idk/Reseed_Tools
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

check in the packed documents too, they'll be regenerated every time but they might help somebody who needs static copies

Browse Source
This commit is contained in:
eyedeekay
2025-01-30 16:21:00 -05:00
parent 0d8e832980
commit be4257c49a
21 changed files with 2359 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
doc-pak/LICENSE Normal file
View File

@ -0,0 +1,19 @@
Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

75
doc-pak/README.md Normal file
View File

@ -0,0 +1,75 @@
I2P Reseed Tools
==================
![Reseed Tools Poster](content/images/reseed.png)
This tool provides a secure and efficient reseed server for the I2P network.
There are several utility commands to create, sign, and validate SU3 files.
Please note that this requires at least Go version 1.13, and uses Go Modules.
Standard reseeds are distributed with the I2P packages. To get your reseed
included, apply on [i2pforum.i2p](http://i2pforum.i2p).
## Dependencies
`go`, `git`, and optionally `make` are required to build the project.
Precompiled binaries for most platforms are available at my github mirror
https://github.com/eyedeekay/i2p-tools-1.
In order to install the build-dependencies on Ubuntu or Debian, you may use:
```sh
sudo apt-get install golang-go git make
```
## Installation
Reseed-tools can be run as a user, as a freestanding service, or be installed
as an I2P Plugin. It will attempt to configure itself automatically. You should
make sure to set the `--signer` flag or the `RESEED_EMAIL` environment variable
to configure your signing keys/contact info.
### Installation(From Source)
```
git clone https://i2pgit.org/idk/reseed-tools
cd reseed-tools
make build
# Optionally, if you want to install to /usr/bin/reseed-tools
sudo make install
```
## Usage
#### Debian/Ubuntu note:
It is possible to create a `.deb` package using [these instructions](docs/DEBIAN.md).
Debian users who are running I2P as a system service must also run the
`reseed-tools` as the same user. This is so that the reseed-tools can access
the I2P service's netDb directory. On Debian and Ubuntu, that user is `i2psvc`
and the netDb directory is: `/var/lib/i2p/i2p-config/netDb`.
## Example Commands:
### Without a webserver, standalone with TLS support
If this is your first time running a reseed server (ie. you don't have any existing keys),
you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates.
Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory
(a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).
```
reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
```
### Locally behind a webserver (reverse proxy setup), preferred:
If you are using a reverse proxy server it may provide the TLS certificate instead.
```
reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
```
- **Usage** [More examples can be found here.](docs/EXAMPLES.md)
- **Docker** [Docker examples can be found here](docs/DOCKER.md)

179
doc-pak/docs/DEBIAN.html Normal file
View File

@ -0,0 +1,179 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Debian and Ubuntu Packages
</h1>
<p>
It&rsquo;s possible to generate a package which is compatible with Debian and Ubuntu,
using the command:
</p>
<pre><code class="language-sh">
make checkinstall
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
</code></pre>
<p>
This requires you to have
<code>
fakeroot
</code>
and
<code>
checkinstall
</code>
installed. Use the command
</p>
<pre><code class="language-sh">
sudo apt-get install fakeroot checkinstall
</code></pre>
<p>
to install them.
</p>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

19
doc-pak/docs/DEBIAN.md Normal file
View File

@ -0,0 +1,19 @@
# Debian and Ubuntu Packages
It's possible to generate a package which is compatible with Debian and Ubuntu,
using the command:
```sh
make checkinstall
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
```
This requires you to have `fakeroot` and `checkinstall` installed. Use the command
```sh
sudo apt-get install fakeroot checkinstall
```
to install them.

