISEZg=
+github.com/eyedeekay/go-i2pd v0.0.0-20220213070306-9807541b2dfc/go.mod h1:Yg8xCWRLyq0mezPV+xJygBhJCf7wYsIdXbYGQk5tnW8=
+github.com/eyedeekay/goSam v0.32.31-0.20210122211817-f97683379f23/go.mod h1:UgJnih/LpotwKriwVPOEa6yPDM2NDdVrKfLtS5DOLPE=
+github.com/eyedeekay/i2pd v0.3.0-1stbinrelease.0.20210702172028-5d01ee95810a/go.mod h1:4qJhWn+yNrWRbqFHhU8kl7JgbcW1hm3PMgvlPlxO3gg=
+github.com/eyedeekay/i2pkeys v0.0.0-20220310052025-204d4ae6dcae/go.mod h1:W9KCm9lqZ+Ozwl3dwcgnpPXAML97+I8Jiht7o5A8YBM=
+github.com/eyedeekay/i2pkeys v0.0.0-20220310055120-b97558c06ac8 h1:9QLD6ZWn1Evc0bT971aArjkit94+s5FMc2stDfEpen4=
+github.com/eyedeekay/i2pkeys v0.0.0-20220310055120-b97558c06ac8/go.mod h1:W9KCm9lqZ+Ozwl3dwcgnpPXAML97+I8Jiht7o5A8YBM=
 github.com/eyedeekay/ramp v0.0.0-20190429201811-305b382042ab/go.mod h1:h7mvUAMgZ/rtRDUOkvKTK+8LnDMeUhJSoa5EPdB51fc=
 github.com/eyedeekay/sam3 v0.32.2/go.mod h1:Y3igFVzN4ybqkkpfUWULGhw7WRp8lieq0ORXbLBbcZM=
-github.com/eyedeekay/sam3 v0.32.32 h1:9Ea1Ere5O8Clx8zYxKnvhrWy7R96Q4FvxlPskYf8VW0=
 github.com/eyedeekay/sam3 v0.32.32/go.mod h1:qRA9KIIVxbrHlkj+ZB+OoxFGFgdKeGp1vSgPw26eOVU=
+github.com/eyedeekay/sam3 v0.33.2 h1:WP+fD4oPxiE0cA+gTKRNiZo3SrGI2+5FkzrnU/6Mmz4=
+github.com/eyedeekay/sam3 v0.33.2/go.mod h1:sPtlI4cRm7wD0UywOzLPvvdY1G++vBSK3n+jiIGqWlU=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
 github.com/felixge/httpsnoop v1.0.1 h1:lvB5Jl89CsZtGIWuTcDM1E/vkVs49/Ml7JJe07l8SPQ=
@@ -153,6 +161,15 @@ github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWo
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
 github.com/garyburd/redigo v1.1.1-0.20170914051019-70e1b1943d4f/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY=
 github.com/getkin/kin-openapi v0.13.0/go.mod h1:WGRs2ZMM1Q8LR1QBEwUxC6RJEfaBcD0s+pcEVXFuAjw=
+github.com/getlantern/context v0.0.0-20190109183933-c447772a6520/go.mod h1:L+mq6/vvYHKjCX2oez0CgEAJmbq1fbb/oNJIWQkBybY=
+github.com/getlantern/errors v1.0.1/go.mod h1:l+xpFBrCtDLpK9qNjxs+cHU6+BAdlBaxHqikB6Lku3A=
+github.com/getlantern/go-socks5 v0.0.0-20171114193258-79d4dd3e2db5/go.mod h1:kGHRXch95rnGLHjER/GhhFiHvfnqNz7KqWD9kGfATHY=
+github.com/getlantern/golog v0.0.0-20201105130739-9586b8bde3a9/go.mod h1:ZyIjgH/1wTCl+B+7yH1DqrWp6MPJqESmwmEQ89ZfhvA=
+github.com/getlantern/hex v0.0.0-20190417191902-c6586a6fe0b7/go.mod h1:dD3CgOrwlzca8ed61CsZouQS5h5jIzkK9ZWrTcf0s+o=
+github.com/getlantern/hidden v0.0.0-20190325191715-f02dbb02be55/go.mod h1:6mmzY2kW1TOOrVy+r41Za2MxXM+hhqTtY3oBKd2AgFA=
+github.com/getlantern/netx v0.0.0-20190110220209-9912de6f94fd/go.mod h1:wKdY0ikOgzrWSeB9UyBVKPRhjXQ+vTb+BPeJuypUuNE=
+github.com/getlantern/ops v0.0.0-20190325191751-d70cb0d6f85f/go.mod h1:D5ao98qkA6pxftxoqzibIBBrLSUli+kYnJqrgBf9cIA=
+github.com/getlantern/ops v0.0.0-20200403153110-8476b16edcd6/go.mod h1:D5ao98qkA6pxftxoqzibIBBrLSUli+kYnJqrgBf9cIA=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/go-acme/lego/v4 v4.3.1 h1:rzmg0Gpy25B/exXjl+KgpG5Xt6wN5rFTLjRf/Uf3pfg=
 github.com/go-acme/lego/v4 v4.3.1/go.mod h1:tySA24ifl6bI7kZ0+ocGtTIv4H1yhYVFAgyMHF2DSRg=
@@ -229,6 +246,7 @@ github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hf
 github.com/google/pprof v0.0.0-20200212024743-f11f1df84d12/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/google/renameio v1.0.0/go.mod h1:t/HQoYBZSsWSNK35C6CO/TpPLDVWvxOHboWUAweKUpk=
 github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY=
 github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/gax-go v2.0.0+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY=
@@ -601,6 +619,7 @@ github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYr
 github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw=
 github.com/oracle/oci-go-sdk v24.3.0+incompatible/go.mod h1:VQb79nF8Z2cwLkLS35ukwStZIg5F66tcBccjip/j888=
 github.com/ovh/go-ovh v1.1.0/go.mod h1:AxitLZ5HBRPyUd+Zl60Ajaag+rNTdVXWIkzfrVuTXWA=
