bump version

update Makefile
update .gitignore
2025-03-09 13:45:17 -04:00 · 2025-03-09 13:44:19 -04:00 · 2025-03-08 20:28:36 -05:00 · 2025-03-08 20:27:00 -05:00 · 2025-03-08 20:18:10 -05:00 · 2025-03-08 19:59:25 -05:00
118 changed files with 8523 additions and 1215 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -0,0 +1,23 @@
+.idea
+.git
+.gitlab-ci.yml
+.vscode
+
+# CI cache folder storing docker images
+ci-exports
+
+/i2p-tools
+/cert.pem
+/key.pem
+/_netdb
+i2pseeds.su3
+*.pem
+onion.key
+tmp/
+i2p-tools-*
+*.crl
+*.crt
+*.pem
+plugin
+reseed-tools*
+data-dir*
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@ -0,0 +1,89 @@
+name: Release
+
+on:
+  push:
+    tags:
+      - 'v*'
+  workflow_dispatch:
+
+jobs:
+  build-and-release:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: '1.21'
+          cache: true
+
+      - name: Install build dependencies
+        run: |
+          sudo add-apt-repository -y ppa:i2p-maintainers/i2p
+          sudo apt-get update
+          sudo apt-get install -y make git fakeroot checkinstall i2p i2p-router
+
+      - name: Build binaries
+        run: |
+          # Build for various platforms
+          GOOS=linux GOARCH=amd64 make build
+          GOOS=linux GOARCH=386 make build
+          GOOS=linux GOARCH=arm make build
+          GOOS=linux GOARCH=arm64 make build
+          GOOS=openbsd GOARCH=amd64 make build
+          GOOS=freebsd GOARCH=386 make build
+          GOOS=freebsd GOARCH=amd64 make build
+          GOOS=windows GOARCH=amd64 make build
+          GOOS=windows GOARCH=386 make build
+
+      - name: Build Debian packages
+        run: |
+          # Build .deb packages
+          sudo -u i2psvc mkdir -p /var/lib/i2p/i2p-config/reseed
+          sudo mkdir -p /etc/systemd/system/reseed.service.d/
+          sudo bash -c "GOOS=linux GOARCH=amd64 make checkinstall"
+          sudo bash -c "GOOS=linux GOARCH=386 make checkinstall"
+          sudo bash -c "GOOS=linux GOARCH=arm make checkinstall"
+          sudo bash -c "GOOS=linux GOARCH=arm64 make checkinstall"
+
+      #- name: Build plugins
+        #run: |
+          ## Build plugins for various platforms
+          #GOOS=linux GOARCH=amd64 make su3s
+          #GOOS=linux GOARCH=386 make su3s
+          #GOOS=linux GOARCH=arm make su3s
+          #GOOS=linux GOARCH=arm64 make su3s
+          #GOOS=openbsd GOARCH=amd64 make su3s
+          #GOOS=freebsd GOARCH=386 make su3s
+          #GOOS=freebsd GOARCH=amd64 make su3s
+          #GOOS=windows GOARCH=amd64 make su3s
+          #GOOS=windows GOARCH=386 make su3s
+
+      - name: Create Release
+        id: create_release
+        uses: softprops/action-gh-release@v1
+        with:
+          body_path: CHANGELOG.md
+          files: |
+            reseed-tools-*
+            *.deb
+            *.su3
+          generate_release_notes: false
+          draft: false
+          prerelease: false
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+#      - name: Build and push Docker image
+#        if: success()
+#        run: |
+#          docker login -u ${{ github.actor }} -p ${{ secrets.GITHUB_TOKEN }} ghcr.io
+#          docker build -t ghcr.io/${{ github.repository }}:${{ github.ref_name }} .
+#          docker push ghcr.io/${{ github.repository }}:${{ github.ref_name }}
+#          docker tag ghcr.io/${{ github.repository }}:${{ github.ref_name }} ghcr.io/${{ github.repository }}:latest
+#          docker push ghcr.io/${{ github.repository }}:latest
--- a/.gitignore
+++ b/.gitignore
@ -2,8 +2,25 @@
 /cert.pem
 /key.pem
 /_netdb
+/i2pkeys
+/onionkeys
+/tlskeys
+/tmp
 i2pseeds.su3
 *.pem
 onion.key
 tmp/
 i2p-tools-*
+*.crl
+*.crt
+*.pem
+plugin
+reseed-tools*
+data-dir*
+audit.json
+*ed25519*
+client.yaml
+plugin.yaml
+err
+/plugin-linux-amd64.yaml
+/client-linux-amd64.yaml
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -0,0 +1,106 @@
+image: docker:19.03.12
+
+stages:
+  - docker_test
+  - docker_push
+
+variables:
+  # When using dind service, we need to instruct docker to talk with
+  # the daemon started inside of the service. The daemon is available
+  # with a network connection instead of the default
+  # /var/run/docker.sock socket. Docker 19.03 does this automatically
+  # by setting the DOCKER_HOST in
+  # https://github.com/docker-library/docker/blob/d45051476babc297257df490d22cbd806f1b11e4/19.03/docker-entrypoint.sh#L23-L29
+  #
+  # The 'docker' hostname is the alias of the service container as described at
+  # https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#accessing-the-services.
+  #
+  # Specify to Docker where to create the certificates, Docker will
+  # create them automatically on boot, and will create
+  # `/certs/client` that will be shared between the service and job
+  # container, thanks to volume mount from config.toml
+  DOCKER_TLS_CERTDIR: "/certs"
+  # Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled
+  DOCKER_HOST: tcp://docker:2376
+
+services:
+  - docker:19.03.12-dind
+
+.docker_cache:
+  cache:
+    # The same key should be used across branches
+    key: "$CI_COMMIT_REF_SLUG"
+    paths:
+      - ci-exports/*.tar
+
+# Make sure we can build a docker image
+# It's cached for later jobs
+build_docker:
+  extends:
+    - .docker_cache
+  stage: docker_test
+  script:
+    # Try to load latest branch image from local tar or from registry
+    - docker load ci-exports/$CI_COMMIT_REF_SLUG.tar || docker pull $CI_REGISTRY_IMAGE:latest || true
+    - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:latest .
+    - mkdir -p ci-exports/
+    - docker save $CI_REGISTRY_IMAGE:latest > ci-exports/$CI_COMMIT_REF_SLUG.tar
+
+# Publishes the configured CI registry (by default that's gitlab's registry)
+push_ci_registry:
+  extends:
+    - .docker_cache
+  stage: docker_push
+  cache:
+    policy: pull
+  before_script:
+    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+  script:
+    - cat ci-exports/$CI_COMMIT_REF_SLUG.tar | docker load
+    - docker tag $CI_REGISTRY_IMAGE:latest $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG
+    - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG
+    - docker push $CI_REGISTRY_IMAGE:latest
+  only:
+    refs:
+      # Make sure to protect these tags!
+      - /^v(\d+\.){2,3}\d+$/
+      - /.+-release$/
+    variables:
+      - $CI_REGISTRY
+      - $CI_REGISTRY_USER
+      - $CI_REGISTRY_PASSWORD
+      - $CI_REGISTRY_IMAGE
+
+# Publishes the cached image to docker
+push_dockerhub_registry:
+  extends:
+    - .docker_cache
+  stage: docker_push
+  cache:
+    policy: pull
+  before_script:
+    - docker login -u $DOCKERHUB_REGISTRY_USER -p $DOCKERHUB_REGISTRY_PASSWORD $DOCKERHUB_REGISTRY
+  script:
+    - cat ci-exports/$CI_COMMIT_REF_SLUG.tar | docker load
+    - docker tag $CI_REGISTRY_IMAGE:latest $DOCKERHUB_REGISTRY_IMAGE:$CI_COMMIT_TAG
+    - docker tag $CI_REGISTRY_IMAGE:latest $DOCKERHUB_REGISTRY_IMAGE:latest
+    - docker push $DOCKERHUB_REGISTRY_IMAGE:$CI_COMMIT_TAG
+    - docker push $DOCKERHUB_REGISTRY_IMAGE:latest
+    # Push the readme to dockerhub
+    - >-
+      docker run -v $PWD:/workspace
+      -e DOCKERHUB_USERNAME="$DOCKERHUB_REGISTRY_USER"
+      -e DOCKERHUB_PASSWORD="$DOCKERHUB_REGISTRY_PASSWORD"
+      -e DOCKERHUB_REPOSITORY="$DOCKERHUB_REGISTRY_IMAGE"
+      -e README_FILEPATH='/workspace/README.md'
+      peterevans/dockerhub-description:2
+  only:
+    refs:
+      # Make sure to protect these tags!
+      - /^v(\d+\.){2,3}\d+$/
+      - /.+-release$/
+    variables:
+      - $DOCKERHUB_REGISTRY
+      - $DOCKERHUB_REGISTRY_USER
+      - $DOCKERHUB_REGISTRY_PASSWORD
+      - $DOCKERHUB_REGISTRY_IMAGE
--- a/.nojekyll
+++ b/.nojekyll
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -11,7 +11,7 @@
        "editor.snippetSuggestions": "none",
        "editor.formatOnSave": true,
        "editor.codeActionsOnSave": {
-            "source.organizeImports": true
+            "source.organizeImports": "explicit"
        },
    },
    "gopls": {
--- a/CHANGELOG.html
+++ b/CHANGELOG.html
@ -0,0 +1,215 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="CHANGELOG.html">
+                CHANGELOG
+              </a>
+            </li>
+            <li>
+              <a href="content/index.html">
+                content/index.html
+              </a>
+            </li>
+            <li>
+              <a href="docs/index.html">
+                docs/index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="docs/DEBIAN.html">
+                docs/DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="docs/DOCKER.html">
+                docs/DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="docs/EXAMPLES.html">
+                docs/EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="docs/PLUGIN.html">
+                docs/PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="docs/index.html">
+                docs/index
+              </a>
+            </li>
+            <li>
+              <a href="docs/SERVICES.html">
+                docs/SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="docs/TLS.html">
+                docs/TLS
+              </a>
+            </li>
+            <li>
+              <a href="docs/index.html">
+                docs/index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <p>
+      2021-12-16
+      * app.Version = &ldquo;0.2.11&rdquo;
+      * include license file in plugin
+    </p>
+    <p>
+      2021-12-14
+      * app.Version = &ldquo;0.2.10&rdquo;
+      * restart changelog
+      * fix websiteURL in plugin.config
+    </p>
+    <p>
+      2019-04-21
+      * app.Version = &ldquo;0.1.7&rdquo;
+      * enabling TLS 1.3
+      <em>
+        only
+      </em>
+    </p>
+    <p>
+      2016-12-21
+      * deactivating previous random time delta, makes only sense when patching ri too
+      * app.Version = &ldquo;0.1.6&rdquo;
+    </p>
+    <p>
+      2016-10-09
+      * seed the math random generator with time.Now().UnixNano()
+      * added 6h+6h random time delta at su3-age to increase anonymity
+      * app.Version = &ldquo;0.1.5&rdquo;
+    </p>
+    <p>
+      2016-05-15
+      * README.md updated
+      * allowed routerInfos age increased from 96 to 192 hours
+      * app.Version = &ldquo;0.1.4&rdquo;
+    </p>
+    <p>
+      2016-03-05
+      * app.Version = &ldquo;0.1.3&rdquo;
+      * CRL creation added
+    </p>
+    <p>
+      2016-01-31
+      * allowed TLS ciphers updated (hardened)
+      * TLS certificate generation: RSA 4096 &ndash;&gt; ECDSAWithSHA512 384bit secp384r1
+      * ECDHE handshake: only CurveP384 + CurveP521, default CurveP256 removed
+      * TLS certificate valid: 2y &ndash;&gt; 5y
+      * throttled.PerDay(4) &ndash;&gt; PerHour(4), to enable limited testing
+      * su3 RebuildInterval: 24h &ndash;&gt; 90h, higher anonymity for the running i2p-router
+      * numRi per su3 file: 75 &ndash;&gt; 77
+    </p>
+    <p>
+      2016-01
+      * fork from
+      <a href="https://i2pgit.org/idk/reseed-tools">
+        https://i2pgit.org/idk/reseed-tools
+      </a>
+    </p>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,3 +1,36 @@
+2024-06-29
+ * app.Version = 2.5
+ * Add password-protected netDb sync capability
+
+2024-06-25
+ * app.Version = 2.4
+ * Remove dependency on libp2p
+ * Use go-i2p to parse RouterInfos prior to inclusion in reseed bundles, exclude less-useful RIs
+
+2023-01-27
+ * app.Version = "0.2.32"
+ * This changelog has been inadequately updated.
+ * At this time, there have been features added.
+ * All flags but signer will be filled in with default values or left unused.
+ * signer may be configured with an environment variable.
+ * A fake homepage is served when a user-agent does not match eepget.
+ * Static resources have been embedded in the binary to support the homepage.
+ * ACME support has been added.
+ * Support for operating an `.onion` service has been added.
+ * Support for operating an in-network(`.b32.i2p`) interface to the reseed has been added.
+ * Reseed servers can monitor eachother on a rate-limited basis.
+ * Support has been added for running as an I2P plugin.
+ * Limited support has been added for Debian packages.
+
+2021-12-16
+ * app.Version = "0.2.11"
+ * include license file in plugin
+
+2021-12-14
+ * app.Version = "0.2.10"
+ * restart changelog
+ * fix websiteURL in plugin.config
+
 2019-04-21
 * app.Version = "0.1.7"
 * enabling TLS 1.3 *only*
@ -31,4 +64,4 @@
 * numRi per su3 file: 75 --> 77

 2016-01
- * fork from https://github.com/eyedeekay/i2p-tools-1
+ * fork from https://i2pgit.org/idk/reseed-tools
--- a/10
+++ b/10
@ -1,14 +1,14 @@
 FROM debian:stable-backports
 ARG I2P_GID=1000
 ARG I2P_UID=1000
-COPY . /var/lib/i2p/go/src/github.com/eyedeekay/i2p-tools-1
-WORKDIR /var/lib/i2p/go/src/github.com/eyedeekay/i2p-tools-1
+COPY . /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools
+WORKDIR /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools
 RUN apt-get update && \
    apt-get dist-upgrade -y && \
-    apt-get install -y git golang-1.13-go make && \
+    apt-get install -y git golang-go make && \
    mkdir -p /var/lib/i2p/i2p-config/reseed && \
    chown -R $I2P_UID:$I2P_GID /var/lib/i2p && chmod -R o+rwx /var/lib/i2p
-RUN /usr/lib/go-1.13/bin/go build -v -tags netgo -ldflags '-w -extldflags "-static"'
+RUN go build -v -tags netgo -ldflags '-w -extldflags "-static"'
 USER $I2P_UID
 WORKDIR /var/lib/i2p/i2p-config/reseed
-ENTRYPOINT [ "/var/lib/i2p/go/src/github.com/eyedeekay/i2p-tools-1/entrypoint.sh" ]
+ENTRYPOINT [ "/var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/entrypoint.sh" ]
--- a/264
+++ b/264
@ -1,15 +1,21 @@

-VERSION=0.0.4
-APP=i2p-tools-1
+VERSION=$(shell /usr/bin/go run . version 2>/dev/null)
+APP=reseed-tools
 USER_GH=eyedeekay
+SIGNER=hankhill19580@gmail.com
+CGO_ENABLED=0
+export CGO_ENABLED=0
+PLUGIN_PORT=7671
+export PLUGIN_PORT=7671
+prefix?=/

 GOOS?=$(shell uname -s | tr A-Z a-z)
 GOARCH?="amd64"

-ARG=-v -tags netgo -ldflags '-w -extldflags "-static"'
+ARG=-v -tags netgo,osusergo -ldflags '-w -extldflags "-static"'

-MIN_GO_VERSION=`ls /usr/lib/go-1.14 2>/dev/null >/dev/null && echo 1.14`
-MIN_GO_VERSION?=1.13
+#MIN_GO_VERSION=`ls /usr/lib/go-1.14 2>/dev/null >/dev/null && echo 1.14`
+MIN_GO_VERSION?=1.16

 I2P_UID=$(shell id -u i2psvc)
 I2P_GID=$(shell id -g i2psvc)
@ -17,121 +23,203 @@ I2P_GID=$(shell id -g i2psvc)
 WHOAMI=$(shell whoami)

 echo:
-	@echo "type make version to do release $(APP) $(VERSION) $(GOOS) $(GOARCH) $(MIN_GO_VERSION) $(I2P_UID) $(I2P_GID)"
+	@echo "type make version to do release '$(APP)' '$(VERSION)' $(GOOS) $(GOARCH) $(MIN_GO_VERSION) $(I2P_UID) $(I2P_GID)"

-version:
-	cat README.md | gothub release -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -
+host:
+	/usr/bin/go build -o reseed-tools-host 2>/dev/null 1>/dev/null

-edit:
-	cat README.md | gothub edit -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -
+index:
+	edgar

-upload: binary tar
-	gothub upload -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -f ../i2p-tools.tar.xz -n "i2p-tools.tar.xz"
+build:
+	/usr/bin/go build $(ARG) -o reseed-tools-$(GOOS)-$(GOARCH)