232
doc-pak/docs/DOCKER.html Normal file
View File

@ -0,0 +1,232 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Docker
</h1>
<p>
To make it easier to deploy reseeds, it is possible to run this software as a
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
</p>
<p>
When you run a reseed under Docker in this fashion, it will automatically
generate a self-signed certificate for your reseed server in a Docker volume
named reseed-keys.
<em>
Back up this directory
</em>
, if it is lost it is impossible
to reproduce.
</p>
<p>
Additional flags can be passed to the application in the Docker container by
appending them to the command. Please note that Docker is not currently
compatible with .onion reseeds unless you pass the &ndash;network=host tag.
</p>
<h2>
If I2P is running as your user, do this:
</h2>
<pre><code> docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
<h2>
If I2P is running as another user, do this:
</h2>
<pre><code> docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
<h2>
<strong>
Debian/Ubuntu and Docker
</strong>
</h2>
<p>
In many cases I2P will be running as the Debian system user
<code>
i2psvc
</code>
. This
is the case for all installs where Debian&rsquo;s Advanced Packaging Tool(apt) was
used to peform the task. If you used
<code>
apt-get install
</code>
this command will
work for you. In that case, just copy-and-paste:
</p>
<pre><code> docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

58
doc-pak/docs/DOCKER.md Normal file
View File

@ -0,0 +1,58 @@
# Docker
To make it easier to deploy reseeds, it is possible to run this software as a
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
When you run a reseed under Docker in this fashion, it will automatically
generate a self-signed certificate for your reseed server in a Docker volume
named reseed-keys. *Back up this directory*, if it is lost it is impossible
to reproduce.
Additional flags can be passed to the application in the Docker container by
appending them to the command. Please note that Docker is not currently
compatible with .onion reseeds unless you pass the --network=host tag.
## If I2P is running as your user, do this:
docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
## If I2P is running as another user, do this:
docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
## **Debian/Ubuntu and Docker**
In many cases I2P will be running as the Debian system user ```i2psvc```. This
is the case for all installs where Debian's Advanced Packaging Tool(apt) was
used to peform the task. If you used ```apt-get install``` this command will
work for you. In that case, just copy-and-paste:
docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE

179
doc-pak/docs/EXAMPLES.html Normal file
View File

@ -0,0 +1,179 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h2>
Example Commands:
</h2>
<h3>
Without a webserver, standalone, automatic OnionV3 with TLS support
</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
</code></pre>
<h3>
Without a webserver, standalone, serve P2P with LibP2P
</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
</code></pre>
<h3>
Without a webserver, standalone, in-network reseed
</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
</code></pre>
<h3>
Without a webserver, standalone, Regular TLS, OnionV3 with TLS
</h3>
<pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
</code></pre>
<h3>
Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
</h3>
<pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
</code></pre>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