+github.com/oxtoacart/bpool v0.0.0-20190530202638-03653db5a59c/go.mod h1:X07ZCGwUbLaax7L0S3Tw4hpejzu63ZrrQiUe6W0hcy0=
 github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
 github.com/patrickmn/go-cache v2.1.0+incompatible/go.mod h1:3Qf8kWWT7OJRJbdiICTKqZju1ZixQ/KpMGzzAfe6+WQ=
 github.com/pelletier/go-toml v1.0.1-0.20170904195809-1d6b12b7cb29/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
@@ -640,8 +659,10 @@ github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDa
 github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
 github.com/rainycape/memcache v0.0.0-20150622160815-1031fa0ce2f2/go.mod h1:7tZKcyumwBO6qip7RNQ5r77yrssm9bfCowcLEBcU5IA=
 github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
+github.com/riobard/go-x25519 v0.0.0-20190716001027-10cc4d8d0b33/go.mod h1:BjmVxzAnkLeoEbqHEerI4eSw6ua+RaIB0S4jMV21RAs=
 github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/rogpeppe/go-internal v1.6.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/russross/blackfriday v2.0.0+incompatible h1:cBXrhZNUf9C+La9/YpS+UHpUT8YD6Td9ZMSU9APFcsk=
 github.com/russross/blackfriday v2.0.0+incompatible/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
@@ -722,6 +743,8 @@ github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMx
 github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 github.com/ybbus/jsonrpc v2.1.2+incompatible/go.mod h1:XJrh1eMSzdIYFbM08flv0wp5G35eRniyeGut1z+LSiE=
+github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/zserge/lorca v0.1.9/go.mod h1:bVmnIbIRlOcoV285KIRSe4bUABKi7R7384Ycuum6e4A=
 gitlab.com/golang-commonmark/html v0.0.0-20191124015941-a22733972181 h1:K+bMSIx9A7mLES1rtG+qKduLIXq40DAzYHtb0XuCukA=
 gitlab.com/golang-commonmark/html v0.0.0-20191124015941-a22733972181/go.mod h1:dzYhVIwWCtzPAa4QP98wfB9+mzt33MSmM8wsKiMi2ow=
@@ -810,8 +833,9 @@ golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKG
 golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -841,6 +865,7 @@ golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210220033124-5f55cee0dc0d h1:1aflnvSoWWLI2k/dMUAl5lvU1YO4Mb4hz0gh+1rjcxU=
 golang.org/x/net v0.0.0-20210220033124-5f55cee0dc0d/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
@@ -857,8 +882,9 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a h1:WXEvlFVvvGxCJLG6REjsT03iWnKLEWinaScsxF2Vm2o=
 golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180622082034-63fc586f45fe/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -965,12 +991,15 @@ golang.org/x/tools v0.0.0-20200204074204-1cc6d1ef6c74/go.mod h1:TB2adYChydJhpapK
 golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200212150539-ea181f53ac56/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200224181240-023911ca70b2/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb h1:iKlO7ROJc6SttHKlxzwGytRtBUqX4VARrNTgP2YLX5M=
 golang.org/x/tools v0.0.0-20200304193943-95d2e580d8eb/go.mod h1:o4KQGtdN14AW+yjsvvwRTJJuXz8XRtIHtEnmAXLyFUw=
+golang.org/x/tools v0.0.0-20200410194907-79a7a3126eef/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
+golang.org/x/tools v0.0.0-20201125231158-b5590deeca9b h1:Lq5JUTFhiybGVf28jB6QRpqd13/JPOaCnET17PVzYJE=
+golang.org/x/tools v0.0.0-20201125231158-b5590deeca9b/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/api v0.0.0-20170921000349-586095a6e407/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
 google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
 google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
@@ -1066,8 +1095,9 @@ honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
-honnef.co/go/tools v0.0.1-2020.1.3 h1:sXmLre5bzIR6ypkjXCDI3jHPssRhc8KD/Ome589sc3U=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
+honnef.co/go/tools v0.0.1-2020.1.6 h1:W18jzjh8mfPez+AwGLxmOImucz/IFjpNlrKVnaj2YVc=
+honnef.co/go/tools v0.0.1-2020.1.6/go.mod h1:pyyisuGw24ruLjrr1ddx39WE0y9OooInRzEYLhQB2YY=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=