-build: gofmt
-	/usr/lib/go-$(MIN_GO_VERSION)/bin/go build $(ARG) -o i2p-tools-$(GOOS)-$(GOARCH)
+1.15-build: gofmt
+	/usr/lib/go-$(MIN_GO_VERSION)/bin/go build $(ARG) -o reseed-tools-$(GOOS)-$(GOARCH)

 clean:
-	rm i2p-tools-* *.key *.i2pKeys *.crt *.crl *.pem tmp -rf
-
-binary:
-	GOOS=darwin GOARCH=amd64 make build
-	GOOS=linux GOARCH=386 make build
-	GOOS=linux GOARCH=amd64 make build
-	GOOS=linux GOARCH=arm make build
-	GOOS=linux GOARCH=arm64 make build
-	GOOS=openbsd GOARCH=amd64 make build
-	GOOS=freebsd GOARCH=386 make build
-	GOOS=freebsd GOARCH=amd64 make build
+	rm reseed-tools-* tmp -rfv *.deb plugin reseed-tools

 tar:
-	tar --exclude="./.git" --exclude="./tmp"  -cvf ../i2p-tools.tar.xz .
+	git pull github --tags; true
+	git pull --tags; true
+	git archive --format=tar.gz --output=reseed-tools.tar.gz v$(VERSION)

 install:
-	install -m755 i2p-tools-$(GOOS)-$(GOARCH) /usr/local/bin/i2p-tools
-	install -m755 etc/init.d/reseed /etc/init.d/reseed
+	install -m755 reseed-tools-$(GOOS)-$(GOARCH) ${prefix}usr/bin/reseed-tools
+	install -m644 etc/default/reseed ${prefix}etc/default/reseed
+	install -m755 etc/init.d/reseed ${prefix}etc/init.d/reseed
+	install -g i2psvc -o i2psvc -D -d ${prefix}var/lib/i2p/i2p-config/reseed/
+	install -g i2psvc -o i2psvc -D -d ${prefix}etc/systemd/system/reseed.service.d/
+	install -m644 etc/systemd/system/reseed.service.d/override.conf ${prefix}etc/systemd/system/reseed.service.d/override.conf
+	install -m644 etc/systemd/system/reseed.service ${prefix}etc/systemd/system/reseed.service
+
+uninstall:
+	rm -rf ${prefix}bin/reseed-tools
+	rm -rf ${prefix}etc/default/reseed
+	rm -rf ${prefix}etc/init.d/reseed
+	rm -rf ${prefix}etc/systemd/system/reseed.service.d/reseed.conf
+	rm -rf ${prefix}etc/systemd/system/reseed.service
+	rm -rf ${prefix}var/lib/i2p/i2p-config/reseed/
+
+checkinstall:
+	checkinstall -D \
+		--arch=$(GOARCH) \
+		--default \
+		--install=no \
+		--fstrans=yes \
+		--pkgname=reseed-tools \
+		--pkgversion=$(VERSION) \
+		--pkggroup=net \
+		--pkgrelease=1 \
+		--pkgsource="https://i2pgit.org/idk/reseed-tools" \
+		--maintainer="$(SIGNER)" \
+		--requires="i2p,i2p-router" \
+		--suggests="i2p,i2p-router,syndie,tor,tsocks" \
+		--nodoc \
+		--deldoc=yes \
+		--deldesc=yes \
+		--backup=no

 ### You shouldn't need to use these now that the go mod require rule is fixed,
 ## but I'm leaving them in here because it made it easier to test that both
 ## versions behaved the same way. -idk

 build-fork:
-	/usr/lib/go-$(MIN_GO_VERSION)/bin/go build -o i2p-tools-idk
+	/usr/lib/go-$(MIN_GO_VERSION)/bin/go build -o reseed-tools-idk

 build-unfork:
-	/usr/lib/go-$(MIN_GO_VERSION)/bin/go build -o i2p-tools-md
+	/usr/lib/go-$(MIN_GO_VERSION)/bin/go build -o reseed-tools-md

 fork:
-	sed -i 's|eyedeekay/i2p-tools-1|eyedeekay/i2p-tools-1|g' main.go cmd/*.go reseed/*.go su3/*.go
+	sed -i 's|idk/reseed-tools|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go
 	make gofmt build-fork

 unfork:
-	sed -i 's|eyedeekay/i2p-tools-1|eyedeekay/i2p-tools-1|g' main.go cmd/*.go reseed/*.go su3/*.go
-	sed -i 's|RTradeLtd/i2p-tools-1|eyedeekay/i2p-tools-1|g' main.go cmd/*.go reseed/*.go su3/*.go
+	sed -i 's|idk/reseed-tools|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go
+	sed -i 's|RTradeLtd/reseed-tools|idk/reseed-tools|g' main.go cmd/*.go reseed/*.go su3/*.go
 	make gofmt build-unfork

 gofmt:
-	gofmt -w main.go cmd/*.go reseed/*.go su3/*.go
+	find . -name '*.go' -exec gofumpt -w -s -extra {} \;

-try:
-	mkdir -p tmp && \
-		cd tmp && \
-		../i2p-tools-$(GOOS)-$(GOARCH) reseed --signer=you@mail.i2p --netdb=/home/idk/.i2p/netDb --tlsHost=your-domain.tld --onion --p2p --i2p --littleboss=start
+export JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64/jre/
+export CGO_CFLAGS=-I/usr/lib/jvm/java-8-openjdk-amd64/include/ -I/usr/lib/jvm/java-8-openjdk-amd64/include/linux/

-stop:
-	mkdir -p tmp && \
-		cd tmp && \
-		../i2p-tools-$(GOOS)-$(GOARCH) reseed --signer=you@mail.i2p --netdb=/home/idk/.i2p/netDb --tlsHost=your-domain.tld --onion --p2p --i2p --littleboss=stop
+gojava:
+	go get -u -v github.com/sridharv/gojava
+	cp -v ~/go/bin/gojava ./gojava

-docker:
-	docker build -t eyedeekay/reseed .
+jar: gojava
+	echo $(JAVA_HOME)
+	./gojava -v -o reseed.jar -s . build ./reseed

-docker-push: docker
-	docker push --disable-content-trust false eyedeekay/reseed:$(VERSION)
+release: version plugins upload-su3s

-users:
-	docker run --rm eyedeekay/reseed cat /etc/passwd
+tag:
+	git tag -a v$(VERSION) -m "Release $(VERSION)"
+	git push --tags

-docker-ls:
-		docker run --rm \
-		--user $(I2P_UID) \
-		--group-add $(I2P_GID) \
-		--name reseed \
-		--publish 8443:8443 \
-		--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb \
-		eyedeekay/reseed ls /var/lib/i2p/i2p-config -lah
+version:
+	#head -n 5 README.md | github-release release -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -; true
+	echo "make version is deprecated, use make tag instead"

-docker-server:
-	docker run -itd \
-		--name reseed \
-		--user $(I2P_UID) \
-		--group-add $(I2P_GID) \
-		--publish 8443:8443 \
-		--restart=always \
-		--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
-		--volume reseed-keyss:/var/lib/i2p/i2p-config/reseed \
-		eyedeekay/reseed \
-			--signer=hankhill19580@gmail.com
-	docker logs -f reseed
+delete-version:
+	github-release delete -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION)

-docker-run:
-	docker run -itd \
-		--name reseed \
-		--user $(I2P_UID) \
-		--group-add $(I2P_GID) \
-		--publish 8443:8443 \
-		--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
-		--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
-		eyedeekay/reseed \
-			--signer=hankhill19580@gmail.com
+edit:
+	cat README.md | github-release edit -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -

-docker-homerun:
-	docker run -itd \
-		--name reseed \
-		--user 1000 \
-		--group-add 1000 \
-		--publish 8443:8443 \
-		--volume $(HOME)/i2p/netDb:/var/lib/i2p/i2p-config/netDb:z \
-		--volume reseed-keys:/var/lib/i2p/i2p-config/reseed:z \
-		eyedeekay/reseed \
-			--signer=hankhill19580@gmail.com
+plugins:
+	#export GOOS=darwin; export GOARCH=amd64; make su3s
+	#export GOOS=darwin; export GOARCH=arm64; make su3s
+	export GOOS=linux; export GOARCH=amd64; make su3s
+	export GOOS=linux; export GOARCH=386; make su3s
+	export GOOS=linux; export GOARCH=arm; make su3s
+	export GOOS=linux; export GOARCH=arm64; make su3s
+	export GOOS=openbsd; export GOARCH=amd64; make su3s
+	export GOOS=freebsd; export GOARCH=386; make su3s
+	export GOOS=freebsd; export GOARCH=amd64; make su3s
+	export GOOS=windows; export GOARCH=amd64; make su3s
+	export GOOS=windows; export GOARCH=386; make su3s
+
+debs:
+	export GOOS=linux; export GOARCH=amd64; make build checkinstall
+	export GOOS=linux; export GOARCH=386; make build checkinstall
+	export GOOS=linux; export GOARCH=arm; make build checkinstall
+	export GOOS=linux; export GOARCH=arm64; make build checkinstall
+
+rm-su3s:
+	rm *.su3 -f
+
+download-su3s:
+	#export GOOS=darwin; export GOARCH=amd64; make download-single-su3
+	#export GOOS=darwin; export GOARCH=arm64; make download-single-su3
+	export GOOS=linux; export GOARCH=386; make download-single-su3
+	export GOOS=linux; export GOARCH=amd64; make download-single-su3
+	export GOOS=linux; export GOARCH=arm; make download-single-su3
+	export GOOS=linux; export GOARCH=arm64; make download-single-su3
+	export GOOS=openbsd; export GOARCH=amd64; make download-single-su3
+	export GOOS=freebsd; export GOARCH=386; make download-single-su3
+	export GOOS=freebsd; export GOARCH=amd64; make download-single-su3
+	export GOOS=windows; export GOARCH=amd64; make download-single-su3
+	export GOOS=windows; export GOARCH=386; make download-single-su3
+
+upload-su3s:
+	#export GOOS=darwin; export GOARCH=amd64; make upload-single-su3
+	#export GOOS=darwin; export GOARCH=arm64; make upload-single-su3
+	export GOOS=linux; export GOARCH=386; make upload-single-su3
+	export GOOS=linux; export GOARCH=amd64; make upload-single-su3
+	export GOOS=linux; export GOARCH=arm; make upload-single-su3
+	export GOOS=linux; export GOARCH=arm64; make upload-single-su3
+	export GOOS=openbsd; export GOARCH=amd64; make upload-single-su3
+	export GOOS=freebsd; export GOARCH=386; make upload-single-su3
+	export GOOS=freebsd; export GOARCH=amd64; make upload-single-su3
+	export GOOS=windows; export GOARCH=amd64; make upload-single-su3
+	export GOOS=windows; export GOARCH=386; make upload-single-su3
+
+download-single-su3:
+	wget-ds "https://github.com/eyedeekay/reseed-tools/releases/download/v$(VERSION)/reseed-tools-$(GOOS)-$(GOARCH).su3"
+
+upload-single-su3:
+	github-release upload -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -f reseed-tools-"$(GOOS)"-"$(GOARCH).su3" -l "`sha256sum reseed-tools-$(GOOS)-$(GOARCH).su3`" -n "reseed-tools-$(GOOS)"-"$(GOARCH).su3"; true
+
+tmp/content:
+	mkdir -p tmp
+	cp -rv reseed/content tmp/content
+	echo "you@mail.i2p" > tmp/signer
+
+tmp/lib:
+	mkdir -p tmp/lib
+#	cp "$(HOME)/build/shellservice.jar" tmp/lib/shellservice.jar
+
+tmp/LICENSE:
+	cp LICENSE tmp/LICENSE
+
+SIGNER_DIR=$(HOME)/i2p-go-keys/
+
+su3s: tmp/content tmp/lib tmp/LICENSE build
+	rm -f plugin.yaml client.yaml
+	i2p.plugin.native -name=reseed-tools-$(GOOS)-$(GOARCH) \
+		-signer=hankhill19580@gmail.com \
+		-signer-dir=$(SIGNER_DIR) \
+		-version "$(VERSION)" \
+		-author=hankhill19580@gmail.com \
+		-autostart=true \
+		-clientname=reseed-tools-$(GOOS)-$(GOARCH) \
+		-command="reseed-tools-$(GOOS)-$(GOARCH) reseed --yes --signer=\$$PLUGIN/signer --port=$(PLUGIN_PORT)" \
+		-consolename="Reseed Tools" \
+		-consoleurl="https://127.0.0.1:$(PLUGIN_PORT)" \
+		-updateurl="http://idk.i2p/reseed-tools/reseed-tools-$(GOOS)-$(GOARCH).su3" \
+		-website="http://idk.i2p/reseed-tools/" \
+		-icondata="content/images/reseed-icon.png" \
+		-delaystart="1" \
+		-desc="`cat description-pak`" \
+		-exename=reseed-tools-$(GOOS)-$(GOARCH) \
+		-targetos="$(GOOS)" \
+		-res=tmp/ \
+		-license=MIT
+	#unzip -o reseed-tools-$(GOOS)-$(GOARCH).zip -d reseed-tools-$(GOOS)-$(GOARCH)-zip
+
+#export sumbblinux=`sha256sum "../reseed-tools-linux.su3"`
+#export sumbbwindows=`sha256sum "../reseed-tools-windows.su3"`
--- a/README.md
+++ b/README.md
@ -1,157 +1,76 @@
 I2P Reseed Tools
 ==================

-This tool provides a secure and efficient reseed server for the I2P network. There are several utility commands to
-create, sign, and validate SU3 files. Please note that this requires at least Go version 1.13, and uses Go Modules.
+![Reseed Tools Poster](content/images/reseed.png)
+
+This tool provides a secure and efficient reseed server for the I2P network.
+There are several utility commands to create, sign, and validate SU3 files.
+Please note that this requires at least Go version 1.13, and uses Go Modules.
+
+Standard reseeds are distributed with the I2P packages. To get your reseed
+included, apply on [i2pforum.i2p](http://i2pforum.i2p).
+
+## Dependencies
+
+`go`, `git`, and optionally `make` are required to build the project.
+Precompiled binaries for most platforms are available at my github mirror
+https://github.com/eyedeekay/i2p-tools-1.
+
+In order to install the build-dependencies on Ubuntu or Debian, you may use:
+
+```sh
+sudo apt-get install golang-go git make
+```

 ## Installation

-If you have go installed you can download, build, and install this tool with `go get`
+Reseed-tools can be run as a user, as a freestanding service, or be installed
+as an I2P Plugin. It will attempt to configure itself automatically. You should
+make sure to set the `--signer` flag or the `RESEED_EMAIL` environment variable
+to configure your signing keys/contact info.
+
+### Installation(From Source)

 ```
-go get github.com/eyedeekay/i2p-tools-1
-i2p-tools -h
+git clone https://i2pgit.org/idk/reseed-tools
+cd reseed-tools
+make build
+# Optionally, if you want to install to /usr/bin/reseed-tools
+sudo make install
 ```

 ## Usage

-### Docker!
+#### Debian/Ubuntu note:

-To make it easier to deploy reseeds, it is possible to run this software as a
-Docker image. Because the software requires access to a network database to host
-a reseed, you will need to mount the netDb as a volume inside your docker
-container to provide access to it, and you will need to run it as the same user
-and group inside the container as I2P.
+It is possible to create a `.deb` package using [these instructions](docs/DEBIAN.md).

-When you run a reseed under Docker in this fashion, it will automatically
-generate a self-signed certificate for your reseed server in a Docker volume
-mamed reseed-keys. *Back up this directory*, if it is lost it is impossible
-to reproduce.
+Debian users who are running I2P as a system service must also run the 
+`reseed-tools` as the same user. This is so that the reseed-tools can access
+the I2P service's netDb directory. On Debian and Ubuntu, that user is `i2psvc`
+and the netDb directory is: `/var/lib/i2p/i2p-config/netDb`.

-Please note that Docker is not currently compatible with .onion reseeds unless
-you pass the --network=host tag.
-
-#### If I2P is running as your user, do this:
-
-        docker run -itd \
-            --name reseed \
-            --publish 443:8443 \
-            --restart always \
-            --volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
-            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
-            eyedeekay/reseed \
-                --signer $YOUR_EMAIL_HERE
-
-#### If I2P is running as another user, do this:
-
-        docker run -itd \
-            --name reseed \
-            --user $(I2P_UID) \
-            --group-add $(I2P_GID) \
-            --publish 443:8443 \
-            --restart always \
-            --volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
-            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
-            eyedeekay/reseed \
-                --signer $YOUR_EMAIL_HERE
-
-#### **Debian/Ubuntu and Docker**
-
-In many cases I2P will be running as the Debian system user ```i2psvc```. This
-is the case for all installs where Debian's Advanced Packaging Tool(apt) was
-used to peform the task. If you used ```apt-get install``` this command will
-work for you. In that case, just copy-and-paste:
-
-        docker run -itd \
-            --name reseed \
-            --user $(id -u i2psvc) \
-            --group-add $(id -g i2psvc) \
-            --publish 443:8443 \
-            --restart always \
-            --volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
-            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
-            eyedeekay/reseed \
-                --signer $YOUR_EMAIL_HERE
-
-### Locally behind a webserver (reverse proxy setup), preferred:
-
-```
-i2p-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
-```
+## Example Commands:

 ### Without a webserver, standalone with TLS support

-```
-i2p-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
-```
-
 If this is your first time running a reseed server (ie. you don't have any existing keys),
 you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates.
 Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory
 (a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).