32
doc-pak/docs/EXAMPLES.md Normal file
View File

@ -0,0 +1,32 @@
## Example Commands:
### Without a webserver, standalone, automatic OnionV3 with TLS support
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
```
### Without a webserver, standalone, serve P2P with LibP2P
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
```
### Without a webserver, standalone, in-network reseed
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
```

263
doc-pak/docs/PLUGIN.html Normal file
View File

@ -0,0 +1,263 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Plugin install URL&rsquo;s
</h1>
<p>
Plugin releases are available inside of i2p at
<a href="http://idk.i2p/reseed-tools/">
http://idk.i2p/reseed-tools/
</a>
and via the github mirror at
<a href="https://github.com/eyedeekay/reseed-tools/releases">
https://github.com/eyedeekay/reseed-tools/releases
</a>
.
These can be installed by adding them on the
<a href="http://127.0.0.1:7657/configplugins">
http://127.0.0.1:7657/configplugins
</a>
.
</p>
<p>
After installing the plugin, you should immediately edit the
<code>
$PLUGIN/signer
</code>
file in order to set your
<code>
--signer
</code>
email, which is used to name your keys.
You can find the
<code>
$PLUGIN
</code>
directory in your I2P config directory, which is
usually
<code>
$HOME/.i2p
</code>
on Unixes.
</p>
<p>
This will allow the developers to contact you if your reseed has issues
and will authenticate your reseed to the I2P routers that use it.
</p>
<ul>
<li>
darwin/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3
</a>
</li>
<li>
darwin/arm64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3">
http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3
</a>
</li>
<li>
linux/386:
<a href="http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3">
http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3
</a>
</li>
<li>
linux/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3
</a>
</li>
<li>
linux/arm:
<a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3">
http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3
</a>
</li>
<li>
linux/arm64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3">
http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3
</a>
</li>
<li>
openbsd/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3
</a>
</li>
<li>
freebsd/386:
<a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3">
http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3
</a>
</li>
<li>
freebsd/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3
</a>
</li>
<li>
windows/amd64:
<a href="http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3">
http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3
</a>
</li>
<li>
windows/386:
<a href="http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3">
http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3
</a>
</li>
</ul>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

26
doc-pak/docs/PLUGIN.md Normal file
View File

@ -0,0 +1,26 @@
# Plugin install URL's
Plugin releases are available inside of i2p at http://idk.i2p/reseed-tools/
and via the github mirror at https://github.com/eyedeekay/reseed-tools/releases.
These can be installed by adding them on the
[http://127.0.0.1:7657/configplugins](http://127.0.0.1:7657/configplugins).
After installing the plugin, you should immediately edit the `$PLUGIN/signer`
file in order to set your `--signer` email, which is used to name your keys.
You can find the `$PLUGIN` directory in your I2P config directory, which is
usually `$HOME/.i2p` on Unixes.
This will allow the developers to contact you if your reseed has issues
and will authenticate your reseed to the I2P routers that use it.
- darwin/amd64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3)
- darwin/arm64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3)
- linux/386: [http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3)
- linux/amd64: [http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3)
- linux/arm: [http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3)
- linux/arm64: [http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3)
- openbsd/amd64: [http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3)
- freebsd/386: [http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3](http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3)
- freebsd/amd64: [http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3)
- windows/amd64: [http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3)
- windows/386: [http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3](http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3)

0
doc-pak/docs/PROXY.md Normal file
View File

91
doc-pak/docs/README.md Normal file
View File

@ -0,0 +1,91 @@