index.html

@@ -1,68 +1,424 @@
-<!DOCTYPE html>
 <html>
-<head>
-  <title>Reseed Tools</title>
-  <link rel="stylesheet" type="text/css" href ="/style.css" />
-</head>
-<body>
-<h1 id="i2p-reseed-tools">I2P Reseed Tools</h1>
-<p>This tool provides a secure and efficient reseed server for the I2P network. There are several utility commands to create, sign, and validate SU3 files. Please note that this requires at least Go version 1.13, and uses Go Modules.</p>
-<p>Standard reseeds are distributed with the I2P packages. To get your reseed included, apply on <a href="http://zzz.i2p">zzz.i2p</a>.</p>
-<h2 id="dependencies">Dependencies</h2>
-<p><code>go</code>, <code>git</code>, and optionally <code>make</code> are required to build the project. Precompiled binaries for most platforms are available at my github mirror https://github.com/eyedeekay/i2p-tools-1.</p>
-<p>In order to install the build-dependencies on Ubuntu or Debian, you may use:</p>
-<div class="sourceCode" id="cb1"><pre class="sourceCode sh"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1" aria-hidden="true"></a><span class="fu">sudo</span> apt-get install golang-go git make</span></code></pre></div>
-<h2 id="installation">Installation</h2>
-<p>Reseed-tools can be run as a user, as a freestanding service, or be installed as an I2P Plugin. It will attempt to configure itself automatically. You should make sure to set the <code>--signer</code> flag or the <code>RESEED_EMAIL</code> environment variable to configure your signing keys/contact info.</p>
-<h4 id="plugin-install-urls">Plugin install URL’s</h4>
-<p>Plugin releases are available inside of i2p at http://idk.i2p/reseed-tools/ and via the github mirror at https://github.com/eyedeekay/reseed-tools/releases. These can be installed by adding them on the <a href="http://127.0.0.1:7657/configplugins">http://127.0.0.1:7657/configplugins</a>.</p>
-<ul>
-<li>darwin/amd64: <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3">http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3</a></li>
-<li>darwin/arm64: <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3">http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3</a></li>
-<li>linux/386: <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3">http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3</a></li>
-<li>linux/amd64: <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3">http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3</a></li>
-<li>linux/arm: <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3">http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3</a></li>
-<li>linux/arm64: <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3">http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3</a></li>
-<li>openbsd/amd64: <a href="http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3">http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3</a></li>
-<li>freebsd/386: <a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3">http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3</a></li>
-<li>freebsd/amd64: <a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3">http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3</a></li>
-<li>windows/amd64: <a href="http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3">http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3</a></li>
-<li>windows/386: <a href="http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3">http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3</a></li>
-</ul>
-<h3 id="installationfrom-source">Installation(From Source)</h3>
-<pre><code>git clone https://i2pgit.org/idk/reseed-tools
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="CHANGELOG.html">
+                CHANGELOG
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <h1>
+      <a href="/">
+        I2P Reseed Tools
+      </a>
+    </h1>
+    <p>
+      <img src="content/images/reseed.png" alt="Reseed Tools Poster"/>
+    </p>
+    <p>
+      This tool provides a secure and efficient reseed server for the I2P network.
+      There are several utility commands to create, sign, and validate SU3 files.
+      Please note that this requires at least Go version 1.13, and uses Go Modules.
+    </p>
+    <p>
+      Standard reseeds are distributed with the I2P packages. To get your reseed
+      included, apply on
+      <a href="http://zzz.i2p" rel="nofollow">
+        zzz.i2p
+      </a>
+      .
+    </p>
+    <h2>
+      Dependencies
+    </h2>
+    <p>
+      <code>
+        go
+      </code>
+      ,
+      <code>
+        git
+      </code>
+      , and optionally
+      <code>
+        make
+      </code>
+      are required to build the project.
+      Precompiled binaries for most platforms are available at my github mirror
+      <a href="https://github.com/eyedeekay/i2p-tools-1" rel="nofollow">
+        https://github.com/eyedeekay/i2p-tools-1
+      </a>
+      .
+    </p>
+    <p>
+      In order to install the build-dependencies on Ubuntu or Debian, you may use:
+    </p>
+    <pre><code>sudo apt-get install golang-go git make
+</code></pre>
+    <h2>
+      Installation
+    </h2>
+    <p>