-Get the source code here on github or a pre-build binary anonymously on
-
-http://reseed.i2p/
-http://j7xszhsjy7orrnbdys7yykrssv5imkn4eid7n5ikcnxuhpaaw6cq.b32.i2p/
-
-also a short guide and complete tech info.
-
-## Experimental, currently only available from eyedeekay/i2p-tools-1 fork
-
-Requires ```go mod``` and at least go 1.13. To build the eyedeekay/i2p-tools-1
-fork, from anywhere:
-
-        git clone https://github.com/eyedeekay/i2p-tools-1
-        cd i2p-tools-1
-        make build
-
-### Without a webserver, standalone, self-supervising(Automatic restarts)
-
 ```
-./i2p-tools-1 reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --littleboss=start
+reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
 ```

-### Without a webserver, standalone, automatic OnionV3 with TLS support
+### Locally behind a webserver (reverse proxy setup), preferred:
+
+If you are using a reverse proxy server it may provide the TLS certificate instead.

 ```
-./i2p-tools-1 reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
+reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
 ```

-### Without a webserver, standalone, serve P2P with LibP2P
-
-```
-./i2p-tools-1 reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
-```
-
-### Without a webserver, standalone, upload a single signed .su3 to github
-
-* This one isn't working yet, I'll get to it eventually, I've got a cooler idea now.
-
-```
-./i2p-tools-1 reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --github --ghrepo=i2p-tools-1 --ghuser=eyedeekay
-```
-
-### Without a webserver, standalone, in-network reseed
-
-```
-./i2p-tools-1 reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
-```
-
-### Without a webserver, standalone, Regular TLS, OnionV3 with TLS
-
-```
-./i2p-tools-1 reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
-```
-
-### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
-
-```
-./i2p-tools-1 reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
-```
-
-### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, I2P In-Network reseed, and LibP2P, self-supervising
-
-```
-./i2p-tools-1 reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p --littleboss=start
-```
+- **Usage** [More examples can be found here.](docs/EXAMPLES.md)
+- **Docker** [Docker examples can be found here](docs/DOCKER.md)
+ 
--- a/cmd/i2pd.go
+++ b/cmd/i2pd.go
@ -0,0 +1,12 @@
+//go:build i2pd
+// +build i2pd
+
+package cmd
+
+import (
+	i2pd "github.com/eyedeekay/go-i2pd/goi2pd"
+)
+
+func InitializeI2PD() func() {
+	return i2pd.InitI2PSAM(nil)
+}
--- a/cmd/keygen.go
+++ b/cmd/keygen.go
@ -3,20 +3,21 @@ package cmd
 import (
 	"fmt"

-	"github.com/urfave/cli"
+	"github.com/urfave/cli/v3"
 )

-func NewKeygenCommand() cli.Command {
-	return cli.Command{
+// NewKeygenCommand creates a new CLI command for generating keys.
+func NewKeygenCommand() *cli.Command {
+	return &cli.Command{
 		Name:   "keygen",
 		Usage:  "Generate keys for reseed su3 signing and TLS serving.",
 		Action: keygenAction,
 		Flags: []cli.Flag{
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "signer",
 				Usage: "Generate a private key and certificate for the given su3 signing ID (ex. something@mail.i2p)",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "tlsHost",
 				Usage: "Generate a self-signed TLS certificate and private key for the given host",
 			},
@ -24,26 +25,30 @@ func NewKeygenCommand() cli.Command {
 	}
 }

-func keygenAction(c *cli.Context) {
+func keygenAction(c *cli.Context) error {
 	signerID := c.String("signer")
 	tlsHost := c.String("tlsHost")
+	trustProxy := c.Bool("trustProxy")

 	if signerID == "" && tlsHost == "" {
 		fmt.Println("You must specify either --tlsHost or --signer")
-		return
+		return fmt.Errorf("You must specify either --tlsHost or --signer")
 	}

 	if signerID != "" {
 		if err := createSigningCertificate(signerID); nil != err {
 			fmt.Println(err)
-			return
+			return err
 		}
 	}

-	if tlsHost != "" {
-		if err := createTLSCertificate(tlsHost); nil != err {
-			fmt.Println(err)
-			return
+	if trustProxy {
+		if tlsHost != "" {
+			if err := createTLSCertificate(tlsHost); nil != err {
+				fmt.Println(err)
+				return err
+			}
 		}
 	}
+	return nil
 }
--- a/cmd/reseed.go
+++ b/cmd/reseed.go
@ -1,7 +1,11 @@
 package cmd

 import (
-	"context"
+	"net/http"
+	"net/url"
+	"path/filepath"
+	"strings"
+
 	//"flag"
 	"fmt"
 	"io/ioutil"
@ -12,126 +16,187 @@ import (
 	"strconv"
 	"time"

-	//"crawshaw.io/littleboss"
 	"github.com/cretz/bine/tor"
 	"github.com/cretz/bine/torutil"
 	"github.com/cretz/bine/torutil/ed25519"
-	"github.com/eyedeekay/i2p-tools-1/reseed"
+	"github.com/eyedeekay/i2pkeys"
+	"github.com/eyedeekay/onramp"
 	"github.com/eyedeekay/sam3"
-	"github.com/eyedeekay/sam3/i2pkeys"
-	"github.com/libp2p/go-libp2p"
-	"github.com/libp2p/go-libp2p-core/host"
-	"github.com/urfave/cli"
+	"github.com/otiai10/copy"
+	"github.com/rglonek/untar"
+	"github.com/urfave/cli/v3"
+	"i2pgit.org/idk/reseed-tools/reseed"
+
+	"github.com/eyedeekay/checki2cp/getmeanetdb"
 )

-func NewReseedCommand() cli.Command {
-	return cli.Command{
+func getDefaultSigner() string {
+	intentionalsigner := os.Getenv("RESEED_EMAIL")
+	if intentionalsigner == "" {
+		adminsigner := os.Getenv("MAILTO")
+		if adminsigner != "" {
+			return strings.Replace(adminsigner, "\n", "", -1)
+		}
+		return ""
+	}
+	return strings.Replace(intentionalsigner, "\n", "", -1)
+}
+
+func getHostName() string {
+	hostname := os.Getenv("RESEED_HOSTNAME")
+	if hostname == "" {
+		hostname, _ = os.Hostname()
+	}
+	return strings.Replace(hostname, "\n", "", -1)
+}
+
+func providedReseeds(c *cli.Context) []string {
+	reseedArg := c.StringSlice("friends")
+	reseed.AllReseeds = reseedArg
+	return reseed.AllReseeds
+}
+
+// NewReseedCommand creates a new CLI command for starting a reseed server.
+func NewReseedCommand() *cli.Command {
+	ndb, err := getmeanetdb.WhereIstheNetDB()
+	if err != nil {
+		log.Fatal(err)
+	}
+	return &cli.Command{
 		Name:   "reseed",
 		Usage:  "Start a reseed server",
 		Action: reseedAction,
 		Flags: []cli.Flag{
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "signer",
+				Value: getDefaultSigner(),
 				Usage: "Your su3 signing ID (ex. something@mail.i2p)",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "tlsHost",
+				Value: getHostName(),
 				Usage: "The public hostname used on your TLS certificate",
 			},
-			cli.BoolFlag{
+			&cli.BoolFlag{
 				Name:  "onion",
 				Usage: "Present an onionv3 address",
 			},
-			cli.BoolFlag{
+			&cli.BoolFlag{
 				Name:  "singleOnion",
 				Usage: "Use a faster, but non-anonymous single-hop onion",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "onionKey",
 				Value: "onion.key",
 				Usage: "Specify a path to an ed25519 private key for onion",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "key",
 				Usage: "Path to your su3 signing private key",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "netdb",
+				Value: ndb,
 				Usage: "Path to NetDB directory containing routerInfos",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "tlsCert",
 				Usage: "Path to a TLS certificate",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "tlsKey",
 				Usage: "Path to a TLS private key",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "ip",
 				Value: "0.0.0.0",
 				Usage: "IP address to listen on",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "port",
 				Value: "8443",
 				Usage: "Port to listen on",
 			},
-			cli.IntFlag{
+			&cli.IntFlag{
 				Name:  "numRi",
 				Value: 77,
 				Usage: "Number of routerInfos to include in each su3 file",
 			},
-			cli.IntFlag{
+			&cli.IntFlag{
 				Name:  "numSu3",
-				Value: 0,
+				Value: 50,
 				Usage: "Number of su3 files to build (0 = automatic based on size of netdb)",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "interval",
 				Value: "90h",
 				Usage: "Duration between SU3 cache rebuilds (ex. 12h, 15m)",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "prefix",
 				Value: "",
 				Usage: "Prefix path for the HTTP(S) server. (ex. /netdb)",
 			},
-			cli.BoolFlag{
+			&cli.BoolFlag{
 				Name:  "trustProxy",
 				Usage: "If provided, we will trust the 'X-Forwarded-For' header in requests (ex. behind cloudflare)",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "blacklist",
 				Value: "",
 				Usage: "Path to a txt file containing a list of IPs to deny connections from.",
 			},
-			cli.DurationFlag{
+			&cli.DurationFlag{
 				Name:  "stats",
 				Value: 0,
 				Usage: "Periodically print memory stats.",
 			},
-			cli.BoolFlag{
-				Name:  "p2p",
-				Usage: "Listen for reseed request via libp2p",
-			},
-			cli.BoolFlag{
+			&cli.BoolFlag{
 				Name:  "i2p",
 				Usage: "Listen for reseed request inside the I2P network",
 			},
-			cli.BoolFlag{
+			&cli.BoolFlag{
 				Name:  "yes",
 				Usage: "Automatically answer 'yes' to self-signed SSL generation",
 			},
-			cli.StringFlag{
+			&cli.StringFlag{
 				Name:  "samaddr",
 				Value: "127.0.0.1:7656",
 				Usage: "Use this SAM address to set up I2P connections for in-network reseed",
 			},
-			cli.StringFlag{
-				Name:  "littleboss",
-				Value: "start",
-				Usage: "Self-Supervise this application",
+			&cli.StringSliceFlag{
+				Name:  "friends",
+				Value: cli.NewStringSlice(reseed.AllReseeds...),
+				Usage: "Ping other reseed servers and display the result on the homepage to provide information about reseed uptime.",
+			},
+			&cli.StringFlag{
+				Name:  "share-peer",
+				Value: "",
+				Usage: "Download the shared netDb content of another I2P router, over I2P",
+			},
+			&cli.StringFlag{
+				Name:  "share-password",
+				Value: "",
+				Usage: "Password for downloading netDb content from another router. Required for share-peer to work.",
+			},
+			&cli.BoolFlag{
+				Name:  "acme",
+				Usage: "Automatically generate a TLS certificate with the ACME protocol, defaults to Let's Encrypt",
+			},
+			&cli.StringFlag{
+				Name:  "acmeserver",
+				Value: "https://acme-staging-v02.api.letsencrypt.org/directory",
+				Usage: "Use this server to issue a certificate with the ACME protocol",
+			},
+			&cli.IntFlag{
+				Name:  "ratelimit",
+				Value: 4,
+				Usage: "Maximum number of reseed bundle requests per-IP address, per-hour.",
+			},
+			&cli.IntFlag{
+				Name:  "ratelimitweb",
+				Value: 40,
+				Usage: "Maxiumum number of web-visits per-IP address, per-hour",
 			},
 		},
 	}
@ -182,22 +247,53 @@ func LoadKeys(keysPath string, c *cli.Context) (i2pkeys.I2PKeys, error) {
 	}
 }

-func reseedAction(c *cli.Context) {
-	// validate flags
-	if c.String("littleboss") != "start" {
-		log.Println("--littleboss", c.String("littleboss"))
-		return
+// fileExists checks if a file exists and is not a directory before we
+// try using it to prevent further errors.
+func fileExists(filename string) bool {
+	info, err := os.Stat(filename)
+	if os.IsNotExist(err) {
+		return false
 	}
+	return !info.IsDir()
+}
+
+func reseedAction(c *cli.Context) error {
+	providedReseeds(c)
 	netdbDir := c.String("netdb")
 	if netdbDir == "" {
 		fmt.Println("--netdb is required")
-		return
+		return fmt.Errorf("--netdb is required")
 	}

 	signerID := c.String("signer")
-	if signerID == "" {
+	if signerID == "" || signerID == "you@mail.i2p" {
 		fmt.Println("--signer is required")
-		return
+		return fmt.Errorf("--signer is required")
+	}
+	if !strings.Contains(signerID, "@") {
+		if !fileExists(signerID) {
+			fmt.Println("--signer must be an email address or a file containing an email address.")
+			return fmt.Errorf("--signer must be an email address or a file containing an email address.")
+		}
+		bytes, err := ioutil.ReadFile(signerID)
+		if err != nil {
+			fmt.Println("--signer must be an email address or a file containing an email address.")
+			return fmt.Errorf("--signer must be an email address or a file containing an email address.")
+		}
+		signerID = string(bytes)
+	}
+	if c.String("share-peer") != "" {
+		count := []int{1, 2, 3, 4, 5, 6, 7, 8, 9, 10}
+		for i := range count {
+			err := downloadRemoteNetDB(c.String("share-peer"), c.String("share-password"), c.String("netdb"), c.String("samaddr"))
+			if err != nil {
+				log.Println("Error downloading remote netDb,", err, "retrying in 10 seconds", i, "attempts remaining")
+				time.Sleep(time.Second * 10)
+			} else {
+				break
+			}
+		}
+		go getSupplementalNetDb(c.String("share-peer"), c.String("share-password"), c.String("netdb"), c.String("samaddr"))
 	}

 	var tlsCert, tlsKey string
@ -208,13 +304,56 @@ func reseedAction(c *cli.Context) {
 	var i2pTlsCert, i2pTlsKey string
 	var i2pkey i2pkeys.I2PKeys

+	if tlsHost != "" {
+		onionTlsHost = tlsHost
+		i2pTlsHost = tlsHost
+		tlsKey = c.String("tlsKey")
+		// if no key is specified, default to the host.pem in the current dir
+		if tlsKey == "" {
+			tlsKey = tlsHost + ".pem"
+			onionTlsKey = tlsHost + ".pem"
+			i2pTlsKey = tlsHost + ".pem"
+		}
+
+		tlsCert = c.String("tlsCert")
+		// if no certificate is specified, default to the host.crt in the current dir
+		if tlsCert == "" {
+			tlsCert = tlsHost + ".crt"
+			onionTlsCert = tlsHost + ".crt"
+			i2pTlsCert = tlsHost + ".crt"
+		}
+
+		// prompt to create tls keys if they don't exist?
+		auto := c.Bool("yes")
+		ignore := c.Bool("trustProxy")
+		if !ignore {
+			// use ACME?
+			acme := c.Bool("acme")
+			if acme {
+				acmeserver := c.String("acmeserver")
+				err := checkUseAcmeCert(tlsHost, signerID, acmeserver, &tlsCert, &tlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
+			} else {
+				err := checkOrNewTLSCert(tlsHost, &tlsCert, &tlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
+			}
+		}
+
+	}
+
 	if c.Bool("i2p") {
 		var err error
 		i2pkey, err = LoadKeys("reseed.i2pkeys", c)
 		if err != nil {
 			log.Fatalln(err)
 		}
-		i2pTlsHost = i2pkey.Addr().Base32()
+		if i2pTlsHost == "" {
+			i2pTlsHost = i2pkey.Addr().Base32()
+		}
 		if i2pTlsHost != "" {
 			// if no key is specified, default to the host.pem in the current dir
 			if i2pTlsKey == "" {
@ -228,9 +367,12 @@ func reseedAction(c *cli.Context) {

 			// prompt to create tls keys if they don't exist?
 			auto := c.Bool("yes")
-			err := checkOrNewTLSCert(i2pTlsHost, &i2pTlsCert, &i2pTlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
+			ignore := c.Bool("trustProxy")
+			if !ignore {
+				err := checkOrNewTLSCert(i2pTlsHost, &i2pTlsCert, &i2pTlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
 			}
 		}
 	}
@ -250,8 +392,10 @@ func reseedAction(c *cli.Context) {
 			}
 			ok = []byte(key.PrivateKey())
 		}
-		onionTlsHost = torutil.OnionServiceIDFromPrivateKey(ed25519.PrivateKey(ok)) + ".onion"
-		err = ioutil.WriteFile(c.String("onionKey"), ok, 0644)
+		if onionTlsHost == "" {
+			onionTlsHost = torutil.OnionServiceIDFromPrivateKey(ed25519.PrivateKey(ok)) + ".onion"
+		}
+		err = ioutil.WriteFile(c.String("onionKey"), ok, 0o644)
 		if err != nil {
 			log.Fatalln(err.Error())
 		}
@ -268,38 +412,20 @@ func reseedAction(c *cli.Context) {

 			// prompt to create tls keys if they don't exist?
 			auto := c.Bool("yes")
-			err := checkOrNewTLSCert(onionTlsHost, &onionTlsCert, &onionTlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
+			ignore := c.Bool("trustProxy")
+			if !ignore {
+				err := checkOrNewTLSCert(onionTlsHost, &onionTlsCert, &onionTlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
 			}
 		}
 	}

-	if tlsHost != "" {
-		tlsKey = c.String("tlsKey")
-		// if no key is specified, default to the host.pem in the current dir
-		if tlsKey == "" {
-			tlsKey = tlsHost + ".pem"
-		}
-
-		tlsCert = c.String("tlsCert")
-		// if no certificate is specified, default to the host.crt in the current dir
-		if tlsCert == "" {
-			tlsCert = tlsHost + ".crt"
-		}
-
-		// prompt to create tls keys if they don't exist?
-		auto := c.Bool("yes")
-		err := checkOrNewTLSCert(tlsHost, &tlsCert, &tlsKey, auto)
-		if nil != err {
-			log.Fatalln(err)
-		}
-	}
-
 	reloadIntvl, err := time.ParseDuration(c.String("interval"))
 	if nil != err {
 		fmt.Printf("'%s' is not a valid time interval.\n", reloadIntvl)
-		return
+		return fmt.Errorf("'%s' is not a valid time interval.\n", reloadIntvl)
 	}

 	signerKey := c.String("key")
@ -345,26 +471,21 @@ func reseedAction(c *cli.Context) {
 			reseedI2P(c, i2pTlsCert, i2pTlsKey, i2pkey, reseeder)
 		}
 	}
-	if c.Bool("p2p") {
-		log.Printf("libP2P listener starting\n")
-		if tlsHost != "" && tlsCert != "" && tlsKey != "" {
-			go reseedP2P(c, reseeder)
-		} else {
-			reseedP2P(c, reseeder)
-		}
-	}
-	if tlsHost != "" && tlsCert != "" && tlsKey != "" {
+	if !c.Bool("trustProxy") {
 		log.Printf("HTTPS server starting\n")
 		reseedHTTPS(c, tlsCert, tlsKey, reseeder)
 	} else {
 		log.Printf("HTTP server starting on\n")
 		reseedHTTP(c, reseeder)
 	}
+	return nil
 }