Configure an I2P Reseed Server Very Rapidly on Debian and Ubuntu
================================================================
It is possible to easily and automatically configure a reseed server
with a self-signed certificate on any Debian-based operating system,
including Ubuntu and it's downstreams. This is achieved using the `checkinstall`
tool to set up the software dependencies and the operating system to
run the `I2P` service and the `reseed` service.
Using a binary package
----------------------
If you do not wish to build from source, you can use a binary package
from me. This package is built from this repo with the `make checkinstall`
target and uploaded by me. I build it on an up-to-date Debian `sid` system
at tag time. It contains a static binary and files for configuring it as a
system service.
```sh
wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
# Obtain the checksum from the release web page
echo "38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb" > SHA256SUMS
sha256sums -c SHA256SUMS
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
```
Building the `.deb` package from the source(Optional)
-----------------------------------------------------
If your software is too old, it's possible that the binary package I build will
not work for you. It's very easy to generate your own from the source code in this
repository.
\\**1.** Install the build dependencies
```sh
sudo apt-get install fakeroot checkinstall go git make
```
\\**2.** Clone the source code
```sh
git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
```
\\**3.** Generate the `.deb` package using the `make checkinstall` target
```sh
cd ~/go/src/i2pgit.org/idk/reseed-tools
make checkinstall
```
\\**4.** Install the `.deb` package
```sh
sudo apt-get install ./reseed-tools_*.deb
```
Running the Service
-------------------
\\**1.** First, ensure that the I2P service is already running. The longer the better,
if you have to re-start the service, or if the service has very few peers, allow it to
run for 24 hours before advancing to step **2.**
```sh
sudo systemctl start i2p
# or, if you use sysvinit
sudo service i2p start
```
\\**2.** Once your I2P router is "Well-Integrated," start the reseed service.
```sh
sudo systemctl start reseed
# or, if you use sysvinit
sudo service reseed start
```
Your reseed will auto-configure with a self-signed certificate on port `:8443`. The
certificates themselves are available in `/var/lib/i2p/i2p-config/reseed`. When
you are ready, you should copy the `*.crt` files from that directory and share them
witth the I2P community on [`zzz.i2p`](http://zzz.i2p). These will allow I2P users
to authenticate your reseed services and secure the I2P network.

34
doc-pak/docs/REMOTE.md Normal file
View File

@ -0,0 +1,34 @@
Using a remote Network Database
-------------------------------
Beginning in `reseed-tools 2.5.0` it is possible to use reseed-tools to "share" a netDb directory on one host with a reseed server on another hose.
This feature is built into the reseed-tools software.
It is also possible to do this manually using `sshfs`, `ssh` combined with `cron`, and most available backup utilities like `borg` and `syncthing`.
This guide only covers `reseed-tools`.
Password-Protected Sharing of NetDB content over I2P
----------------------------------------------------
Run this command on a well-integrated I2P router which is **not** hosting a reseed server on the same IP address.
To share the whole contents of your netDb directory over I2P, run reseed-tools with the following arguments:
```sh
reseed-tools share --share-password $(use_a_strong_password) --netdb $(path_to_your_netdb)
```
In a few seconds, you will have a new I2P site which will provide your netDb as a `.tar.gz` file to anyone with the password.
Make a note of the base32 address of the new site for the next step.
Password-Protected Retrieval of Shared NetDB content over I2P
-------------------------------------------------------------
Run this command on a router hosting which **is** hosting a reseed server on the same IP address, or add the arguments to your existing command.
To retrieve a remote NetDB bundle from a hidden service, run reseed tools with the following arguments:
```sh
reseed-tools reseed --share-peer $(thebase32addressyoumadeanoteofaboveintheotherstepnow.b32.i2p) --share-password $(use_a_strong_password) --netdb $(path_to_your_netdb)
```
Periodically, the remote `netdb.tar.gz` bundle will be fetched from the remote server and extracted to the `--netdb` directory.
If the `--netdb` directory is not empty, local RI's are left intact and never overwritten, essentially combining the local and remote netDb.
If the directory is empty, the remote netDb will be the only netDb used by the reseed server.