+      Reseed-tools can be run as a user, as a freestanding service, or be installed
+      as an I2P Plugin. It will attempt to configure itself automatically. You should
+      make sure to set the
+      <code>
+        --signer
+      </code>
+      flag or the
+      <code>
+        RESEED_EMAIL
+      </code>
+      environment variable
+      to configure your signing keys/contact info.
+    </p>
+    <h4>
+      Plugin install URL’s
+    </h4>
+    <p>
+      Plugin releases are available inside of i2p at
+      <a href="http://idk.i2p/reseed-tools/" rel="nofollow">
+        http://idk.i2p/reseed-tools/
+      </a>
+      and via the github mirror at
+      <a href="https://github.com/eyedeekay/reseed-tools/releases" rel="nofollow">
+        https://github.com/eyedeekay/reseed-tools/releases
+      </a>
+      .
+      These can be installed by adding them on the
+      <a href="http://127.0.0.1:7657/configplugins" rel="nofollow">
+        http://127.0.0.1:7657/configplugins
+      </a>
+      .
+    </p>
+    <p>
+      After installing the plugin, you should immediately edit the
+      <code>
+        $PLUGIN/signer
+      </code>
+      file in order to set your
+      <code>
+        --signer
+      </code>
+      email, which is used to name your keys.
+      You can find the
+      <code>
+        $PLUGIN
+      </code>
+      directory in your I2P config directory, which is
+      usually
+      <code>
+        $HOME/.i2p
+      </code>
+      on Unixes.
+    </p>
+    <p>
+      This will allow the developers to contact you if your reseed has issues
+      and will authenticate your reseed to the I2P routers that use it.
+    </p>
+    <ul>
+      <li>
+        darwin/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3
+        </a>
+      </li>
+      <li>
+        darwin/arm64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3
+        </a>
+      </li>
+      <li>
+        linux/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3
+        </a>
+      </li>
+      <li>
+        linux/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3
+        </a>
+      </li>
+      <li>
+        linux/arm:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3
+        </a>
+      </li>
+      <li>
+        linux/arm64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3
+        </a>
+      </li>
+      <li>
+        openbsd/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3
+        </a>
+      </li>
+      <li>
+        freebsd/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3
+        </a>
+      </li>
+      <li>
+        freebsd/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3
+        </a>
+      </li>
+      <li>
+        windows/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3
+        </a>
+      </li>
+      <li>
+        windows/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3" rel="nofollow">
+          http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3
+        </a>
+      </li>
+    </ul>
+    <h3>
+      Installation(From Source)
+    </h3>
+    <pre><code>git clone https://i2pgit.org/idk/reseed-tools
 cd reseed-tools
 make build
 # Optionally, if you want to install to /usr/bin/reseed-tools
-sudo make install</code></pre>
-<h2 id="usage">Usage</h2>
-<h4 id="debianubuntu-note">Debian/Ubuntu note:</h4>
-<p>Debian users who are running I2P as a system service must also run the <code>reseed-tools</code> as the same user. This is so that the reseed-tools can access the I2P service’s netDb directory. On Debian and Ubuntu, that user is <code>i2psvc</code> and the netDb directory is: <code>/var/lib/i2p/i2p-config/netDb</code>.</p>
-<h5 id="systemd-service">Systemd Service</h5>
-<p>A systemd service is provided which should work with the I2P Debian package when reseed-tools is installed in <code>/usr/bin/reseed-tools</code>. If you install with <code>make install</code> this service is also installed. This service will cause the bundles to regenerate every 12 hours.</p>
-<p>The contact email for your reseed should be added in: <code>/etc/systemd/system/reseed.d/reseed.conf</code>.</p>
-<p>Self-signed certificates will be auto-generated for these services. To change this you should edit the <code>/etc/systemd/system/reseed.d/reseed.service</code>.</p>
-<ul>
-<li>To enable starting the reseed service automatically with the system: <code>sudo systemctl enable reseed.service</code></li>
-<li>To run the service manually: <code>sudo sysctl start reseed.service</code><br />
-</li>
-<li>To reload the systemd services: <code>sudo systemctl daemon-reload</code></li>
-<li>To view the status/logs: <code>sudo journalctl -u reseed.service</code></li>
-</ul>
-<h5 id="sysv-service">SysV Service</h5>
-<p>An initscript is also provided. The initscript, unlike the systemd service, cannot schedule itself to restart. You should restart the service roughly once a day to ensure that the information does not expire.</p>
-<p>The contact email for your reseed should be added in: <code>/etc/init.d/reseed</code>.</p>
-<p>Self-signed certificates will be auto-generated for these services. To change this you should edit the <code>/etc/init.d/reseed</code>.</p>