-func reseedHTTPS(c *cli.Context, tlsCert, tlsKey string, reseeder reseed.Reseeder) {
+func reseedHTTPS(c *cli.Context, tlsCert, tlsKey string, reseeder *reseed.ReseederImpl) {
 	server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
 	server.Reseeder = reseeder
+	server.RequestRateLimit = c.Int("ratelimit")
+	server.WebRateLimit = c.Int("ratelimitweb")
 	server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))

 	// load a blacklist
@ -391,8 +512,10 @@ func reseedHTTPS(c *cli.Context, tlsCert, tlsKey string, reseeder reseed.Reseede
 	}
 }

-func reseedHTTP(c *cli.Context, reseeder reseed.Reseeder) {
+func reseedHTTP(c *cli.Context, reseeder *reseed.ReseederImpl) {
 	server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
+	server.RequestRateLimit = c.Int("ratelimit")
+	server.WebRateLimit = c.Int("ratelimitweb")
 	server.Reseeder = reseeder
 	server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))

@ -420,53 +543,7 @@ func reseedHTTP(c *cli.Context, reseeder reseed.Reseeder) {
 	}
 }

-func makeRandomHost(port int) (host.Host, error) {
-	host, err := libp2p.New(context.Background(), libp2p.ListenAddrStrings(fmt.Sprintf("/ip4/127.0.0.1/tcp/%d", port)))
-	if err != nil {
-		return nil, err
-	}
-	return host, nil
-}
-
-func reseedP2P(c *cli.Context, reseeder reseed.Reseeder) {
-	server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
-	server.Reseeder = reseeder
-	server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))
-
-	// load a blacklist
-	blacklist := reseed.NewBlacklist()
-	server.Blacklist = blacklist
-	blacklistFile := c.String("blacklist")
-	if "" != blacklistFile {
-		blacklist.LoadFile(blacklistFile)
-	}
-
-	// print stats once in a while
-	if c.Duration("stats") != 0 {
-		go func() {
-			var mem runtime.MemStats
-			for range time.Tick(c.Duration("stats")) {
-				runtime.ReadMemStats(&mem)
-				log.Printf("TotalAllocs: %d Kb, Allocs: %d Kb, Mallocs: %d, NumGC: %d", mem.TotalAlloc/1024, mem.Alloc/1024, mem.Mallocs, mem.NumGC)
-			}
-		}()
-	}
-	port, err := strconv.Atoi(c.String("port"))
-	if err != nil {
-		log.Fatalln(err.Error())
-	}
-	port += 2
-	host, err := makeRandomHost(port)
-	if err != nil {
-		log.Fatalln(err.Error())
-	}
-	log.Printf("P2P listener started on %s\n", host.ID())
-	if err := server.ListenAndServeLibP2P(host); err != nil {
-		log.Fatalln(err)
-	}
-}
-
-func reseedOnion(c *cli.Context, onionTlsCert, onionTlsKey string, reseeder reseed.Reseeder) {
+func reseedOnion(c *cli.Context, onionTlsCert, onionTlsKey string, reseeder *reseed.ReseederImpl) {
 	server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
 	server.Reseeder = reseeder
 	server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))
@ -541,8 +618,10 @@ func reseedOnion(c *cli.Context, onionTlsCert, onionTlsKey string, reseeder rese
 	log.Printf("Onion server started on %s\n", server.Addr)
 }

-func reseedI2P(c *cli.Context, i2pTlsCert, i2pTlsKey string, i2pIdentKey i2pkeys.I2PKeys, reseeder reseed.Reseeder) {
+func reseedI2P(c *cli.Context, i2pTlsCert, i2pTlsKey string, i2pIdentKey i2pkeys.I2PKeys, reseeder *reseed.ReseederImpl) {
 	server := reseed.NewServer(c.String("prefix"), c.Bool("trustProxy"))
+	server.RequestRateLimit = c.Int("ratelimit")
+	server.WebRateLimit = c.Int("ratelimitweb")
 	server.Reseeder = reseeder
 	server.Addr = net.JoinHostPort(c.String("ip"), c.String("port"))

@ -577,8 +656,96 @@ func reseedI2P(c *cli.Context, i2pTlsCert, i2pTlsKey string, i2pIdentKey i2pkeys
 		if err := server.ListenAndServeI2P(c.String("samaddr"), i2pIdentKey); err != nil {
 			log.Fatalln(err)
 		}
-
 	}

 	log.Printf("Onion server started on %s\n", server.Addr)
 }
+
+func getSupplementalNetDb(remote, password, path, samaddr string) {
+	log.Println("Remote NetDB Update Loop")
+	for {
+		if err := downloadRemoteNetDB(remote, password, path, samaddr); err != nil {
+			log.Println("Error downloading remote netDb", err)
+			time.Sleep(time.Second * 30)
+		} else {
+			log.Println("Success downloading remote netDb", err)
+			time.Sleep(time.Minute * 30)
+		}
+	}
+}
+
+func downloadRemoteNetDB(remote, password, path, samaddr string) error {
+	var hremote string
+	if !strings.HasPrefix("http://", remote) && !strings.HasPrefix("https://", remote) {
+		hremote = "http://" + remote
+	}
+	if !strings.HasSuffix(hremote, ".tar.gz") {
+		hremote += "/netDb.tar.gz"
+	}
+	url, err := url.Parse(hremote)
+	if err != nil {
+		return err
+	}
+	httpRequest := http.Request{
+		URL:    url,
+		Header: http.Header{},
+	}
+	garlic, err := onramp.NewGarlic("reseed-client", samaddr, onramp.OPT_WIDE)
+	if err != nil {
+		return err
+	}
+
+	defer garlic.Close()
+	httpRequest.Header.Add(http.CanonicalHeaderKey("reseed-password"), password)
+	httpRequest.Header.Add(http.CanonicalHeaderKey("x-user-agent"), reseed.I2pUserAgent)
+	transport := http.Transport{
+		Dial: garlic.Dial,
+	}
+	client := http.Client{
+		Transport: &transport,
+	}
+	if resp, err := client.Do(&httpRequest); err != nil {
+		return err
+	} else {
+		if bodyBytes, err := ioutil.ReadAll(resp.Body); err != nil {
+			return err
+		} else {
+			if err := ioutil.WriteFile("netDb.tar.gz", bodyBytes, 0o644); err != nil {
+				return err
+			} else {
+				dbPath := filepath.Join(path, "reseed-netDb")
+				if err := untar.UntarFile("netDb.tar.gz", dbPath); err != nil {
+					return err
+				} else {
+					// For example...
+					opt := copy.Options{
+						Skip: func(info os.FileInfo, src, dest string) (bool, error) {
+							srcBase := filepath.Base(src)
+							dstBase := filepath.Base(dest)
+							if info.IsDir() {
+								return false, nil
+							}
+							if srcBase == dstBase {
+								log.Println("Ignoring existing RI", srcBase, dstBase)
+								return true, nil
+							}
+							return false, nil
+						},
+					}
+					if err := copy.Copy(dbPath, path, opt); err != nil {
+						return err
+					} else {
+						if err := os.RemoveAll(dbPath); err != nil {
+							return err
+						} else {
+							if err := os.RemoveAll("netDb.tar.gz"); err != nil {
+								return err
+							}
+							return nil
+						}
+					}
+				}
+			}
+		}
+	}
+}
--- a/cmd/share.go
+++ b/cmd/share.go
@ -0,0 +1,153 @@
+package cmd
+
+import (
+
+	//"flag"
+
+	"archive/tar"
+	"bytes"
+	"io"
+	"log"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/urfave/cli/v3"
+
+	"github.com/eyedeekay/checki2cp/getmeanetdb"
+	"github.com/eyedeekay/onramp"
+)
+
+// NewShareCommand creates a new CLI Command for sharing the netDb over I2P with a password.
+// Can be used to combine the local netDb with the netDb of a remote I2P router.
+func NewShareCommand() *cli.Command {
+	ndb, err := getmeanetdb.WhereIstheNetDB()
+	if err != nil {
+		log.Fatal(err)
+	}
+	return &cli.Command{
+		Name:   "share",
+		Usage:  "Start a netDb sharing server",
+		Action: shareAction,
+		Flags: []cli.Flag{
+			&cli.StringFlag{
+				Name:  "signer",
+				Value: getDefaultSigner(),
+				Usage: "Your su3 signing ID (ex. something@mail.i2p)",
+			},
+			&cli.StringFlag{
+				Name:  "key",
+				Usage: "Path to your su3 signing private key",
+			},
+			&cli.StringFlag{
+				Name:  "netdb",
+				Value: ndb,
+				Usage: "Path to NetDB directory containing routerInfos",
+			},
+			&cli.StringFlag{
+				Name:  "samaddr",
+				Value: "127.0.0.1:7656",
+				Usage: "Use this SAM address to set up I2P connections for in-network sharing",
+			},
+			&cli.StringFlag{
+				Name:  "share-password",
+				Value: "",
+				Usage: "Share the contents of your netDb directory privately over I2P as a tar.gz archive. Will fail is password is blank.",
+			},
+		},
+	}
+}
+
+type sharer struct {
+	http.FileSystem
+	http.Handler
+	Path     string
+	Password string
+}
+
+func (s *sharer) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	p, ok := r.Header[http.CanonicalHeaderKey("reseed-password")]
+	if !ok {
+		return
+	}
+	if p[0] != s.Password {
+		return
+	}
+	log.Println("Path", r.URL.Path)
+	if strings.HasSuffix(r.URL.Path, "tar.gz") {
+		log.Println("Serving netdb")
+		archive, err := walker(s.Path)
+		if err != nil {
+			return
+		}
+		w.Write(archive.Bytes())
+		return
+	}
+	s.Handler.ServeHTTP(w, r)
+}
+
+func Sharer(netDbDir, password string) *sharer {
+	fileSystem := &sharer{
+		FileSystem: http.Dir(netDbDir),
+		Path:       netDbDir,
+		Password:   password,
+	}
+	fileSystem.Handler = http.FileServer(fileSystem.FileSystem)
+	return fileSystem
+}
+
+func shareAction(c *cli.Context) error {
+	netDbDir, err := filepath.Abs(c.String("netdb"))
+	if err != nil {
+		return err
+	}
+	httpFs := Sharer(netDbDir, c.String("share-password"))
+	garlic, err := onramp.NewGarlic("reseed", c.String("samaddr"), onramp.OPT_WIDE)
+	if err != nil {
+		return err
+	}
+	garlicListener, err := garlic.Listen()
+	if err != nil {
+		return err
+	}
+	return http.Serve(garlicListener, httpFs)
+}
+
+func walker(netDbDir string) (*bytes.Buffer, error) {
+	var buf bytes.Buffer
+	tw := tar.NewWriter(&buf)
+	walkFn := func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		if info.Mode().IsDir() {
+			return nil
+		}
+		new_path := path[len(netDbDir):]
+		if len(new_path) == 0 {
+			return nil
+		}
+		fr, err := os.Open(path)
+		if err != nil {
+			return err
+		}
+		defer fr.Close()
+		if h, err := tar.FileInfoHeader(info, new_path); err != nil {
+			log.Fatalln(err)
+		} else {
+			h.Name = new_path
+			if err = tw.WriteHeader(h); err != nil {
+				log.Fatalln(err)
+			}
+		}
+		if _, err := io.Copy(tw, fr); err != nil {
+			log.Fatalln(err)
+		}
+		return nil
+	}
+	if err := filepath.Walk(netDbDir, walkFn); err != nil {
+		return nil, err
+	}
+	return &buf, nil
+}
--- a/cmd/utils.go
+++ b/cmd/utils.go
@ -2,10 +2,12 @@ package cmd

 import (
 	"bufio"
+	"crypto"
 	"crypto/ecdsa"
 	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/rsa"
+	"crypto/tls"
 	"crypto/x509"
 	"crypto/x509/pkix"
 	"encoding/asn1"
@ -16,8 +18,15 @@ import (
 	"strings"
 	"time"

-	"github.com/eyedeekay/i2p-tools-1/reseed"
-	"github.com/eyedeekay/i2p-tools-1/su3"
+	"i2pgit.org/idk/reseed-tools/reseed"
+	"i2pgit.org/idk/reseed-tools/su3"
+
+	"github.com/go-acme/lego/v4/certcrypto"
+	"github.com/go-acme/lego/v4/certificate"
+	"github.com/go-acme/lego/v4/challenge/http01"
+	"github.com/go-acme/lego/v4/challenge/tlsalpn01"
+	"github.com/go-acme/lego/v4/lego"
+	"github.com/go-acme/lego/v4/registration"
 )

 func loadPrivateKey(path string) (*rsa.PrivateKey, error) {
@ -35,6 +44,26 @@ func loadPrivateKey(path string) (*rsa.PrivateKey, error) {
 	return privKey, nil
 }

+// Taken directly from the lego example, since we need very minimal support
+// https://go-acme.github.io/lego/usage/library/
+type MyUser struct {
+	Email        string
+	Registration *registration.Resource
+	key          crypto.PrivateKey
+}
+
+func (u *MyUser) GetEmail() string {
+	return u.Email
+}
+
+func (u MyUser) GetRegistration() *registration.Resource {
+	return u.Registration
+}
+
+func (u *MyUser) GetPrivateKey() crypto.PrivateKey {
+	return u.key
+}
+
 func signerFile(signerID string) string {
 	return strings.Replace(signerID, "@", "_at_", 1)
 }
@ -60,6 +89,165 @@ func getOrNewSigningCert(signerKey *string, signerID string, auto bool) (*rsa.Pr
 	return loadPrivateKey(*signerKey)
 }

+func checkUseAcmeCert(tlsHost, signer, cadirurl string, tlsCert, tlsKey *string, auto bool) error {
+	_, certErr := os.Stat(*tlsCert)
+	_, keyErr := os.Stat(*tlsKey)
+	if certErr != nil || keyErr != nil {
+		if certErr != nil {
+			fmt.Printf("Unable to read TLS certificate '%s'\n", *tlsCert)
+		}
+		if keyErr != nil {
+			fmt.Printf("Unable to read TLS key '%s'\n", *tlsKey)
+		}
+
+		if !auto {
+			fmt.Printf("Would you like to generate a new certificate with Let's Encrypt or a custom ACME server? '%s'? (y or n): ", tlsHost)
+			reader := bufio.NewReader(os.Stdin)
+			input, _ := reader.ReadString('\n')
+			if []byte(input)[0] != 'y' {
+				fmt.Println("Continuing without TLS")
+				return nil
+			}
+		}
+	} else {
+		TLSConfig := &tls.Config{}
+		TLSConfig.NextProtos = []string{"http/1.1"}
+		TLSConfig.Certificates = make([]tls.Certificate, 1)
+		var err error
+		TLSConfig.Certificates[0], err = tls.LoadX509KeyPair(*tlsCert, *tlsKey)
+		if err != nil {
+			return err
+		}
+		if time.Now().Sub(TLSConfig.Certificates[0].Leaf.NotAfter) < (time.Hour * 48) {
+			ecder, err := ioutil.ReadFile(tlsHost + signer + ".acme.key")
+			if err != nil {
+				return err
+			}
+			privateKey, err := x509.ParseECPrivateKey(ecder)
+			if err != nil {
+				return err
+			}
+			user := MyUser{
+				Email: signer,
+				key:   privateKey,
+			}
+			config := lego.NewConfig(&user)
+			config.CADirURL = cadirurl
+			config.Certificate.KeyType = certcrypto.RSA2048
+			client, err := lego.NewClient(config)
+			if err != nil {
+				return err
+			}
+			renewAcmeIssuedCert(client, user, tlsHost, tlsCert, tlsKey)
+		} else {
+			return nil
+		}
+	}
+	privateKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	if err != nil {
+		return err
+	}
+	ecder, err := x509.MarshalECPrivateKey(privateKey)
+	if err != nil {
+		return err
+	}
+	filename := tlsHost + signer + ".acme.key"
+	keypem, err := os.OpenFile(filename, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
+	if err != nil {
+		return err
+	}
+	defer keypem.Close()
+	err = pem.Encode(keypem, &pem.Block{Type: "EC PRIVATE KEY", Bytes: ecder})
+	if err != nil {
+		return err
+	}
+	user := MyUser{
+		Email: signer,
+		key:   privateKey,
+	}
+	config := lego.NewConfig(&user)
+	config.CADirURL = cadirurl
+	config.Certificate.KeyType = certcrypto.RSA2048
+	client, err := lego.NewClient(config)
+	if err != nil {
+		return err
+	}
+	return newAcmeIssuedCert(client, user, tlsHost, tlsCert, tlsKey)
+}
+
+func renewAcmeIssuedCert(client *lego.Client, user MyUser, tlsHost string, tlsCert, tlsKey *string) error {
+	var err error
+	err = client.Challenge.SetHTTP01Provider(http01.NewProviderServer("", "8000"))
+	if err != nil {
+		return err
+	}
+	err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer("", "8443"))
+	if err != nil {
+		return err
+	}
+
+	// New users will need to register
+	if user.Registration, err = client.Registration.QueryRegistration(); err != nil {
+		reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
+		if err != nil {
+			return err
+		}
+		user.Registration = reg
+	}
+	resource, err := client.Certificate.Get(tlsHost, true)
+	if err != nil {
+		return err
+	}
+	certificates, err := client.Certificate.Renew(*resource, true, false, "")
+	if err != nil {
+		return err
+	}
+
+	ioutil.WriteFile(tlsHost+".pem", certificates.PrivateKey, 0o600)
+	ioutil.WriteFile(tlsHost+".crt", certificates.Certificate, 0o600)
+	//	ioutil.WriteFile(tlsHost+".crl", certificates.PrivateKey, 0600)
+	*tlsCert = tlsHost + ".crt"
+	*tlsKey = tlsHost + ".pem"
+	return nil
+}
+
+func newAcmeIssuedCert(client *lego.Client, user MyUser, tlsHost string, tlsCert, tlsKey *string) error {
+	var err error
+	err = client.Challenge.SetHTTP01Provider(http01.NewProviderServer("", "8000"))
+	if err != nil {
+		return err
+	}
+	err = client.Challenge.SetTLSALPN01Provider(tlsalpn01.NewProviderServer("", "8443"))
+	if err != nil {
+		return err
+	}
+
+	// New users will need to register
+	if user.Registration, err = client.Registration.QueryRegistration(); err != nil {
+		reg, err := client.Registration.Register(registration.RegisterOptions{TermsOfServiceAgreed: true})
+		if err != nil {
+			return err
+		}
+		user.Registration = reg
+	}
+
+	request := certificate.ObtainRequest{
+		Domains: []string{tlsHost},
+		Bundle:  true,
+	}
+	certificates, err := client.Certificate.Obtain(request)
+	if err != nil {
+		return err
+	}
+
+	ioutil.WriteFile(tlsHost+".pem", certificates.PrivateKey, 0o600)
+	ioutil.WriteFile(tlsHost+".crt", certificates.Certificate, 0o600)
+	//	ioutil.WriteFile(tlsHost+".crl", certificates.PrivateKey, 0600)
+	*tlsCert = tlsHost + ".crt"
+	*tlsKey = tlsHost + ".pem"
+	return nil
+}
+
 func checkOrNewTLSCert(tlsHost string, tlsCert, tlsKey *string, auto bool) error {
 	_, certErr := os.Stat(*tlsCert)
 	_, keyErr := os.Stat(*tlsKey)
@ -71,7 +259,7 @@ func checkOrNewTLSCert(tlsHost string, tlsCert, tlsKey *string, auto bool) error
 			fmt.Printf("Unable to read TLS key '%s'\n", *tlsKey)
 		}