254
doc-pak/docs/SERVICES.html Normal file
View File

@ -0,0 +1,254 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Service Integration
</h1>
<p>
Support for running as a system service as part of the reseed package
is new. PR&rsquo;s that improve integration are welcome.
</p>
<h2>
Systemd Service
</h2>
<p>
A systemd service is provided which should work with the I2P Debian package
when reseed-tools is installed in
<code>
/usr/bin/reseed-tools
</code>
. If you install with
<code>
make install
</code>
this service is also installed. This service will cause the
bundles to regenerate every 12 hours.
</p>
<p>
The contact email for your reseed should be added in:
<code>
/etc/systemd/system/reseed.service.d/override.conf
</code>
.
</p>
<p>
Self-signed certificates will be auto-generated for these services. To change
this you should edit the
<code>
/etc/systemd/system/reseed.service
</code>
. For instance:
</p>
<pre><code>ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb --trustProxy --ip=127.0.0.1
</code></pre>
<p>
to disable self-signed certificate generation.
</p>
<ul>
<li>
To enable starting the reseed service automatically with the system:
<code>
sudo systemctl enable reseed.service
</code>
</li>
<li>
To run the service manually:
<code>
sudo sysctl start reseed.service
</code>
<br />
</li>
<li>
To reload the systemd services:
<code>
sudo systemctl daemon-reload
</code>
</li>
<li>
To view the status/logs:
<code>
sudo journalctl -u reseed.service
</code>
</li>
</ul>
<h2>
SysV Service
</h2>
<p>
An initscript is also provided. The initscript, unlike the systemd service,
cannot schedule itself to restart. You should restart the service roughly once
a day to ensure that the information does not expire.
</p>
<p>
The contact email for your reseed should be added in:
<code>
/etc/init.d/reseed
</code>
.
</p>
<p>
Self-signed certificates will be auto-generated for these services.
To change this you should edit the
<code>
/etc/default/reseed
</code>
.
Create a
<code>
MORE_OPTIONS=&quot;&quot;
</code>
field. For instance:
</p>
<pre><code class="language-sh">MORE_OPTIONS=&quot;--trustProxy --ip=127.0.0.1&quot;
</code></pre>
<p>
will disable self-signed certificate generation.
</p>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

47
doc-pak/docs/SERVICES.md Normal file
View File

@ -0,0 +1,47 @@
# Service Integration
Support for running as a system service as part of the reseed package
is new. PR's that improve integration are welcome.
## Systemd Service
A systemd service is provided which should work with the I2P Debian package
when reseed-tools is installed in `/usr/bin/reseed-tools`. If you install with
`make install` this service is also installed. This service will cause the
bundles to regenerate every 12 hours.
The contact email for your reseed should be added in:
`/etc/systemd/system/reseed.service.d/override.conf`.
Self-signed certificates will be auto-generated for these services. To change
this you should edit the `/etc/systemd/system/reseed.service`. For instance:
```
ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb --trustProxy --ip=127.0.0.1
```
to disable self-signed certificate generation.
- To enable starting the reseed service automatically with the system: `sudo systemctl enable reseed.service`
- To run the service manually: `sudo sysctl start reseed.service`
- To reload the systemd services: `sudo systemctl daemon-reload`
- To view the status/logs: `sudo journalctl -u reseed.service`
## SysV Service
An initscript is also provided. The initscript, unlike the systemd service,
cannot schedule itself to restart. You should restart the service roughly once
a day to ensure that the information does not expire.
The contact email for your reseed should be added in:
`/etc/init.d/reseed`.
Self-signed certificates will be auto-generated for these services.
To change this you should edit the `/etc/default/reseed`.
Create a `MORE_OPTIONS=""` field. For instance:
```sh
MORE_OPTIONS="--trustProxy --ip=127.0.0.1"
```
will disable self-signed certificate generation.

263
doc-pak/docs/TLS.html Normal file
View File

@ -0,0 +1,263 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
TLS Configuration for your Reseed Server
</h1>
<p>
By default,
<code>
reseed-tools
</code>
will generate self-signed certificates for your reseed service.
This is so that it can use TLS by default, and so that it can offer self-signed certificates when operating in
<code>
.onion
</code>
mode.
It is also possible to configure
<code>
reseed-tools
</code>
without TLS certificates,
or to configure it to use ACME in order to automtically obtain a certificate from Let&rsquo;s Encrypt.
</p>
<p>
I2P does not rely on TLS Certificate Authorities to authenticate reseed servers.