-<h2 id="example-commands">Example Commands:</h2>
-<h3 id="without-a-webserver-standalone-with-tls-support">Without a webserver, standalone with TLS support</h3>
-<p>If this is your first time running a reseed server (ie. you don’t have any existing keys), you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates. Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory (a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).</p>
-<pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld</code></pre>
-<h3 id="locally-behind-a-webserver-reverse-proxy-setup-preferred">Locally behind a webserver (reverse proxy setup), preferred:</h3>
-<p>If you are using a reverse proxy server it may provide the TLS certificate instead.</p>
-<pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy</code></pre>
-<ul>
-<li><strong>Usage</strong> <a href="EXAMPLES.md">More examples can be found here.</a></li>
-<li><strong>Docker</strong> <a href="DOCKER.md">Docker examples can be found here</a></li>
-</ul>
-</body>
-</html>
+sudo make install
+</code></pre>
+    <h2>
+      Usage
+    </h2>
+    <h4>
+      Debian/Ubuntu note:
+    </h4>
+    <p>
+      Debian users who are running I2P as a system service must also run the
+      <code>
+        reseed-tools
+      </code>
+      as the same user. This is so that the reseed-tools can access
+      the I2P service’s netDb directory. On Debian and Ubuntu, that user is
+      <code>
+        i2psvc
+      </code>
+      and the netDb directory is:
+      <code>
+        /var/lib/i2p/i2p-config/netDb
+      </code>
+      .
+    </p>
+    <h5>
+      Service Integration
+    </h5>
+    <p>
+      Support for running as a system service as part of the reseed package
+      is new. PR’s that improve integration are welcome.
+    </p>
+    <h6>
+      Systemd Service
+    </h6>
+    <p>
+      A systemd service is provided which should work with the I2P Debian package
+      when reseed-tools is installed in
+      <code>
+        /usr/bin/reseed-tools
+      </code>
+      . If you install with
+      <code>
+        make install
+      </code>
+      this service is also installed. This service will cause the
+      bundles to regenerate every 12 hours.
+    </p>
+    <p>
+      The contact email for your reseed should be added in:
+      <code>
+        /etc/systemd/system/reseed.d/reseed.conf
+      </code>
+      .
+    </p>
+    <p>
+      Self-signed certificates will be auto-generated for these services. To change
+      this you should edit the
+      <code>
+        /etc/systemd/system/reseed.d/reseed.service
+      </code>
+      .
+    </p>
+    <ul>
+      <li>
+        To enable starting the reseed service automatically with the system:
+        <code>
+          sudo systemctl enable reseed.service
+        </code>
+      </li>
+      <li>
+        To run the service manually:
+        <code>
+          sudo sysctl start reseed.service
+        </code>
+        <br/>
+      </li>
+      <li>
+        To reload the systemd services:
+        <code>
+          sudo systemctl daemon-reload
+        </code>
+      </li>
+      <li>
+        To view the status/logs:
+        <code>
+          sudo journalctl -u reseed.service
+        </code>
+      </li>
+    </ul>
+    <h6>
+      SysV Service
+    </h6>
+    <p>
+      An initscript is also provided. The initscript, unlike the systemd service,
+      cannot schedule itself to restart. You should restart the service roughly once
+      a day to ensure that the information does not expire.
+    </p>
+    <p>
+      The contact email for your reseed should be added in:
+      <code>
+        /etc/init.d/reseed
+      </code>
+      .
+    </p>
+    <p>
+      Self-signed certificates will be auto-generated for these services. To change
+      this you should edit the
+      <code>
+        /etc/init.d/reseed
+      </code>
+      .
+    </p>
+    <h2>
+      Example Commands:
+    </h2>
+    <h3>
+      Without a webserver, standalone with TLS support
+    </h3>
+    <p>
+      If this is your first time running a reseed server (ie. you don’t have any existing keys),
+      you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates.
+      Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory
+      (a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).
+    </p>
+    <pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
+</code></pre>
+    <h3>
+      Locally behind a webserver (reverse proxy setup), preferred:
+    </h3>
+    <p>
+      If you are using a reverse proxy server it may provide the TLS certificate instead.
+    </p>
+    <pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
+</code></pre>
+    <ul>
+      <li>
+        <strong>
+          Usage
+        </strong>
+        <a href="EXAMPLES.md" rel="nofollow">
+          More examples can be found here.
+        </a>
+      </li>
+      <li>
+        <strong>
+          Docker
+        </strong>
+        <a href="DOCKER.md" rel="nofollow">
+          Docker examples can be found here
+        </a>
+      </li>
+    </ul>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        I2P
+      </a>
+    </div>
+  </body>
+</html>