-		if auto {
+		if !auto {
 			fmt.Printf("Would you like to generate a new self-signed certificate for '%s'? (y or n): ", tlsHost)
 			reader := bufio.NewReader(os.Stdin)
 			input, _ := reader.ReadString('\n')
@ -117,7 +305,7 @@ func createSigningCertificate(signerID string) error {

 	// save signing private key
 	privFile := signerFile(signerID) + ".pem"
-	keyOut, err := os.OpenFile(privFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	keyOut, err := os.OpenFile(privFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
 	if err != nil {
 		return fmt.Errorf("failed to open %s for writing: %v", privFile, err)
 	}
@ -128,7 +316,7 @@ func createSigningCertificate(signerID string) error {

 	// CRL
 	crlFile := signerFile(signerID) + ".crl"
-	crlOut, err := os.OpenFile(crlFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	crlOut, err := os.OpenFile(crlFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
 	if err != nil {
 		return fmt.Errorf("failed to open %s for writing: %s", crlFile, err)
 	}
@ -161,6 +349,10 @@ func createSigningCertificate(signerID string) error {
 }

 func createTLSCertificate(host string) error {
+	return CreateTLSCertificate(host)
+}
+
+func CreateTLSCertificate(host string) error {
 	fmt.Println("Generating TLS keys. This may take a minute...")
 	priv, err := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
 	if err != nil {
@ -183,7 +375,7 @@ func createTLSCertificate(host string) error {

 	// save the TLS private key
 	privFile := host + ".pem"
-	keyOut, err := os.OpenFile(privFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	keyOut, err := os.OpenFile(privFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
 	if err != nil {
 		return fmt.Errorf("failed to open %s for writing: %v", privFile, err)
 	}
@ -198,7 +390,7 @@ func createTLSCertificate(host string) error {

 	// CRL
 	crlFile := host + ".crl"
-	crlOut, err := os.OpenFile(crlFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
+	crlOut, err := os.OpenFile(crlFile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
 	if err != nil {
 		return fmt.Errorf("failed to open %s for writing: %s", crlFile, err)
 	}
--- a/cmd/verify.go
+++ b/cmd/verify.go
@ -3,56 +3,104 @@ package cmd
 import (
 	"fmt"
 	"io/ioutil"
+	"log"
+	"os"
+	"os/user"
+	"path/filepath"

-	"github.com/eyedeekay/i2p-tools-1/reseed"
-	"github.com/eyedeekay/i2p-tools-1/su3"
-	"github.com/urfave/cli"
+	"github.com/urfave/cli/v3"
+	"i2pgit.org/idk/reseed-tools/reseed"
+	"i2pgit.org/idk/reseed-tools/su3"
 )

-func NewSu3VerifyCommand() cli.Command {
-	return cli.Command{
+func I2PHome() string {
+	envCheck := os.Getenv("I2P")
+	if envCheck != "" {
+		return envCheck
+	}
+	// get the current user home
+	usr, err := user.Current()
+	if nil != err {
+		panic(err)
+	}
+	sysCheck := filepath.Join(usr.HomeDir, "i2p-config")
+	if _, err := os.Stat(sysCheck); nil == err {
+		return sysCheck
+	}
+	usrCheck := filepath.Join(usr.HomeDir, "i2p")
+	if _, err := os.Stat(usrCheck); nil == err {
+		return usrCheck
+	}
+	return ""
+}
+
+func NewSu3VerifyCommand() *cli.Command {
+	return &cli.Command{
 		Name:        "verify",
 		Usage:       "Verify a Su3 file",
 		Description: "Verify a Su3 file",
 		Action:      su3VerifyAction,
 		Flags: []cli.Flag{
-			cli.BoolFlag{
+			&cli.BoolFlag{
 				Name:  "extract",
 				Usage: "Also extract the contents of the su3",
 			},
+			&cli.StringFlag{
+				Name:  "signer",
+				Value: getDefaultSigner(),
+				Usage: "Your su3 signing ID (ex. something@mail.i2p)",
+			},
+			&cli.StringFlag{
+				Name:  "keystore",
+				Value: filepath.Join(I2PHome(), "/certificates/reseed"),
+				Usage: "Path to the keystore",
+			},
 		},
 	}
 }

-func su3VerifyAction(c *cli.Context) {
+func su3VerifyAction(c *cli.Context) error {
 	su3File := su3.New()

 	data, err := ioutil.ReadFile(c.Args().Get(0))
 	if nil != err {
-		panic(err)
+		return err
 	}
 	if err := su3File.UnmarshalBinary(data); err != nil {
-		panic(err)
+		return err
 	}

 	fmt.Println(su3File.String())
+	absPath, err := filepath.Abs(c.String("keystore"))
+	if nil != err {
+		return err
+	}
+	keyStorePath := filepath.Dir(absPath)
+	reseedDir := filepath.Base(absPath)

 	// get the reseeder key
-	ks := reseed.KeyStore{Path: "./certificates"}
-	cert, err := ks.ReseederCertificate(su3File.SignerID)
+	ks := reseed.KeyStore{Path: keyStorePath}
+
+	if c.String("signer") != "" {
+		su3File.SignerID = []byte(c.String("signer"))
+	}
+	log.Println("Using keystore:", absPath, "for purpose", reseedDir, "and", string(su3File.SignerID))
+
+	cert, err := ks.DirReseederCertificate(reseedDir, su3File.SignerID)
 	if nil != err {
 		fmt.Println(err)
-		return
+		return err
 	}

 	if err := su3File.VerifySignature(cert); nil != err {
-		panic(err)
+		return err
 	}

 	fmt.Printf("Signature is valid for signer '%s'\n", su3File.SignerID)

 	if c.Bool("extract") {
 		// @todo: don't assume zip
-		ioutil.WriteFile("extracted.zip", su3File.BodyBytes(), 0755)
+		ioutil.WriteFile("extracted.zip", su3File.BodyBytes(), 0o755)
 	}
+	return nil
 }
--- a/cmd/version.go
+++ b/cmd/version.go
@ -0,0 +1,19 @@
+package cmd
+
+import (
+	"fmt"
+
+	"github.com/urfave/cli/v3"
+	"i2pgit.org/idk/reseed-tools/reseed"
+)
+
+func NewVersionCommand() *cli.Command {
+	return &cli.Command{
+		Name:  "version",
+		Usage: "Print the version number of reseed-tools",
+		Action: func(c *cli.Context) error {
+			fmt.Printf("%s\n", reseed.Version)
+			return nil
+		},
+	}
+}
--- a/content/images/reseed-icon.png
+++ b/content/images/reseed-icon.png
--- a/content/images/reseed.png
+++ b/content/images/reseed.png
--- a/content/index.html
+++ b/content/index.html
@ -0,0 +1,10 @@
+<h1 id="you-have-found-an-i2p-reseed">You have found an I2P Reseed</h1>
+<p>Maybe it was by accident, or maybe you visited the URL because you saw it in the software somewhere. While we’ve got your attention, we’re going to take this opportunity to tell you a little about what we do here. I2P is a peer-to-peer network which uses “Garlic Routing” to maintain privacy. Reseed nodes help you get connected to I2P for the first time, and even though you should only have to use them once in a great while, they are very important services.</p>
+<h2 id="to-learn-more-about-i2p-visit"><a href="https://geti2p.net">To learn more about I2P, visit</a></h2>
+<p><a href="https://geti2p.net"><img src="images/reseed.png" alt="Help reseed" /></a></p>
+<ul>
+<li><a href="https://geti2p.net/en/docs/reseed">Learn more about reseeds here:</a></li>
+<li><a href="https://geti2p.net/en/get-involved/guides/reseed">Learn how to run a reseed here:</a></li>
+<li><a href="https://i2pgit.org/idk/reseed-tools">Read the reseed server code and learn about more reseed options here:</a></li>
+</ul>
+<p>Here on purpose? Here’s a one-time link to a reseed bundle for you.</p>
--- a/content/lang/ar/homepage.md
+++ b/content/lang/ar/homepage.md
@ -0,0 +1,18 @@
+هذا هو خادم I2P Reseed
+=============================
+
+I2P هي شبكة نظير إلى نظير تستخدم "توجيه الثوم" للحفاظ على الخصوصية.
+تساعدك عقد Reseed على الاتصال بـ I2P لأول مرة ، وعلى الرغم من ذلك
+يجب عليك فقط استخدامها مرة واحدة كل فترة ، فهي مهمة جدًا
+خدمات.
+
+[لمزيد من المعلومات حول I2P ، قم بزيارة موقع المشروع] (https://geti2p.net)
+------------------------------------------------------------------------
+
+[! [إعادة المساعدة] (images / reseed.png)] (https://geti2p.net)
+
+  - [مزيد من المعلومات حول عمليات إعادة التوريد] (https://geti2p.net/en/docs/reseed)
+  - [تعرف على كيفية تشغيل Reseed] (https://geti2p.net/en/get-involved/guides/reseed)
+  - [اقرأ رمز خادم إعادة التزويد وتعرّف على المزيد من خيارات إعادة التزويد] (https://i2pgit.org/idk/reseed-tools)
+
+### هل لديك مشاكل في الاتصال؟ إليك رابط لمرة واحدة لحزمة إعادة إرسال لك.
--- a/content/lang/bn/homepage.md
+++ b/content/lang/bn/homepage.md
@ -0,0 +1,18 @@
+এটি একটি I2P রিসিড সার্ভার
+============================
+
+I2P হল একটি পিয়ার-টু-পিয়ার নেটওয়ার্ক যা গোপনীয়তা বজায় রাখতে "গার্লিক রাউটিং" ব্যবহার করে।
+রিসিড নোড আপনাকে প্রথমবার I2P এর সাথে সংযুক্ত হতে সাহায্য করে, এবং যদিও
+আপনি শুধুমাত্র একটি মহান সময়ের মধ্যে একবার তাদের ব্যবহার করা উচিত, তারা খুবই গুরুত্বপূর্ণ
+সেবা.
+
+[I2P সম্পর্কে আরও জানতে, প্রকল্পের ওয়েবসাইট দেখুন](https://geti2p.net)
+-------------------------------------------------------------------------------------
+
+[![রিসিড করতে সাহায্য করুন](images/reseed.png)](https://geti2p.net)
+
+  - [রিসিড সম্পর্কে আরও জানুন](https://geti2p.net/en/docs/reseed)
+  - [কিভাবে রিসিড চালাতে হয় তা জানুন](https://geti2p.net/en/get-involved/guides/reseed)
+  - [রিসিড সার্ভার কোড পড়ুন এবং আরও রিসিড বিকল্প সম্পর্কে জানুন](https://i2pgit.org/idk/reseed-tools)
+
+### সংযোগ সমস্যা হচ্ছে? এখানে আপনার জন্য একটি রিসিড বান্ডেলের একটি এককালীন লিঙ্ক রয়েছে৷
--- a/content/lang/de/homepage.md
+++ b/content/lang/de/homepage.md
@ -0,0 +1,18 @@
+Dies ist ein I2P-Reseed-Server
+============================
+
+I2P ist ein Peer-to-Peer-Netzwerk, das „Garlic Routing“ verwendet, um die Privatsphäre zu wahren.
+Reseed-Knoten helfen Ihnen, zum ersten Mal mit I2P verbunden zu werden, und das obwohl
+Sie sollten sie nur ab und zu verwenden müssen, sie sind sehr wichtig
+Dienstleistungen.
+
+[Um mehr über I2P zu erfahren, besuchen Sie die Projektwebsite](https://geti2p.net)
+------------------------------------------------------------------------
+
+[![Hilfe neu aussäen](images/reseed.png)](https://geti2p.net)
+
+  - [Erfahren Sie mehr über Reseeds](https://geti2p.net/en/docs/reseed)
+  - [Erfahren Sie, wie Sie einen Reseed ausführen](https://geti2p.net/en/get-involved/guides/reseed)
+  - [Lesen Sie den Re-Seed-Server-Code und erfahren Sie mehr über Re-Seed-Optionen](https://i2pgit.org/idk/reseed-tools)
+
+### Haben Sie Verbindungsprobleme? Hier ist ein einmaliger Link zu einem Re-Seed-Bundle für Sie.
--- a/content/lang/en/homepage.md
+++ b/content/lang/en/homepage.md
@ -1,9 +1,18 @@
-You have found an I2P Reseed
+This is an I2P Reseed Server
 ============================

-Maybe it was by accident, or maybe you visited the URL because you saw it in the software somewhere. While we've got
-your attention, we're going to take this opportunity to tell you a little about what we do here. I2P is a peer-to-peer
-network which uses "Garlic Routing" to maintain privacy. Reseed nodes help you get connected to I2P for the first time,
-and even though you should only have to use them once in a great while, they are very important services.
+I2P is a peer-to-peer network which uses “Garlic Routing” to maintain privacy.
+Reseed nodes help you get connected to I2P for the first time, and even though
+you should only have to use them once in a great while, they are very important
+services.