Instead, the certificates are effectively &ldquo;Pinned&rdquo; in the software, after manual review by the I2P developers and the community.
It is acceptable to use self-signed certificates in this fashion because they are not summarily trusted.
A self-signed certificate which is not configured in the I2P software will not work when serving a reseed to an I2P router.
</p>
<h2>
Disable TLS
</h2>
<p>
If you do this, it is highly recommended that you use a reverse proxy such as
<code>
Apache2
</code>
or
<code>
nginx
</code>
to provide a TLS connection to clients.
Alternatively, you could run
<code>
reseed-tools
</code>
as an
<code>
.onion
</code>
service and rely on Tor for encryption and authentication.
</p>
<p>
You can disable automatic TLS configuration with the
<code>
--trustProxy
</code>
flag like this:
</p>
<pre><code class="language-sh">
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --trustProxy --ip=127.0.0.1
</code></pre>
<h2>
Setup Self-Signed TLS non-interactively
</h2>
<p>
If you don&rsquo;t want to interactively configure TLS but still want to use self-signed certificates, you can pass the
<code>
--yes
</code>
flag, which will use the defaults for all config values.
</p>
<pre><code class="language-sh">
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --yes
</code></pre>
<h2>
Use ACME to acquire TLS certificate
</h2>
<p>
Instead of self-signed certificates, if you want to chain up to a TLS CA, you can.
To automate this process using an ACME CA, like Let&rsquo;s Encrypt, you can use the
<code>
--acme
</code>
flag.
Be sure to change the
<code>
--acmeserver
</code>
option in order to use a
<strong>
production
</strong>
ACME server, as
the software defaults to a
<strong>
staging
</strong>
ACME server for testing purposes.
</p>
<p>
This functionality is new and may have issues. Please file bug reports at (i2pgit)[
<a href="https://i2pgit.org/idk/reseed-tools)">
https://i2pgit.org/idk/reseed-tools)
</a>
or
<a href="https://github.com/eyedeekay/reseed-tools">
github
</a>
.
</p>
<pre><code class="language-sh">
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --acme --acmeserver=&quot;https://acme-v02.api.letsencrypt.org/directory&quot;
</code></pre>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

50
doc-pak/docs/TLS.md Normal file
View File

@ -0,0 +1,50 @@
TLS Configuration for your Reseed Server
========================================
By default, `reseed-tools` will generate self-signed certificates for your reseed service.
This is so that it can use TLS by default, and so that it can offer self-signed certificates when operating in `.onion` mode.
It is also possible to configure `reseed-tools` without TLS certificates,
or to configure it to use ACME in order to automtically obtain a certificate from Let's Encrypt.
I2P does not rely on TLS Certificate Authorities to authenticate reseed servers.
Instead, the certificates are effectively "Pinned" in the software, after manual review by the I2P developers and the community.
It is acceptable to use self-signed certificates in this fashion because they are not summarily trusted.
A self-signed certificate which is not configured in the I2P software will not work when serving a reseed to an I2P router.
Disable TLS
-----------
If you do this, it is highly recommended that you use a reverse proxy such as `Apache2` or `nginx` to provide a TLS connection to clients.
Alternatively, you could run `reseed-tools` as an `.onion` service and rely on Tor for encryption and authentication.
You can disable automatic TLS configuration with the `--trustProxy` flag like this:
```sh
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --trustProxy --ip=127.0.0.1
```
Setup Self-Signed TLS non-interactively
---------------------------------------
If you don't want to interactively configure TLS but still want to use self-signed certificates, you can pass the `--yes` flag, which will use the defaults for all config values.
```sh
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --yes
```
Use ACME to acquire TLS certificate
-----------------------------------
Instead of self-signed certificates, if you want to chain up to a TLS CA, you can.
To automate this process using an ACME CA, like Let's Encrypt, you can use the `--acme` flag.
Be sure to change the `--acmeserver` option in order to use a **production** ACME server, as
the software defaults to a **staging** ACME server for testing purposes.
This functionality is new and may have issues. Please file bug reports at (i2pgit)[https://i2pgit.org/idk/reseed-tools) or [github](https://github.com/eyedeekay/reseed-tools).
```sh
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --acme --acmeserver="https://acme-v02.api.letsencrypt.org/directory"
```