main.go

@@ -19,7 +19,7 @@ func main() {
 
 	app := cli.NewApp()
 	app.Name = "reseed-tools"
-	app.Version = "0.1.9"
+	app.Version = "0.2.9"
 	app.Usage = "I2P tools and reseed server"
 	app.Author = "eyedeekay"
 	app.Email = "hankhill19580@gmail.com"

postinstall-pak

@@ -12,24 +12,38 @@ Environment=\"RESEED_EMAIL="
 RESEED_DEFAULT="#Edit the contact/signing email used by your reseed server here
 export RESEED_EMAIL=\""
 
-mkdir -p /etc/systemd/system/reseed.d/
+mkdir -p /etc/systemd/system/reseed.service.d/
 
-if [ -f /usr/bin/zenity ]; then
-    RESEED_EMAIL=$(zenity --entry --title "Reseed Configuration" --text "$RESEED_MESSAGE" 10 30 3>&1 1>&2 2>&3)
-    echo "$RESEED_DEFAULT$RESEED_EMAIL\"" >> /etc/default/reseed
-    echo "$RESEED_CONF$RESEED_EMAIL\"" >> /etc/systemd/system/reseed.d/reseed.conf
-    exit 0
+INIT=$(file /sbin/init 2>&1 | grep systemd)
+if [ ! -z "$INIT" ]; then
+    rm -f /etc/default/reseed /etc/init.d/reseed
 fi
 
 if [ -t 1 ] ; then 
-    echo "proceeding with terminal"; 
+    if [ -f /usr/bin/whiptail ]; then    
+        RESEED_EMAIL=$(whiptail --inputbox "$RESEED_MESSAGE" 10 30 3>&1 1>&2 2>&3)
+        if [ ! -z "$INIT" ]; then
+            echo "$RESEED_CONF$RESEED_EMAIL\"" | tee /etc/systemd/system/reseed.service.d/override.conf
+            systemctl enable reseed.service
+            systemctl daemon-reload
+        else
+            echo "$RESEED_DEFAULT$RESEED_EMAIL\"" | tee /etc/default/reseed
+        fi
+        exit 0
+    fi
 else 
-    exit 0
+    if [ -f /usr/bin/zenity ]; then
+        RESEED_EMAIL=$(zenity --entry --title "Reseed Configuration" --text "$RESEED_MESSAGE" 10 30 3>&1 1>&2 2>&3)
+        if [ ! -z "$INIT" ]; then
+            echo "$RESEED_CONF$RESEED_EMAIL\"" | tee /etc/systemd/system/reseed.service.d/override.conf
+            #systemctl enable /etc/systemd/system/reseed.service.d/reseed.service
+            systemctl enable reseed.service
+            systemctl daemon-reload
+        else
+            echo "$RESEED_DEFAULT$RESEED_EMAIL\"" | tee /etc/default/reseed
+        fi
+        exit 0
+    fi
 fi
 
-if [ -f /usr/bin/whiptail ]; then    
-    RESEED_EMAIL=$(whiptail --inputbox "$RESEED_MESSAGE" 10 30 3>&1 1>&2 2>&3)
-    echo "$RESEED_DEFAULT$RESEED_EMAIL\"" >> /etc/default/reseed
-    echo "$RESEED_CONF$RESEED_EMAIL\"" >> /etc/systemd/system/reseed.d/reseed.conf
-    exit 0
-fi
+

postremove-pak

@@ -0,0 +1,8 @@
+#! /usr/bin/env sh
+
+INIT=$(file /sbin/init 2>&1 | grep systemd)
+if [ ! -z "$INIT" ]; then
+    systemctl disable reseed.service
+    systemctl daemon-reload
+fi
+

reseed/homepage.go

@@ -91,6 +91,14 @@ func (srv *Server) HandleARealBrowser(w http.ResponseWriter, r *http.Request) {
 		if strings.HasPrefix(image, "images") {
 			w.Header().Set("Content-Type", "image/png")
 			HandleAFile(w, "images", strings.TrimPrefix(strings.TrimPrefix(r.URL.Path, "/"), "images"))
+		} else if strings.HasPrefix(image, "ping") {
+			PingEverybody()
+			http.Redirect(w, r, "/readout", http.StatusFound)
+		} else if strings.HasPrefix(image, "readout") {
+			w.Header().Set("Content-Type", "text/html")
+			w.Write([]byte(header))
+			ReadOut(w)
+			w.Write([]byte(footer))
 		} else {
 			w.Header().Set("Content-Type", "text/html")
 			w.Write([]byte(header))
@@ -101,6 +109,7 @@ func (srv *Server) HandleARealBrowser(w http.ResponseWriter, r *http.Request) {
 			Reseed
 			</button>
 			</form></li></ul>`))
+			ReadOut(w)
 			w.Write([]byte(footer))
 		}
 	}
@@ -108,7 +117,7 @@ func (srv *Server) HandleARealBrowser(w http.ResponseWriter, r *http.Request) {
 
 func HandleAFile(w http.ResponseWriter, dirPath, file string) {
 	file = filepath.Join(dirPath, file)
-	if _, prs := CachedDataPages[file]; prs == false {
+	if _, prs := CachedDataPages[file]; !prs {
 		path := filepath.Join(BaseContentPath, file)
 		f, err := ioutil.ReadFile(path)
 		if err != nil {
@@ -123,7 +132,7 @@ func HandleAFile(w http.ResponseWriter, dirPath, file string) {
 }
 
 func HandleALocalizedFile(w http.ResponseWriter, dirPath string) {
-	if _, prs := CachedLanguagePages[dirPath]; prs == false {
+	if _, prs := CachedLanguagePages[dirPath]; !prs {
 		dir := filepath.Join(BaseContentPath, "lang", dirPath)
 		files, err := ioutil.ReadDir(dir)
 		if err != nil {