-![Help reseed](images/reseed.png)
+[To learn more about I2P, visit the project website](https://geti2p.net)
+------------------------------------------------------------------------
+
+[![Help reseed](images/reseed.png)](https://geti2p.net)
+
+ - [Learn more about reseeds](https://geti2p.net/en/docs/reseed)
+ - [Learn how to run a reseed](https://geti2p.net/en/get-involved/guides/reseed)
+ - [Read the reseed server code and learn about more reseed options](https://i2pgit.org/idk/reseed-tools)
+
+### Having connection issues? Here is a one-time link to a reseed bundle for you.
--- a/content/lang/es/homepage.md
+++ b/content/lang/es/homepage.md
@ -0,0 +1,18 @@
+Este es un servidor de reinicio I2P
+============================
+
+I2P es una red de igual a igual que utiliza "Enrutamiento de ajo" para mantener la privacidad.
+Los nodos de reseed le ayudan a conectarse a I2P por primera vez, y aunque
+solo debería tener que usarlos de vez en cuando, son muy importantes
+servicios.
+
+[Para obtener más información sobre I2P, visite el sitio web del proyecto] (https://geti2p.net)
+------------------------------------------------------------------------
+
+[! [Help reseed] (images / reseed.png)] (https://geti2p.net)
+
+  - [Obtenga más información sobre reseeds] (https://geti2p.net/en/docs/reseed)
+  - [Aprenda a ejecutar un reseed] (https://geti2p.net/en/get-involved/guides/reseed)
+  - [Lea el código del servidor reseed y conozca más opciones de reseed] (https://i2pgit.org/idk/reseed-tools)
+
+### ¿Tienes problemas de conexión? Aquí hay un enlace único a un paquete reseed para usted.
--- a/content/lang/fr/homepage.md
+++ b/content/lang/fr/homepage.md
@ -0,0 +1,18 @@
+Ceci est un serveur de réensemencement I2P
+============================
+
+I2P est un réseau peer-to-peer qui utilise le « routage à l'ail » pour maintenir la confidentialité.
+Les nœuds de réamorçage vous aident à vous connecter à I2P pour la première fois, et même si
+vous ne devriez avoir à les utiliser qu'une fois de temps en temps, ils sont très importants
+prestations de service.
+
+[Pour en savoir plus sur I2P, visitez le site Web du projet](https://geti2p.net)
+------------------------------------------------------------------------
+
+[![Aide à reseed](images/reseed.png)](https://geti2p.net)
+
+  - [En savoir plus sur les réensemencements](https://geti2p.net/en/docs/reseed)
+  - [Apprenez à exécuter un reseed](https://geti2p.net/en/get-involved/guides/reseed)
+  - [Lire le code du serveur de réensemencement et en savoir plus sur les options de réensemencement] (https://i2pgit.org/idk/reseed-tools)
+
+### Vous avez des problèmes de connexion ? Voici un lien unique vers un paquet de graines pour vous.
--- a/content/lang/hi/homepage.md
+++ b/content/lang/hi/homepage.md
@ -0,0 +1,18 @@
+यह एक I2P शोधित सर्वर है
+===========================
+
+I2P एक पीयर-टू-पीयर नेटवर्क है जो गोपनीयता बनाए रखने के लिए "लहसुन रूटिंग" का उपयोग करता है।
+रीसेड नोड्स आपको पहली बार I2P से कनेक्ट होने में मदद करते हैं, और भले ही
+आपको उन्हें केवल एक बार ही उपयोग करना चाहिए, वे बहुत महत्वपूर्ण हैं
+सेवाएं।
+
+[I2P के बारे में अधिक जानने के लिए, प्रोजेक्ट वेबसाइट पर जाएँ](https://geti2p.net)
+-------------------------------------------------------------------------
+
+[![Reseed में मदद करें](images/reseed.png)](https://geti2p.net)
+
+  - [रिसेड्स के बारे में और जानें](https://geti2p.net/hi/docs/reseed)
+  - [रिसेड चलाना सीखें](https://geti2p.net/hi/get-involved/guides/reseed)
+  - [रीडेड सर्वर कोड पढ़ें और अधिक शोध विकल्पों के बारे में जानें](https://i2pgit.org/idk/reseed-tools)
+
+### कनेक्शन की समस्या आ रही है? यहां आपके लिए एक शोधित बंडल का वन-टाइम लिंक दिया गया है।
--- a/content/lang/id/homepage.md
+++ b/content/lang/id/homepage.md
@ -0,0 +1,18 @@
+Ini adalah Server Reseed I2P
+==============================
+
+I2P adalah jaringan peer-to-peer yang menggunakan "Garlic Routing" untuk menjaga privasi.
+Reseed node membantu Anda terhubung ke I2P untuk pertama kalinya, dan meskipun
+Anda hanya perlu menggunakannya sesekali, itu sangat penting
+jasa.
+
+[Untuk mempelajari lebih lanjut tentang I2P, kunjungi situs web proyek](https://geti2p.net)
+-------------------------------------------------- -----------------------
+
+[![Bantu reseed](images/reseed.png)](https://geti2p.net)
+
+  - [Pelajari lebih lanjut tentang reseed](https://geti2p.net/en/docs/reseed)
+  - [Pelajari cara menjalankan reseed](https://geti2p.net/en/get-involved/guides/reseed)
+  - [Baca kode server reseed dan pelajari tentang opsi reseed lainnya](https://i2pgit.org/idk/reseed-tools)
+
+### Mengalami masalah koneksi? Berikut ini tautan satu kali ke bundel reseed untuk Anda.
--- a/content/lang/jp/homepage.md
+++ b/content/lang/jp/homepage.md
@ -0,0 +1,18 @@
+これはI2PReseedServerです
+============================
+
+I2Pは、プライバシーを維持するために「GarlicRouting」を使用するピアツーピアネットワークです。
+再シードノードは、I2Pに初めて接続するのに役立ちます。
+たまに一度だけ使用する必要があります、それらは非常に重要です
+サービス。
+
+[I2Pの詳細については、プロジェクトのWebサイトにアクセスしてください]（https://geti2p.net）
+------------------------------------------------------------------------
+
+[！[再シードのヘルプ]（images / reseed.png）]（https://geti2p.net）
+
+  -[再シードの詳細]（https://geti2p.net/en/docs/reseed）
+  -[再シードの実行方法を学ぶ]（https://geti2p.net/en/get-involved/guides/reseed）
+  -[再シードサーバーコードを読み、再シードオプションの詳細を確認してください]（https://i2pgit.org/idk/reseed-tools）
+
+###接続に問題がありますか？ これがあなたのための再シードバンドルへのワンタイムリンクです。
--- a/content/lang/ko/homepage.md
+++ b/content/lang/ko/homepage.md
@ -0,0 +1,18 @@
+I2P Reseed 서버입니다.
+==============================
+
+I2P는 "Garlic Routing"을 사용하여 개인 정보를 유지하는 P2P 네트워크입니다.
+Reseed 노드는 처음으로 I2P에 연결하는 데 도움이 됩니다.
+아주 가끔은 한 번만 사용해야 하므로 매우 중요합니다.
+서비스.
+
+[I2P에 대한 자세한 내용은 프로젝트 웹 사이트를 방문하십시오.](https://geti2p.net)
+------------------------------------------------------------------------
+
+[![Help reseed](images/reseed.png)](https://geti2p.net)
+
+  - [리시드에 대해 자세히 알아보기](https://geti2p.net/en/docs/reseed)
+  - [리시드 실행 방법 알아보기](https://geti2p.net/en/get-involved/guides/reseed)
+  - [리시드 서버 코드를 읽고 더 많은 리시드 옵션에 대해 알아보세요](https://i2pgit.org/idk/reseed-tools)
+
+### 연결 문제가 있습니까? 다음은 reseed 번들에 대한 일회성 링크입니다.
--- a/content/lang/pr/homepage.md
+++ b/content/lang/pr/homepage.md
@ -0,0 +1,18 @@
+Este é um servidor I2P Reseed
+==============================
+
+I2P é uma rede ponto a ponto que usa “Roteamento de alho” para manter a privacidade.
+Nós Reseed ajudam você a se conectar ao I2P pela primeira vez, e mesmo que
+você só deve ter que usá-los de vez em quando, eles são muito importantes
+Serviços.
+
+[Para saber mais sobre I2P, visite o site do projeto] (https://geti2p.net)
+------------------------------------------------------------------------
+
+[! [Help reseed] (images / reseed.png)] (https://geti2p.net)
+
+  - [Saiba mais sobre reseeds] (https://geti2p.net/en/docs/reseed)
+  - [Saiba como executar uma nova propagação] (https://geti2p.net/en/get-involved/guides/reseed)
+  - [Leia o código do servidor de nova propagação e aprenda sobre mais opções de nova propagação] (https://i2pgit.org/idk/reseed-tools)
+
+### Tendo problemas de conexão? Aqui está um link único para um pacote reenviado para você.
--- a/content/lang/ru/homepage.md
+++ b/content/lang/ru/homepage.md
@ -0,0 +1,18 @@
+Это сервер I2P Reseed
+============================
+
+I2P - это одноранговая сеть, которая использует «Garlic Routing» для обеспечения конфиденциальности.
+Узлы с повторным заполнением помогут вам впервые подключиться к I2P, и даже если
+вы должны использовать их только время от времени, они очень важны
+Сервисы.
+
+[Чтобы узнать больше об I2P, посетите сайт проекта] (https://geti2p.net)
+------------------------------------------------------------------------
+
+[! [Повторное заполнение справки] (images / Reseed.png)] (https://geti2p.net)
+
+  - [Подробнее о Reseeds] (https://geti2p.net/en/docs/reseed)
+  - [Узнайте, как запустить повторное заполнение] (https://geti2p.net/en/get-involved/guides/reseed)
+  - [Прочтите код сервера повторного заполнения и узнайте о дополнительных параметрах повторного заполнения] (https://i2pgit.org/idk/reseed-tools)
+
+### Возникли проблемы с подключением? Вот вам одноразовая ссылка на набор повторных рассылок.
--- a/content/lang/zh/homepage.md
+++ b/content/lang/zh/homepage.md
@ -0,0 +1,18 @@
+这是一个 I2P Reseed 服务器
+============================
+
+I2P 是一种点对点网络，它使用“大蒜路由”来维护隐私。
+Reseed 节点可帮助您首次连接到 I2P，即使
+你应该只需要偶尔使用它们，它们非常重要
+服务。
+
+【了解更多关于I2P，请访问项目网站】(https://geti2p.net)
+-----------------------------------------------------------------
+
+[![帮助重新播种](images/reseed.png)](https://geti2p.net)
+
+  - [了解更多关于 reseeds](https://geti2p.net/en/docs/reseed)
+  - [了解如何进行重新播种](https://geti2p.net/en/get-involved/guides/reseed)
+  - [阅读 reseed 服务器代码并了解更多 reseed 选项](https://i2pgit.org/idk/reseed-tools)
+
+### 有连接问题？ 这是为您提供的重新种子包的一次性链接。
--- a/content/style.css
+++ b/content/style.css
@ -1,15 +1,85 @@
 body {
-	font-family: monospace;
+	font-family: "Roboto", monospace;
 	text-align: justify;
+	background-color: #D9D9D9;
+}
+h1 {
+	width: 55%;
+	margin-left: 45%;
+	margin-top: 5%;
+}
+h2 {
+	width: 55%;
+	margin-left: 45%;
+}
+#homepage > h2:nth-child(3) > a:nth-child(1) {
+	text-decoration: none;
+}
+h3 {
+	width: 55%;
+	margin-left: 45%;
+}
+h4 {
+	width: 55%;
+	margin-left: 45%;
+}
+ul {
+	width: 55%;
+	display: block;
+	margin-left: 40%;
+}
+li {
+	margin-top: 1%;
+	margin-left: 20%;
+}
+p {
+	max-width: 55%;
+	font-size: 1.2em;
+	margin-right: 2%;
+}
+#homepage > p:nth-child(2){
+	margin-left: 45%;
 }