40
doc-pak/docs/UPGRADE.md Normal file
View File

@ -0,0 +1,40 @@
Upgrading from an older version of reseed-tools
===============================================
This reseed server sometimes gains helpful features that reseed operators may wish to use.
Additionally, it is possible that at some point we'll need to release a security update.
This document provides a path to upgrade the various binary distributions of reseed-tools.
Debian and Ubuntu Users
-----------------------
1. Shut down the existing `reseed-tools` service.
If you are using `sysvinit` or something like it, you should be able to run: `sudo service reseed stop`.
If you are using `systemd` you should be able to run `sudo systemctl stop reseed`.
If those commands don't work, use `killall reseed-tools`
2. Download the `.deb` package from the Github Releases page.
Make sure you get the right package for your ARCH/OS pair.
Most will need the `_amd64.deb` package.
3. Install the package using: `sudo dpkg -i ./reseed-tools*.deb`
Docker Users
------------
1. Build the container locally: `docker build -t eyedeekay/reseed .`
2. Stop the container: `docker stop reseed`
3. Start the container: `docker start reseed`
Freestanding `tar.gz` Users, People who built from source
---------------------------------------------------------
1. Shut down the existing `reseed-tools` service.
If you are using `sysvinit` or something like it, you should be able to run: `sudo service reseed stop`.
If you are using `systemd` you should be able to run `sudo systemctl stop reseed`.
If those commands don't work, use `killall reseed-tools`
2. Extract the tar file: `tar xzf reseed-tools.tgz`
3. Copy the `reseed-tools` binary to the correct location if you're on `amd64` or compile it if you are not.
`cp reseed-tools reseed-tools-linux-amd64`
OR
`make build`
4. Install the new software and service management files:
`sudo make install`

318
doc-pak/docs/index.html Normal file
View File

@ -0,0 +1,318 @@
<html>
<head>
<title>
I2P Reseed Tools
</title>
<meta name="author" content="eyedeekay" />
<meta name="description" content="reseed-tools" />
<meta name="keywords" content="master" />
<link rel="stylesheet" type="text/css" href="style.css" />
<link rel="stylesheet" type="text/css" href="showhider.css" />
</head>
<body>
<div id="navbar">
<a href="#shownav">
Show navigation
</a>
<div id="shownav">
<div id="hidenav">
<ul>
<li>
<a href="..">
Up one level ^
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
<li>
<a href=""></a>
</li>
<li>
<a href="DEBIAN.html">
DEBIAN
</a>
</li>
<li>
<a href="DOCKER.html">
DOCKER
</a>
</li>
<li>
<a href="EXAMPLES.html">
EXAMPLES
</a>
</li>
<li>
<a href="PLUGIN.html">
PLUGIN
</a>
</li>
<li>
<a href="index.html">
index
</a>
</li>
<li>
<a href="SERVICES.html">
SERVICES
</a>
</li>
<li>
<a href="TLS.html">
TLS
</a>
</li>
<li>
<a href="index.html">
index.html
</a>
</li>
</ul>
<br>
<a href="#hidenav">
Hide Navigation
</a>
</div>
</div>
</div>
<a id="returnhome" href="/">
/
</a>
<h1>
Configure an I2P Reseed Server Very Rapidly on Debian and Ubuntu
</h1>
<p>
It is possible to easily and automatically configure a reseed server
with a self-signed certificate on any Debian-based operating system,
including Ubuntu and it&rsquo;s downstreams. This is achieved using the
<code>
checkinstall
</code>
tool to set up the software dependencies and the operating system to
run the
<code>
I2P
</code>
service and the
<code>
reseed
</code>
service.
</p>
<h2>
Using a binary package
</h2>
<p>
If you do not wish to build from source, you can use a binary package
from me. This package is built from this repo with the
<code>
make checkinstall
</code>
target and uploaded by me. I build it on an up-to-date Debian
<code>
sid
</code>
system
at tag time. It contains a static binary and files for configuring it as a
system service.
</p>
<pre><code class="language-sh">
wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
# Obtain the checksum from the release web page
echo &quot;38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb&quot; &gt; SHA256SUMS
sha256sums -c SHA256SUMS
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
</code></pre>
<h2>
Building the
<code>
.deb
</code>
package from the source(Optional)
</h2>
<p>
If your software is too old, it&rsquo;s possible that the binary package I build will
not work for you. It&rsquo;s very easy to generate your own from the source code in this
repository.
</p>
<p>
\
<strong>
1.
</strong>
Install the build dependencies
</p>
<pre><code class="language-sh">
sudo apt-get install fakeroot checkinstall go git make
</code></pre>
<p>
\
<strong>
2.
</strong>
Clone the source code
</p>
<pre><code class="language-sh">
git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
</code></pre>
<p>
\