reseed/ping.go

@@ -0,0 +1,123 @@
+package reseed
+
+import (
+	"fmt"
+	"io/ioutil"
+	"log"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strings"
+	"time"
+)
+
+// Ping requests an `.su3` from another reseed server and return true if
+// the reseed server is alive If the reseed server is not alive, returns
+// false and the status of the request as an error
+func Ping(url string) (bool, error) {
+	if strings.HasSuffix(url, "i2pseeds.su3") {
+		url = url + "i2pseeds.su3"
+	}
+	req, err := http.NewRequest("GET", url, nil)
+	if err != nil {
+		return false, err
+	}
+	req.Header.Set("User-Agent", i2pUserAgent)
+
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		return false, err
+	}
+	defer resp.Body.Close()
+	if resp.StatusCode != 200 {
+		return false, fmt.Errorf("%s", resp.Status)
+	}
+	return true, nil
+}
+
+func PingWriteContent(url string) error {
+	date := time.Now().Format("2006-01-02")
+	path := strings.Replace(url, "http://", "", 1)
+	path = strings.Replace(path, "https://", "", 1)
+	path = strings.Replace(path, "/", "", -1)
+	path = filepath.Join(BaseContentPath, path+"-"+date+".ping")
+	if _, err := os.Stat(path); err != nil {
+		result, err := Ping(url)
+		if result {
+			log.Printf("Ping: %s OK", url)
+			err := ioutil.WriteFile(path, []byte("Alive: Status OK"), 0644)
+			return err
+		} else {
+			log.Printf("Ping: %s %s", url, err)
+			err := ioutil.WriteFile(path, []byte("Dead: "+err.Error()), 0644)
+			return err
+		}
+	}
+	return nil
+}
+
+// TODO: make this a configuration option
+var AllReseeds = []string{
+	"https://banana.incognet.io/",
+	"https://i2p.novg.net/",
+	"https://i2pseed.creativecowpat.net:8443/",
+	"https://reseed.diva.exchange/",
+	"https://reseed.i2pgit.org/",
+	"https://reseed.memcpy.io/",
+	"https://reseed.onion.im/",
+	"https://reseed2.i2p.net/",
+}
+
+func PingEverybody() []string {
+	var nonerrs []string
+	for _, url := range AllReseeds {
+		err := PingWriteContent(url)
+		if err == nil {
+			nonerrs = append(nonerrs, url)
+		} else {
+			nonerrs = append(nonerrs, err.Error()+"-"+url)
+		}
+	}
+	return nonerrs
+}
+
+// Get a list of all files ending in ping in the BaseContentPath
+func GetPingFiles() ([]string, error) {
+	var files []string
+	date := time.Now().Format("2006-01-02")
+	err := filepath.Walk(BaseContentPath, func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		if strings.HasSuffix(path, ".ping") && strings.Contains(path, date) {
+			files = append(files, path)
+		}
+		return nil
+	})
+	if len(files) == 0 {
+		return nil, fmt.Errorf("No ping files found")
+	}
+	return files, err
+}
+
+func ReadOut(w http.ResponseWriter) {
+	pinglist, err := GetPingFiles()
+	if err == nil {
+		fmt.Fprintf(w, "<h3>Reseed Server Statuses</h3>")
+		fmt.Fprintf(w, "<div><p>This feature is experimental and may not always provide accurate results.</p></div>")
+		fmt.Fprintf(w, "</div><p><ul>")
+		for _, file := range pinglist {
+			ping, err := ioutil.ReadFile(file)
+			host := strings.Replace(file, ".ping", "", 1)
+			host = filepath.Base(host)
+			if err == nil {
+				fmt.Fprintf(w, "<li><strong>%s</strong> - %s</li>\n", host, ping)
+			} else {
+				fmt.Fprintf(w, "<li><strong>%s</strong> - No ping file found</li>\n", host)
+			}
+		}
+		fmt.Fprintf(w, "</ul></p></div>")
+	} else {
+		fmt.Fprintf(w, "<h4>No ping files found, check back later for reseed stats</h4>")
+	}
+}

reseed/server.go

@@ -14,8 +14,8 @@ import (
 	"time"
 
 	"github.com/cretz/bine/tor"
+	"github.com/eyedeekay/i2pkeys"
 	"github.com/eyedeekay/sam3"
-	"github.com/eyedeekay/sam3/i2pkeys"
 	"github.com/gorilla/handlers"
 	"github.com/justinas/alice"
 	"github.com/libp2p/go-libp2p-core/host"
@@ -31,14 +31,16 @@ const (
 