-h1 {
-	text-align: center;
+.pingtest {
+	margin-left: 45%;
 }

 img {
-  display: block;
-  margin-left: auto;
-  margin-right: auto;
-  width: 50%;
+	position: absolute;
+	margin-top: 3%;
+	top: 5%;
+	left: 5%;
+	width: 35%;
+	display: inline;
+	margin-bottom: 5%;
+	padding-bottom: 5%;
+	
+}
+
+.inline {
+	display: inline;
+}
+
+.link-button {
+	margin-top: 3%;
+	padding: 2%;
+	padding-left: 5%;
+	padding-right: 5%;
+	margin-left: -3%;
+	border-radius: 20%;
+	border-style: groove;
+}
+
+.link-button:focus {
+	outline: none;
+}
+
+.link-button:active {
+	color:red;
+}
+
+figure > img {
+    max-width: 35%;
+    display: inline;
 }
--- a/1
+++ b/1
@ -0,0 +1 @@
+Reseed tools is a self-contained, easy-to-configure I2P reseed service which can be run on any OS.
--- a/doc-pak/LICENSE
+++ b/doc-pak/LICENSE
@ -0,0 +1,19 @@
+Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
--- a/doc-pak/README.md
+++ b/doc-pak/README.md
@ -0,0 +1,75 @@
+I2P Reseed Tools
+==================
+
+![Reseed Tools Poster](content/images/reseed.png)
+
+This tool provides a secure and efficient reseed server for the I2P network.
+There are several utility commands to create, sign, and validate SU3 files.
+Please note that this requires at least Go version 1.13, and uses Go Modules.
+
+Standard reseeds are distributed with the I2P packages. To get your reseed
+included, apply on [i2pforum.i2p](http://i2pforum.i2p).
+
+## Dependencies
+
+`go`, `git`, and optionally `make` are required to build the project.
+Precompiled binaries for most platforms are available at my github mirror
+https://github.com/eyedeekay/i2p-tools-1.
+
+In order to install the build-dependencies on Ubuntu or Debian, you may use:
+
+```sh
+sudo apt-get install golang-go git make
+```
+
+## Installation
+
+Reseed-tools can be run as a user, as a freestanding service, or be installed
+as an I2P Plugin. It will attempt to configure itself automatically. You should
+make sure to set the `--signer` flag or the `RESEED_EMAIL` environment variable
+to configure your signing keys/contact info.
+
+### Installation(From Source)
+
+```
+git clone https://i2pgit.org/idk/reseed-tools
+cd reseed-tools
+make build
+# Optionally, if you want to install to /usr/bin/reseed-tools
+sudo make install
+```
+
+## Usage
+
+#### Debian/Ubuntu note:
+
+It is possible to create a `.deb` package using [these instructions](docs/DEBIAN.md).
+
+Debian users who are running I2P as a system service must also run the 
+`reseed-tools` as the same user. This is so that the reseed-tools can access
+the I2P service's netDb directory. On Debian and Ubuntu, that user is `i2psvc`
+and the netDb directory is: `/var/lib/i2p/i2p-config/netDb`.
+
+## Example Commands:
+
+### Without a webserver, standalone with TLS support
+
+If this is your first time running a reseed server (ie. you don't have any existing keys),
+you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates.
+Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory
+(a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).
+
+```
+reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
+```
+
+### Locally behind a webserver (reverse proxy setup), preferred:
+
+If you are using a reverse proxy server it may provide the TLS certificate instead.
+
+```
+reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
+```
+
+- **Usage** [More examples can be found here.](docs/EXAMPLES.md)
+- **Docker** [Docker examples can be found here](docs/DOCKER.md)
--- a/doc-pak/docs/DEBIAN.html
+++ b/doc-pak/docs/DEBIAN.html
@ -0,0 +1,179 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Debian and Ubuntu Packages
+    </h1>
+    <p>
+      It&rsquo;s possible to generate a package which is compatible with Debian and Ubuntu,
+      using the command:
+    </p>
+    <pre><code class="language-sh">
+make checkinstall
+sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
+</code></pre>
+    <p>
+      This requires you to have
+      <code>
+        fakeroot
+      </code>
+      and
+      <code>
+        checkinstall
+      </code>
+      installed. Use the command
+    </p>
+    <pre><code class="language-sh">
+sudo apt-get install fakeroot checkinstall
+</code></pre>
+    <p>
+      to install them.
+    </p>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/doc-pak/docs/DEBIAN.md
+++ b/doc-pak/docs/DEBIAN.md
@ -0,0 +1,19 @@
+# Debian and Ubuntu Packages
+
+It's possible to generate a package which is compatible with Debian and Ubuntu,
+using the command:
+
+```sh
+
+make checkinstall
+sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
+```
+
+This requires you to have `fakeroot` and `checkinstall` installed. Use the command
+
+```sh
+
+sudo apt-get install fakeroot checkinstall
+```
+
+to install them.
--- a/doc-pak/docs/DOCKER.html
+++ b/doc-pak/docs/DOCKER.html
@ -0,0 +1,232 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Docker
+    </h1>
+    <p>
+      To make it easier to deploy reseeds, it is possible to run this software as a
+      Docker image. Because the software requires access to a network database to host
+      a reseed, you will need to mount the netDb as a volume inside your docker
+      container to provide access to it, and you will need to run it as the same user
+      and group inside the container as I2P.
+    </p>
+    <p>
+      When you run a reseed under Docker in this fashion, it will automatically
+      generate a self-signed certificate for your reseed server in a Docker volume
+      named reseed-keys.
+      <em>
+        Back up this directory
+      </em>
+      , if it is lost it is impossible
+      to reproduce.
+    </p>
+    <p>
+      Additional flags can be passed to the application in the Docker container by
+      appending them to the command. Please note that Docker is not currently
+      compatible with .onion reseeds unless you pass the &ndash;network=host tag.
+    </p>
+    <h2>
+      If I2P is running as your user, do this:
+    </h2>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --publish 443:8443 \
+        --restart always \
+        --volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <h2>
+      If I2P is running as another user, do this:
+    </h2>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --user $(I2P_UID) \
+        --group-add $(I2P_GID) \
+        --publish 443:8443 \
+        --restart always \
+        --volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <h2>
+      <strong>
+        Debian/Ubuntu and Docker
+      </strong>
+    </h2>
+    <p>
+      In many cases I2P will be running as the Debian system user
+      <code>
+        i2psvc
+      </code>
+      . This
+      is the case for all installs where Debian&rsquo;s Advanced Packaging Tool(apt) was
+      used to peform the task. If you used
+      <code>
+        apt-get install
+      </code>
+      this command will
+      work for you. In that case, just copy-and-paste:
+    </p>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --user $(id -u i2psvc) \
+        --group-add $(id -g i2psvc) \
+        --publish 443:8443 \
+        --restart always \
+        --volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/doc-pak/docs/DOCKER.md
+++ b/doc-pak/docs/DOCKER.md
@ -0,0 +1,58 @@
+# Docker
+
+To make it easier to deploy reseeds, it is possible to run this software as a
+Docker image. Because the software requires access to a network database to host
+a reseed, you will need to mount the netDb as a volume inside your docker
+container to provide access to it, and you will need to run it as the same user
+and group inside the container as I2P.
+
+When you run a reseed under Docker in this fashion, it will automatically
+generate a self-signed certificate for your reseed server in a Docker volume
+named reseed-keys. *Back up this directory*, if it is lost it is impossible
+to reproduce.
+
+Additional flags can be passed to the application in the Docker container by
+appending them to the command. Please note that Docker is not currently
+compatible with .onion reseeds unless you pass the --network=host tag.
+
+## If I2P is running as your user, do this:
+
+        docker run -itd \
+            --name reseed \
+            --publish 443:8443 \
+            --restart always \
+            --volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
+            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+            eyedeekay/reseed \
+                --signer $YOUR_EMAIL_HERE
+
+## If I2P is running as another user, do this:
+
+        docker run -itd \
+            --name reseed \
+            --user $(I2P_UID) \
+            --group-add $(I2P_GID) \
+            --publish 443:8443 \
+            --restart always \
+            --volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
+            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+            eyedeekay/reseed \
+                --signer $YOUR_EMAIL_HERE
+
+## **Debian/Ubuntu and Docker**
+
+In many cases I2P will be running as the Debian system user ```i2psvc```. This
+is the case for all installs where Debian's Advanced Packaging Tool(apt) was
+used to peform the task. If you used ```apt-get install``` this command will
+work for you. In that case, just copy-and-paste:
+
+        docker run -itd \
+            --name reseed \
+            --user $(id -u i2psvc) \
+            --group-add $(id -g i2psvc) \
+            --publish 443:8443 \
+            --restart always \
+            --volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
+            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+            eyedeekay/reseed \
+                --signer $YOUR_EMAIL_HERE
--- a/doc-pak/docs/EXAMPLES.html
+++ b/doc-pak/docs/EXAMPLES.html
@ -0,0 +1,179 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h2>
+      Example Commands:
+    </h2>
+    <h3>
+      Without a webserver, standalone, automatic OnionV3 with TLS support
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, serve P2P with LibP2P
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, in-network reseed
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, Regular TLS, OnionV3 with TLS
+    </h3>
+    <pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
+</code></pre>
+    <h3>
+      Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
+    </h3>
+    <pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
+</code></pre>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/doc-pak/docs/EXAMPLES.md
+++ b/doc-pak/docs/EXAMPLES.md
@ -0,0 +1,32 @@
+
+## Example Commands:
+
+### Without a webserver, standalone, automatic OnionV3 with TLS support
+
+```
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
+```
+
+### Without a webserver, standalone, serve P2P with LibP2P
+
+```
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
+```
+
+### Without a webserver, standalone, in-network reseed
+
+```
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
+```
+
+### Without a webserver, standalone, Regular TLS, OnionV3 with TLS
+
+```
+./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
+```
+
+### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
+
+```
+./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
+```
--- a/doc-pak/docs/PLUGIN.html
+++ b/doc-pak/docs/PLUGIN.html
@ -0,0 +1,263 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Plugin install URL&rsquo;s
+    </h1>
+    <p>
+      Plugin releases are available inside of i2p at
+      <a href="http://idk.i2p/reseed-tools/">
+        http://idk.i2p/reseed-tools/
+      </a>
+      and via the github mirror at
+      <a href="https://github.com/eyedeekay/reseed-tools/releases">
+        https://github.com/eyedeekay/reseed-tools/releases
+      </a>
+      .
+      These can be installed by adding them on the
+      <a href="http://127.0.0.1:7657/configplugins">
+        http://127.0.0.1:7657/configplugins
+      </a>
+      .
+    </p>
+    <p>
+      After installing the plugin, you should immediately edit the
+      <code>
+        $PLUGIN/signer
+      </code>
+      file in order to set your
+      <code>
+        --signer
+      </code>
+      email, which is used to name your keys.
+      You can find the
+      <code>
+        $PLUGIN
+      </code>
+      directory in your I2P config directory, which is
+      usually
+      <code>
+        $HOME/.i2p
+      </code>
+      on Unixes.
+    </p>
+    <p>
+      This will allow the developers to contact you if your reseed has issues
+      and will authenticate your reseed to the I2P routers that use it.
+    </p>
+    <ul>
+      <li>
+        darwin/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3
+        </a>
+      </li>
+      <li>
+        darwin/arm64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3
+        </a>
+      </li>
+      <li>
+        linux/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3
+        </a>
+      </li>
+      <li>
+        linux/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3
+        </a>
+      </li>
+      <li>
+        linux/arm:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3
+        </a>
+      </li>
+      <li>
+        linux/arm64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3
+        </a>
+      </li>
+      <li>
+        openbsd/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3
+        </a>
+      </li>
+      <li>
+        freebsd/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3
+        </a>
+      </li>
+      <li>
+        freebsd/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3
+        </a>
+      </li>
+      <li>
+        windows/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3
+        </a>
+      </li>
+      <li>
+        windows/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3
+        </a>
+      </li>
+    </ul>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/doc-pak/docs/PLUGIN.md
+++ b/doc-pak/docs/PLUGIN.md
@ -0,0 +1,26 @@
+# Plugin install URL's
+
+Plugin releases are available inside of i2p at http://idk.i2p/reseed-tools/
+and via the github mirror at https://github.com/eyedeekay/reseed-tools/releases.
+These can be installed by adding them on the 
+[http://127.0.0.1:7657/configplugins](http://127.0.0.1:7657/configplugins).
+
+After installing the plugin, you should immediately edit the `$PLUGIN/signer`
+file in order to set your `--signer` email, which is used to name your keys.
+You can find the `$PLUGIN` directory in your I2P config directory, which is
+usually `$HOME/.i2p` on Unixes.
+
+This will allow the developers to contact you if your reseed has issues
+and will authenticate your reseed to the I2P routers that use it.
+
+- darwin/amd64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3)
+- darwin/arm64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3)
+- linux/386: [http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3)
+- linux/amd64: [http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3)
+- linux/arm: [http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3)
+- linux/arm64: [http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3)
+- openbsd/amd64: [http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3)
+- freebsd/386: [http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3](http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3)
+- freebsd/amd64: [http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3)
+- windows/amd64: [http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3)
+- windows/386: [http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3](http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3)
--- a/doc-pak/docs/PROXY.md
+++ b/doc-pak/docs/PROXY.md
--- a/doc-pak/docs/README.md
+++ b/doc-pak/docs/README.md
@ -0,0 +1,91 @@
+Configure an I2P Reseed Server Very Rapidly on Debian and Ubuntu
+================================================================
+
+It is possible to easily and automatically configure a reseed server
+with a self-signed certificate on any Debian-based operating system,
+including Ubuntu and it's downstreams. This is achieved using the `checkinstall`
+tool to set up the software dependencies and the operating system to
+run the `I2P` service and the `reseed` service.
+
+Using a binary package
+----------------------
+
+If you do not wish to build from source, you can use a binary package
+from me. This package is built from this repo with the `make checkinstall`
+target and uploaded by me. I build it on an up-to-date Debian `sid` system
+at tag time. It contains a static binary and files for configuring it as a
+system service.
+
+```sh
+
+wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
+# Obtain the checksum from the release web page
+echo "38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb" > SHA256SUMS
+sha256sums -c SHA256SUMS
+sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
+```
+
+Building the `.deb` package from the source(Optional)
+-----------------------------------------------------
+
+If your software is too old, it's possible that the binary package I build will
+not work for you. It's very easy to generate your own from the source code in this
+repository.
+
+\\**1.** Install the build dependencies
+
+```sh
+
+sudo apt-get install fakeroot checkinstall go git make
+```
+
+\\**2.** Clone the source code
+
+```sh
+
+git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
+```
+
+\\**3.** Generate the `.deb` package using the `make checkinstall` target
+
+```sh
+
+cd ~/go/src/i2pgit.org/idk/reseed-tools
+make checkinstall
+```
+
+\\**4.** Install the `.deb` package
+
+```sh
+
+sudo apt-get install ./reseed-tools_*.deb
+```
+
+Running the Service
+-------------------
+
+\\**1.** First, ensure that the I2P service is already running. The longer the better,
+if you have to re-start the service, or if the service has very few peers, allow it to
+run for 24 hours before advancing to step **2.**
+
+```sh
+
+sudo systemctl start i2p
+# or, if you use sysvinit
+sudo service i2p start
+```
+
+\\**2.** Once your I2P router is "Well-Integrated," start the reseed service.
+
+```sh
+
+sudo systemctl start reseed
+# or, if you use sysvinit
+sudo service reseed start
+```
+
+Your reseed will auto-configure with a self-signed certificate on port `:8443`. The
+certificates themselves are available in `/var/lib/i2p/i2p-config/reseed`. When
+you are ready, you should copy the `*.crt` files from that directory and share them
+witth the I2P community on [`zzz.i2p`](http://zzz.i2p). These will allow I2P users
+to authenticate your reseed services and secure the I2P network.
--- a/doc-pak/docs/REMOTE.md
+++ b/doc-pak/docs/REMOTE.md
@ -0,0 +1,34 @@
+Using a remote Network Database
+-------------------------------
+
+Beginning in `reseed-tools 2.5.0` it is possible to use reseed-tools to "share" a netDb directory on one host with a reseed server on another hose.
+This feature is built into the reseed-tools software.
+It is also possible to do this manually using `sshfs`, `ssh` combined with `cron`, and most available backup utilities like `borg` and `syncthing`.
+This guide only covers `reseed-tools`.
+
+Password-Protected Sharing of NetDB content over I2P
+----------------------------------------------------
+
+Run this command on a well-integrated I2P router which is **not** hosting a reseed server on the same IP address.
+To share the whole contents of your netDb directory over I2P, run reseed-tools with the following arguments:
+
+```sh
+reseed-tools share --share-password $(use_a_strong_password) --netdb $(path_to_your_netdb)
+```
+
+In a few seconds, you will have a new I2P site which will provide your netDb as a `.tar.gz` file to anyone with the password.
+Make a note of the base32 address of the new site for the next step.
+
+Password-Protected Retrieval of Shared NetDB content over I2P
+-------------------------------------------------------------
+
+Run this command on a router hosting which **is** hosting a reseed server on the same IP address, or add the arguments to your existing command.
+To retrieve a remote NetDB bundle from a hidden service, run reseed tools with the following arguments:
+
+```sh
+reseed-tools reseed --share-peer $(thebase32addressyoumadeanoteofaboveintheotherstepnow.b32.i2p) --share-password $(use_a_strong_password) --netdb $(path_to_your_netdb)
+```
+
+Periodically, the remote `netdb.tar.gz` bundle will be fetched from the remote server and extracted to the `--netdb` directory.
+If the `--netdb` directory is not empty, local RI's are left intact and never overwritten, essentially combining the local and remote netDb.
+If the directory is empty, the remote netDb will be the only netDb used by the reseed server.
--- a/doc-pak/docs/SERVICES.html
+++ b/doc-pak/docs/SERVICES.html
@ -0,0 +1,254 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Service Integration
+    </h1>
+    <p>
+      Support for running as a system service as part of the reseed package
+      is new. PR&rsquo;s that improve integration are welcome.
+    </p>
+    <h2>
+      Systemd Service
+    </h2>
+    <p>
+      A systemd service is provided which should work with the I2P Debian package
+      when reseed-tools is installed in
+      <code>
+        /usr/bin/reseed-tools
+      </code>
+      . If you install with
+      <code>
+        make install
+      </code>
+      this service is also installed. This service will cause the
+      bundles to regenerate every 12 hours.
+    </p>
+    <p>
+      The contact email for your reseed should be added in:
+      <code>
+        /etc/systemd/system/reseed.service.d/override.conf
+      </code>
+      .
+    </p>
+    <p>
+      Self-signed certificates will be auto-generated for these services. To change
+      this you should edit the
+      <code>
+        /etc/systemd/system/reseed.service
+      </code>
+      . For instance:
+    </p>
+    <pre><code>ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb --trustProxy --ip=127.0.0.1
+</code></pre>
+    <p>
+      to disable self-signed certificate generation.
+    </p>
+    <ul>
+      <li>
+        To enable starting the reseed service automatically with the system:
+        <code>
+          sudo systemctl enable reseed.service
+        </code>
+      </li>
+      <li>
+        To run the service manually:
+        <code>
+          sudo sysctl start reseed.service
+        </code>
+        <br />
+      </li>
+      <li>
+        To reload the systemd services:
+        <code>
+          sudo systemctl daemon-reload
+        </code>
+      </li>
+      <li>
+        To view the status/logs:
+        <code>
+          sudo journalctl -u reseed.service
+        </code>
+      </li>
+    </ul>
+    <h2>
+      SysV Service
+    </h2>
+    <p>
+      An initscript is also provided. The initscript, unlike the systemd service,
+      cannot schedule itself to restart. You should restart the service roughly once
+      a day to ensure that the information does not expire.
+    </p>
+    <p>
+      The contact email for your reseed should be added in:
+      <code>
+        /etc/init.d/reseed
+      </code>
+      .
+    </p>
+    <p>
+      Self-signed certificates will be auto-generated for these services.
+      To change this you should edit the
+      <code>
+        /etc/default/reseed
+      </code>
+      .
+      Create a
+      <code>
+        MORE_OPTIONS=&quot;&quot;
+      </code>
+      field. For instance:
+    </p>
+    <pre><code class="language-sh">MORE_OPTIONS=&quot;--trustProxy --ip=127.0.0.1&quot;
+</code></pre>
+    <p>
+      will disable self-signed certificate generation.
+    </p>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/doc-pak/docs/SERVICES.md
+++ b/doc-pak/docs/SERVICES.md
@ -0,0 +1,47 @@
+# Service Integration
+
+Support for running as a system service as part of the reseed package
+is new. PR's that improve integration are welcome.
+
+## Systemd Service
+
+A systemd service is provided which should work with the I2P Debian package
+when reseed-tools is installed in `/usr/bin/reseed-tools`. If you install with
+`make install` this service is also installed. This service will cause the
+bundles to regenerate every 12 hours.
+
+The contact email for your reseed should be added in:
+`/etc/systemd/system/reseed.service.d/override.conf`.
+
+Self-signed certificates will be auto-generated for these services. To change
+this you should edit the `/etc/systemd/system/reseed.service`. For instance:
+
+```
+ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb --trustProxy --ip=127.0.0.1
+```
+
+to disable self-signed certificate generation.
+
+- To enable starting the reseed service automatically with the system: `sudo systemctl enable reseed.service`
+- To run the service manually: `sudo sysctl start reseed.service`  
+- To reload the systemd services: `sudo systemctl daemon-reload`
+- To view the status/logs: `sudo journalctl -u reseed.service`
+
+## SysV Service
+
+An initscript is also provided. The initscript, unlike the systemd service,
+cannot schedule itself to restart. You should restart the service roughly once
+a day to ensure that the information does not expire.
+
+The contact email for your reseed should be added in:
+`/etc/init.d/reseed`.
+
+Self-signed certificates will be auto-generated for these services.
+To change this you should edit the `/etc/default/reseed`.
+Create a `MORE_OPTIONS=""` field. For instance:
+
+```sh
+MORE_OPTIONS="--trustProxy --ip=127.0.0.1"
+```
+
+will disable self-signed certificate generation.
--- a/doc-pak/docs/TLS.html
+++ b/doc-pak/docs/TLS.html