<strong>
3.
</strong>
Generate the
<code>
.deb
</code>
package using the
<code>
make checkinstall
</code>
target
</p>
<pre><code class="language-sh">
cd ~/go/src/i2pgit.org/idk/reseed-tools
make checkinstall
</code></pre>
<p>
\
<strong>
4.
</strong>
Install the
<code>
.deb
</code>
package
</p>
<pre><code class="language-sh">
sudo apt-get install ./reseed-tools_*.deb
</code></pre>
<h2>
Running the Service
</h2>
<p>
\
<strong>
1.
</strong>
First, ensure that the I2P service is already running. The longer the better,
if you have to re-start the service, or if the service has very few peers, allow it to
run for 24 hours before advancing to step
<strong>
2.
</strong>
</p>
<pre><code class="language-sh">
sudo systemctl start i2p
# or, if you use sysvinit
sudo service i2p start
</code></pre>
<p>
\
<strong>
2.
</strong>
Once your I2P router is &ldquo;Well-Integrated,&rdquo; start the reseed service.
</p>
<pre><code class="language-sh">
sudo systemctl start reseed
# or, if you use sysvinit
sudo service reseed start
</code></pre>
<p>
Your reseed will auto-configure with a self-signed certificate on port
<code>
:8443
</code>
. The
certificates themselves are available in
<code>
/var/lib/i2p/i2p-config/reseed
</code>
. When
you are ready, you should copy the
<code>
*.crt
</code>
files from that directory and share them
witth the I2P community on
<a href="http://zzz.i2p">
<code>
zzz.i2p
</code>
</a>
. These will allow I2P users
to authenticate your reseed services and secure the I2P network.
</p>
<div id="sourcecode">
<span id="sourcehead">
<strong>
Get the source code:
</strong>
</span>
<ul>
<li>
<a href="https://i2pgit.org/idk/reseed-tools">
Source Repository: (https://i2pgit.org/idk/reseed-tools)
</a>
</li>
</ul>
</div>
<div>
<a href="#show">
Show license
</a>
<div id="show">
<div id="hide">
<pre><code>Copyright (c) 2014 Matt Drollette
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
</code></pre>
<a href="#hide">
Hide license
</a>
</div>
</div>
</div>
<div>
<iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
</div>
<div>
<a href="https://geti2p.net/">
<img src="i2plogo.png"></img>
I2P
</a>
</div>
</body>
</html>

15
doc-pak/docs/showhider.css Normal file
View File

@ -0,0 +1,15 @@
/* edgar showhider CSS file */
#show {display:none; }
#hide {display:block; }
#show:target {display: block; }
#hide:target {display: none; }
#shownav {display:none; }
#hidenav {display:block; }
#shownav:target {display: block; }
#hidenav:target {display: none; }
#donate {display:none; }
#hidedonate {display:block; }
#donate:target {display: block; }
#hidedonate:target {display: none; }

165
doc-pak/docs/style.css Normal file
View File

@ -0,0 +1,165 @@
/* edgar default CSS file */
body {
font-family: "Roboto";
font-family: monospace;
text-align: justify;
background-color: #373636;
color: whitesmoke;
font-size: 1.15em;
}
ul {
width: 55%;
display: block;
}
ol {
width: 55%;
display: block;
}
li {
margin-top: 1%;
}
p {
max-width: 90%;
margin-top: 1%;
margin-left: 3%;
margin-right: 3%;
}
img {
float: left;
top: 5%;
left: 5%;
max-width: 60%;
display: inline;
padding-right: 2%;
}
.inline {
display: inline;
}
.link-button:focus {
outline: none;
}
.link-button:active {
color: red;
}
code {
font-family: monospace;
border-radius: 5%;
padding: 1%;
border-color: darkgray;
font-size: .9em;
}
a {
color: #C6D9FE;
padding: 1%;
}
ul li {
color: #C6D9FE;
}
iframe {
background: aliceblue;
border-radius: 15%;
margin: 2%;
}
.container {
width: 36vw;
height: 64vh;
display: inline-block;
margin: 0;
padding: 0;
}
.editor-toolbar a {
display: inline-block;
text-align: center;
text-decoration: none !important;
color: whitesmoke !important;
}
#feed {
width: 60vw;
height: unset !important;
margin: 0;
padding: 0;
float: right;
background-color: #373636;
color: whitesmoke;
border: #C6D9FE solid 1px;
}
.thread-post,
.thread {
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.thread-post {
margin-left: 4%;
}
input {
text-align: center;
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font: normal normal normal 14px/1 FontAwesome;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.thread-hash {
text-align: right;
color: whitesmoke !important;
background-color: #373636;
border: 1px solid darkgray;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
.post-body {
text-align: left;
color: whitesmoke !important;
font-size: inherit;
padding-top: 1%;
padding-bottom: 1%;
}
#show {display:none; }
#hide {display:block; }
#show:target {display: block; }
#hide:target {display: none; }
#shownav {display:none; }
#hidenav {display:block; }
#shownav:target {display: block; }
#hidenav:target {display: none; }
#navbar {
float: right;
width: 15%;
}
#returnhome {
font-size: xxx-large;
display: inline;
}
h1 {
display: inline;
}