 type Server struct {
 	*http.Server
-	I2P           *sam3.SAM
-	I2PSession    *sam3.StreamSession
-	I2PListener   *sam3.StreamListener
-	I2PKeys       i2pkeys.I2PKeys
-	Reseeder      *ReseederImpl
-	Blacklist     *Blacklist
-	OnionListener *tor.OnionService
-	acceptables   map[string]time.Time
+	I2P              *sam3.SAM
+	I2PSession       *sam3.StreamSession
+	I2PListener      *sam3.StreamListener
+	I2PKeys          i2pkeys.I2PKeys
+	Reseeder         *ReseederImpl
+	Blacklist        *Blacklist
+	OnionListener    *tor.OnionService
+	RequestRateLimit int
+	WebRateLimit     int
+	acceptables      map[string]time.Time
 }
 
 func NewServer(prefix string, trustProxy bool) *Server {

reseed/utils.go

@@ -19,8 +19,16 @@ type KeyStore struct {
 }
 
 func (ks *KeyStore) ReseederCertificate(signer []byte) (*x509.Certificate, error) {
+	return ks.reseederCertificate("reseed", signer)
+}
+
+func (ks *KeyStore) DirReseederCertificate(dir string, signer []byte) (*x509.Certificate, error) {
+	return ks.reseederCertificate(dir, signer)
+}
+
+func (ks *KeyStore) reseederCertificate(dir string, signer []byte) (*x509.Certificate, error) {
 	certFile := filepath.Base(SignerFilename(string(signer)))
-	certString, err := ioutil.ReadFile(filepath.Join(ks.Path, "reseed", certFile))
+	certString, err := ioutil.ReadFile(filepath.Join(ks.Path, dir, certFile))
 	if nil != err {
 		return nil, err
 	}
@@ -34,8 +42,16 @@ func SignerFilename(signer string) string {
 }
 
 func NewTLSCertificate(host string, priv *ecdsa.PrivateKey) ([]byte, error) {
+	return NewTLSCertificateAltNames(priv, host)
+}
+
+func NewTLSCertificateAltNames(priv *ecdsa.PrivateKey, hosts ...string) ([]byte, error) {
 	notBefore := time.Now()
 	notAfter := notBefore.Add(5 * 365 * 24 * time.Hour)
+	host := ""
+	if len(hosts) > 0 {
+		host = hosts[0]
+	}
 
 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
@@ -61,9 +77,10 @@ func NewTLSCertificate(host string, priv *ecdsa.PrivateKey) ([]byte, error) {
 		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
 		BasicConstraintsValid: true,
 		IsCA:                  true,
+		DNSNames:              hosts[1:],
 	}
 
-	hosts := strings.Split(host, ",")
+	hosts = strings.Split(host, ",")
 	for _, h := range hosts {
 		if ip := net.ParseIP(h); ip != nil {
 			template.IPAddresses = append(template.IPAddresses, ip)

style.css

@@ -0,0 +1,157 @@
+/* edgar default CSS file */
+
+body {
+    font-family: "Roboto";
+    font-family: monospace;
+    text-align: justify;
+    background-color: #373636;
+    color: whitesmoke;
+    font-size: 1.15em;
+}
+
+ul {
+    width: 55%;
+    display: block;
+}
+
+ol {
+    width: 55%;
+    display: block;
+}
+
+li {
+    margin-top: 1%;
+}
+
+p {
+    max-width: 90%;
+    margin-top: 1%;
+    margin-left: 3%;
+    margin-right: 3%;
+}
+
+img {
+    float: left;
+    top: 5%;
+    left: 5%;
+    max-width: 60%;
+    display: inline;
+}
+
+.inline {
+    display: inline;
+}
+
+.link-button:focus {
+    outline: none;
+}
+
+.link-button:active {
+    color: red;
+}
+
+code {
+    font-family: monospace;
+    border-radius: 5%;
+    padding: 1%;
+    border-color: darkgray;
+    font-size: .9em;
+}
+
+a {
+    color: #C6D9FE;
+    padding: 1%;
+}
+
+ul li {
+    color: #C6D9FE;
+}
+
+iframe {
+    background: aliceblue;
+    border-radius: 15%;
+    margin: 2%;
+}
+
+.container {
+    width: 36vw;
+    height: 64vh;
+    display: inline-block;
+    margin: 0;
+    padding: 0;
+}
+
+.editor-toolbar a {
+    display: inline-block;
+    text-align: center;
+    text-decoration: none !important;
+    color: whitesmoke !important;
+}
+
+#feed {
+    width: 60vw;
+    height: unset !important;
+    margin: 0;
+    padding: 0;
+    float: right;
+    background-color: #373636;
+    color: whitesmoke;
+    border: #C6D9FE solid 1px;
+}
+
+.thread-post,
+.thread {
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.thread-post {
+    margin-left: 4%;
+}
+
+input {
+    text-align: center;
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font: normal normal normal 14px/1 FontAwesome;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.thread-hash {
+    text-align: right;
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.post-body {
+    text-align: left;
+    color: whitesmoke !important;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+#show {display:none; }
+#hide {display:block; }
+#show:target {display: block; }
+#hide:target {display: none; }
+
+#shownav {display:none; }
+#hidenav {display:block; }
+#shownav:target {display: block; }
+#hidenav:target {display: none; }
+
+#navbar {
+	float: right;
+	width: 10%;
+}