@ -0,0 +1,263 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      TLS Configuration for your Reseed Server
+    </h1>
+    <p>
+      By default,
+      <code>
+        reseed-tools
+      </code>
+      will generate self-signed certificates for your reseed service.
+      This is so that it can use TLS by default, and so that it can offer self-signed certificates when operating in
+      <code>
+        .onion
+      </code>
+      mode.
+      It is also possible to configure
+      <code>
+        reseed-tools
+      </code>
+      without TLS certificates,
+      or to configure it to use ACME in order to automtically obtain a certificate from Let&rsquo;s Encrypt.
+    </p>
+    <p>
+      I2P does not rely on TLS Certificate Authorities to authenticate reseed servers.
+      Instead, the certificates are effectively &ldquo;Pinned&rdquo; in the software, after manual review by the I2P developers and the community.
+      It is acceptable to use self-signed certificates in this fashion because they are not summarily trusted.
+      A self-signed certificate which is not configured in the I2P software will not work when serving a reseed to an I2P router.
+    </p>
+    <h2>
+      Disable TLS
+    </h2>
+    <p>
+      If you do this, it is highly recommended that you use a reverse proxy such as
+      <code>
+        Apache2
+      </code>
+      or
+      <code>
+        nginx
+      </code>
+      to provide a TLS connection to clients.
+      Alternatively, you could run
+      <code>
+        reseed-tools
+      </code>
+      as an
+      <code>
+        .onion
+      </code>
+      service and rely on Tor for encryption and authentication.
+    </p>
+    <p>
+      You can disable automatic TLS configuration with the
+      <code>
+        --trustProxy
+      </code>
+      flag like this:
+    </p>
+    <pre><code class="language-sh">
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --trustProxy --ip=127.0.0.1
+</code></pre>
+    <h2>
+      Setup Self-Signed TLS non-interactively
+    </h2>
+    <p>
+      If you don&rsquo;t want to interactively configure TLS but still want to use self-signed certificates, you can pass the
+      <code>
+        --yes
+      </code>
+      flag, which will use the defaults for all config values.
+    </p>
+    <pre><code class="language-sh">
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --yes
+</code></pre>
+    <h2>
+      Use ACME to acquire TLS certificate
+    </h2>
+    <p>
+      Instead of self-signed certificates, if you want to chain up to a TLS CA, you can.
+      To automate this process using an ACME CA, like Let&rsquo;s Encrypt, you can use the
+      <code>
+        --acme
+      </code>
+      flag.
+      Be sure to change the
+      <code>
+        --acmeserver
+      </code>
+      option in order to use a
+      <strong>
+        production
+      </strong>
+      ACME server, as
+      the software defaults to a
+      <strong>
+        staging
+      </strong>
+      ACME server for testing purposes.
+    </p>
+    <p>
+      This functionality is new and may have issues. Please file bug reports at (i2pgit)[
+      <a href="https://i2pgit.org/idk/reseed-tools)">
+        https://i2pgit.org/idk/reseed-tools)
+      </a>
+      or
+      <a href="https://github.com/eyedeekay/reseed-tools">
+        github
+      </a>
+      .
+    </p>
+    <pre><code class="language-sh">
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --acme --acmeserver=&quot;https://acme-v02.api.letsencrypt.org/directory&quot;
+</code></pre>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/doc-pak/docs/TLS.md
+++ b/doc-pak/docs/TLS.md
@ -0,0 +1,50 @@
+TLS Configuration for your Reseed Server
+========================================
+
+By default, `reseed-tools` will generate self-signed certificates for your reseed service.
+This is so that it can use TLS by default, and so that it can offer self-signed certificates when operating in `.onion` mode.
+It is also possible to configure `reseed-tools` without TLS certificates,
+or to configure it to use ACME in order to automtically obtain a certificate from Let's Encrypt.
+
+I2P does not rely on TLS Certificate Authorities to authenticate reseed servers.
+Instead, the certificates are effectively "Pinned" in the software, after manual review by the I2P developers and the community.
+It is acceptable to use self-signed certificates in this fashion because they are not summarily trusted.
+A self-signed certificate which is not configured in the I2P software will not work when serving a reseed to an I2P router.
+
+Disable TLS
+-----------
+
+If you do this, it is highly recommended that you use a reverse proxy such as `Apache2` or `nginx` to provide a TLS connection to clients.
+Alternatively, you could run `reseed-tools` as an `.onion` service and rely on Tor for encryption and authentication.
+
+You can disable automatic TLS configuration with the `--trustProxy` flag like this:
+
+```sh
+
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --trustProxy --ip=127.0.0.1
+```
+
+Setup Self-Signed TLS non-interactively
+---------------------------------------
+
+If you don't want to interactively configure TLS but still want to use self-signed certificates, you can pass the `--yes` flag, which will use the defaults for all config values.
+
+```sh
+
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --yes
+```
+
+Use ACME to acquire TLS certificate
+-----------------------------------
+
+Instead of self-signed certificates, if you want to chain up to a TLS CA, you can.
+To automate this process using an ACME CA, like Let's Encrypt, you can use the `--acme` flag.
+Be sure to change the `--acmeserver` option in order to use a **production** ACME server, as
+the software defaults to a **staging** ACME server for testing purposes.
+
+This functionality is new and may have issues. Please file bug reports at (i2pgit)[https://i2pgit.org/idk/reseed-tools) or [github](https://github.com/eyedeekay/reseed-tools).
+
+```sh
+
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --acme --acmeserver="https://acme-v02.api.letsencrypt.org/directory"
+```
--- a/doc-pak/docs/UPGRADE.md
+++ b/doc-pak/docs/UPGRADE.md
@ -0,0 +1,40 @@
+Upgrading from an older version of reseed-tools
+===============================================
+
+This reseed server sometimes gains helpful features that reseed operators may wish to use.
+Additionally, it is possible that at some point we'll need to release a security update.
+This document provides a path to upgrade the various binary distributions of reseed-tools.
+
+Debian and Ubuntu Users
+-----------------------
+
+1. Shut down the existing `reseed-tools` service.
+ If you are using `sysvinit` or something like it, you should be able to run: `sudo service reseed stop`.
+ If you are using `systemd` you should be able to run `sudo systemctl stop reseed`.
+ If those commands don't work, use `killall reseed-tools`
+2. Download the `.deb` package from the Github Releases page.
+ Make sure you get the right package for your ARCH/OS pair.
+ Most will need the `_amd64.deb` package.
+3. Install the package using: `sudo dpkg -i ./reseed-tools*.deb`
+
+Docker Users
+------------
+
+1. Build the container locally: `docker build -t eyedeekay/reseed .`
+2. Stop the container: `docker stop reseed`
+3. Start the container: `docker start reseed`
+
+Freestanding `tar.gz` Users, People who built from source
+---------------------------------------------------------
+
+1. Shut down the existing `reseed-tools` service.
+ If you are using `sysvinit` or something like it, you should be able to run: `sudo service reseed stop`.
+ If you are using `systemd` you should be able to run `sudo systemctl stop reseed`.
+ If those commands don't work, use `killall reseed-tools`
+2. Extract the tar file: `tar xzf reseed-tools.tgz`
+3. Copy the `reseed-tools` binary to the correct location if you're on `amd64` or compile it if you are not.
+ `cp reseed-tools reseed-tools-linux-amd64`
+ OR
+ `make build`
+4. Install the new software and service management files:
+ `sudo make install`
--- a/doc-pak/docs/index.html
+++ b/doc-pak/docs/index.html
@ -0,0 +1,318 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Configure an I2P Reseed Server Very Rapidly on Debian and Ubuntu
+    </h1>
+    <p>
+      It is possible to easily and automatically configure a reseed server
+      with a self-signed certificate on any Debian-based operating system,
+      including Ubuntu and it&rsquo;s downstreams. This is achieved using the
+      <code>
+        checkinstall
+      </code>
+      tool to set up the software dependencies and the operating system to
+      run the
+      <code>
+        I2P
+      </code>
+      service and the
+      <code>
+        reseed
+      </code>
+      service.
+    </p>
+    <h2>
+      Using a binary package
+    </h2>
+    <p>
+      If you do not wish to build from source, you can use a binary package
+      from me. This package is built from this repo with the
+      <code>
+        make checkinstall
+      </code>
+      target and uploaded by me. I build it on an up-to-date Debian
+      <code>
+        sid
+      </code>
+      system
+      at tag time. It contains a static binary and files for configuring it as a
+      system service.
+    </p>
+    <pre><code class="language-sh">
+wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
+# Obtain the checksum from the release web page
+echo &quot;38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb&quot; &gt; SHA256SUMS
+sha256sums -c SHA256SUMS
+sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
+</code></pre>
+    <h2>
+      Building the
+      <code>
+        .deb
+      </code>
+      package from the source(Optional)
+    </h2>
+    <p>
+      If your software is too old, it&rsquo;s possible that the binary package I build will
+      not work for you. It&rsquo;s very easy to generate your own from the source code in this
+      repository.
+    </p>
+    <p>
+      \
+      <strong>
+        1.
+      </strong>
+      Install the build dependencies
+    </p>
+    <pre><code class="language-sh">
+sudo apt-get install fakeroot checkinstall go git make
+</code></pre>
+    <p>
+      \
+      <strong>
+        2.
+      </strong>
+      Clone the source code
+    </p>
+    <pre><code class="language-sh">
+git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
+</code></pre>
+    <p>
+      \
+      <strong>
+        3.
+      </strong>
+      Generate the
+      <code>
+        .deb
+      </code>
+      package using the
+      <code>
+        make checkinstall
+      </code>
+      target
+    </p>
+    <pre><code class="language-sh">
+cd ~/go/src/i2pgit.org/idk/reseed-tools
+make checkinstall
+</code></pre>
+    <p>
+      \
+      <strong>
+        4.
+      </strong>
+      Install the
+      <code>
+        .deb
+      </code>
+      package
+    </p>
+    <pre><code class="language-sh">
+sudo apt-get install ./reseed-tools_*.deb
+</code></pre>
+    <h2>
+      Running the Service
+    </h2>
+    <p>
+      \
+      <strong>
+        1.
+      </strong>
+      First, ensure that the I2P service is already running. The longer the better,
+      if you have to re-start the service, or if the service has very few peers, allow it to
+      run for 24 hours before advancing to step
+      <strong>
+        2.
+      </strong>
+    </p>
+    <pre><code class="language-sh">
+sudo systemctl start i2p
+# or, if you use sysvinit
+sudo service i2p start
+</code></pre>
+    <p>
+      \
+      <strong>
+        2.
+      </strong>
+      Once your I2P router is &ldquo;Well-Integrated,&rdquo; start the reseed service.
+    </p>
+    <pre><code class="language-sh">
+sudo systemctl start reseed
+# or, if you use sysvinit
+sudo service reseed start
+</code></pre>
+    <p>
+      Your reseed will auto-configure with a self-signed certificate on port
+      <code>
+        :8443
+      </code>
+      . The
+      certificates themselves are available in
+      <code>
+        /var/lib/i2p/i2p-config/reseed
+      </code>
+      . When
+      you are ready, you should copy the
+      <code>
+        *.crt
+      </code>
+      files from that directory and share them
+      witth the I2P community on
+      <a href="http://zzz.i2p">
+        <code>
+          zzz.i2p
+        </code>
+      </a>
+      . These will allow I2P users
+      to authenticate your reseed services and secure the I2P network.
+    </p>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/doc-pak/docs/showhider.css
+++ b/doc-pak/docs/showhider.css
@ -0,0 +1,15 @@
+/* edgar showhider CSS file */
+#show {display:none; }
+#hide {display:block; }
+#show:target {display: block; }
+#hide:target {display: none; }
+
+#shownav {display:none; }
+#hidenav {display:block; }
+#shownav:target {display: block; }
+#hidenav:target {display: none; }
+
+#donate {display:none; }
+#hidedonate {display:block; }
+#donate:target {display: block; }
+#hidedonate:target {display: none; }
--- a/doc-pak/docs/style.css
+++ b/doc-pak/docs/style.css
@ -0,0 +1,165 @@
+/* edgar default CSS file */
+
+body {
+    font-family: "Roboto";
+    font-family: monospace;
+    text-align: justify;
+    background-color: #373636;
+    color: whitesmoke;
+    font-size: 1.15em;
+}
+
+ul {
+    width: 55%;
+    display: block;
+}
+
+ol {
+    width: 55%;
+    display: block;
+}
+
+li {
+    margin-top: 1%;
+}
+
+p {
+    max-width: 90%;
+    margin-top: 1%;
+    margin-left: 3%;
+    margin-right: 3%;
+}
+
+img {
+    float: left;
+    top: 5%;
+    left: 5%;
+    max-width: 60%;
+    display: inline;
+    padding-right: 2%;
+}
+
+.inline {
+    display: inline;
+}
+
+.link-button:focus {
+    outline: none;
+}
+
+.link-button:active {
+    color: red;
+}
+
+code {
+    font-family: monospace;
+    border-radius: 5%;
+    padding: 1%;
+    border-color: darkgray;
+    font-size: .9em;
+}
+
+a {
+    color: #C6D9FE;
+    padding: 1%;
+}
+
+ul li {
+    color: #C6D9FE;
+}
+
+iframe {
+    background: aliceblue;
+    border-radius: 15%;
+    margin: 2%;
+}
+
+.container {
+    width: 36vw;
+    height: 64vh;
+    display: inline-block;
+    margin: 0;
+    padding: 0;
+}
+
+.editor-toolbar a {
+    display: inline-block;
+    text-align: center;
+    text-decoration: none !important;
+    color: whitesmoke !important;
+}
+
+#feed {
+    width: 60vw;
+    height: unset !important;
+    margin: 0;
+    padding: 0;
+    float: right;
+    background-color: #373636;
+    color: whitesmoke;
+    border: #C6D9FE solid 1px;
+}
+
+.thread-post,
+.thread {
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.thread-post {
+    margin-left: 4%;
+}
+
+input {
+    text-align: center;
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font: normal normal normal 14px/1 FontAwesome;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.thread-hash {
+    text-align: right;
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.post-body {
+    text-align: left;
+    color: whitesmoke !important;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+#show {display:none; }
+#hide {display:block; }
+#show:target {display: block; }
+#hide:target {display: none; }
+
+#shownav {display:none; }
+#hidenav {display:block; }
+#shownav:target {display: block; }
+#hidenav:target {display: none; }
+
+#navbar {
+	float: right;
+	width: 15%;
+}
+#returnhome {
+    font-size: xxx-large;
+    display: inline;
+}
+h1 {
+    display: inline;
+}
--- a/docs/DEBIAN.html
+++ b/docs/DEBIAN.html
@ -0,0 +1,179 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Debian and Ubuntu Packages
+    </h1>
+    <p>
+      It&rsquo;s possible to generate a package which is compatible with Debian and Ubuntu,
+      using the command:
+    </p>
+    <pre><code class="language-sh">
+make checkinstall
+sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
+</code></pre>
+    <p>
+      This requires you to have
+      <code>
+        fakeroot
+      </code>
+      and
+      <code>
+        checkinstall
+      </code>
+      installed. Use the command
+    </p>
+    <pre><code class="language-sh">
+sudo apt-get install fakeroot checkinstall
+</code></pre>
+    <p>
+      to install them.
+    </p>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/docs/DEBIAN.md
+++ b/docs/DEBIAN.md
@ -0,0 +1,19 @@
+# Debian and Ubuntu Packages
+
+It's possible to generate a package which is compatible with Debian and Ubuntu,
+using the command:
+
+```sh
+
+make checkinstall
+sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
+```
+
+This requires you to have `fakeroot` and `checkinstall` installed. Use the command
+
+```sh
+
+sudo apt-get install fakeroot checkinstall
+```
+
+to install them.
--- a/docs/DOCKER.html
+++ b/docs/DOCKER.html
@ -0,0 +1,232 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Docker
+    </h1>
+    <p>
+      To make it easier to deploy reseeds, it is possible to run this software as a
+      Docker image. Because the software requires access to a network database to host
+      a reseed, you will need to mount the netDb as a volume inside your docker
+      container to provide access to it, and you will need to run it as the same user
+      and group inside the container as I2P.
+    </p>
+    <p>
+      When you run a reseed under Docker in this fashion, it will automatically
+      generate a self-signed certificate for your reseed server in a Docker volume
+      named reseed-keys.
+      <em>
+        Back up this directory
+      </em>
+      , if it is lost it is impossible
+      to reproduce.
+    </p>
+    <p>
+      Additional flags can be passed to the application in the Docker container by
+      appending them to the command. Please note that Docker is not currently
+      compatible with .onion reseeds unless you pass the &ndash;network=host tag.
+    </p>
+    <h2>
+      If I2P is running as your user, do this:
+    </h2>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --publish 443:8443 \
+        --restart always \
+        --volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <h2>
+      If I2P is running as another user, do this:
+    </h2>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --user $(I2P_UID) \
+        --group-add $(I2P_GID) \
+        --publish 443:8443 \
+        --restart always \
+        --volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <h2>
+      <strong>
+        Debian/Ubuntu and Docker
+      </strong>
+    </h2>
+    <p>
+      In many cases I2P will be running as the Debian system user
+      <code>
+        i2psvc
+      </code>
+      . This
+      is the case for all installs where Debian&rsquo;s Advanced Packaging Tool(apt) was
+      used to peform the task. If you used
+      <code>
+        apt-get install
+      </code>
+      this command will
+      work for you. In that case, just copy-and-paste:
+    </p>
+    <pre><code>    docker run -itd \
+        --name reseed \
+        --user $(id -u i2psvc) \
+        --group-add $(id -g i2psvc) \
+        --publish 443:8443 \
+        --restart always \
+        --volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
+        --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+        eyedeekay/reseed \
+            --signer $YOUR_EMAIL_HERE
+</code></pre>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/docs/DOCKER.md
+++ b/docs/DOCKER.md
@ -0,0 +1,58 @@
+# Docker
+
+To make it easier to deploy reseeds, it is possible to run this software as a
+Docker image. Because the software requires access to a network database to host
+a reseed, you will need to mount the netDb as a volume inside your docker
+container to provide access to it, and you will need to run it as the same user
+and group inside the container as I2P.
+
+When you run a reseed under Docker in this fashion, it will automatically
+generate a self-signed certificate for your reseed server in a Docker volume
+named reseed-keys. *Back up this directory*, if it is lost it is impossible
+to reproduce.
+
+Additional flags can be passed to the application in the Docker container by
+appending them to the command. Please note that Docker is not currently
+compatible with .onion reseeds unless you pass the --network=host tag.
+
+## If I2P is running as your user, do this:
+
+        docker run -itd \
+            --name reseed \
+            --publish 443:8443 \
+            --restart always \
+            --volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
+            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+            eyedeekay/reseed \
+                --signer $YOUR_EMAIL_HERE
+
+## If I2P is running as another user, do this:
+
+        docker run -itd \
+            --name reseed \
+            --user $(I2P_UID) \
+            --group-add $(I2P_GID) \
+            --publish 443:8443 \
+            --restart always \
+            --volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
+            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+            eyedeekay/reseed \
+                --signer $YOUR_EMAIL_HERE
+
+## **Debian/Ubuntu and Docker**
+
+In many cases I2P will be running as the Debian system user ```i2psvc```. This
+is the case for all installs where Debian's Advanced Packaging Tool(apt) was
+used to peform the task. If you used ```apt-get install``` this command will
+work for you. In that case, just copy-and-paste:
+
+        docker run -itd \
+            --name reseed \
+            --user $(id -u i2psvc) \
+            --group-add $(id -g i2psvc) \
+            --publish 443:8443 \
+            --restart always \
+            --volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
+            --volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
+            eyedeekay/reseed \
+                --signer $YOUR_EMAIL_HERE
--- a/docs/EXAMPLES.html
+++ b/docs/EXAMPLES.html
@ -0,0 +1,179 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h2>
+      Example Commands:
+    </h2>
+    <h3>
+      Without a webserver, standalone, automatic OnionV3 with TLS support
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, serve P2P with LibP2P
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, in-network reseed
+    </h3>
+    <pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
+</code></pre>
+    <h3>
+      Without a webserver, standalone, Regular TLS, OnionV3 with TLS
+    </h3>
+    <pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
+</code></pre>
+    <h3>
+      Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
+    </h3>
+    <pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
+</code></pre>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/docs/EXAMPLES.md
+++ b/docs/EXAMPLES.md
@ -0,0 +1,32 @@
+
+## Example Commands:
+
+### Without a webserver, standalone, automatic OnionV3 with TLS support
+
+```
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
+```
+
+### Without a webserver, standalone, serve P2P with LibP2P
+
+```
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
+```
+
+### Without a webserver, standalone, in-network reseed
+
+```
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
+```
+
+### Without a webserver, standalone, Regular TLS, OnionV3 with TLS
+
+```
+./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
+```
+
+### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
+
+```
+./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
+```
--- a/docs/PLUGIN.html
+++ b/docs/PLUGIN.html
@ -0,0 +1,263 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Plugin install URL&rsquo;s
+    </h1>
+    <p>
+      Plugin releases are available inside of i2p at
+      <a href="http://idk.i2p/reseed-tools/">
+        http://idk.i2p/reseed-tools/
+      </a>
+      and via the github mirror at
+      <a href="https://github.com/eyedeekay/reseed-tools/releases">
+        https://github.com/eyedeekay/reseed-tools/releases
+      </a>
+      .
+      These can be installed by adding them on the
+      <a href="http://127.0.0.1:7657/configplugins">
+        http://127.0.0.1:7657/configplugins
+      </a>
+      .
+    </p>
+    <p>
+      After installing the plugin, you should immediately edit the
+      <code>
+        $PLUGIN/signer
+      </code>
+      file in order to set your
+      <code>
+        --signer
+      </code>
+      email, which is used to name your keys.
+      You can find the
+      <code>
+        $PLUGIN
+      </code>
+      directory in your I2P config directory, which is
+      usually
+      <code>
+        $HOME/.i2p
+      </code>
+      on Unixes.
+    </p>
+    <p>
+      This will allow the developers to contact you if your reseed has issues
+      and will authenticate your reseed to the I2P routers that use it.
+    </p>
+    <ul>
+      <li>
+        darwin/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3
+        </a>
+      </li>
+      <li>
+        darwin/arm64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3
+        </a>
+      </li>
+      <li>
+        linux/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3
+        </a>
+      </li>
+      <li>
+        linux/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3
+        </a>
+      </li>
+      <li>
+        linux/arm:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3
+        </a>
+      </li>
+      <li>
+        linux/arm64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3
+        </a>
+      </li>
+      <li>
+        openbsd/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3
+        </a>
+      </li>
+      <li>
+        freebsd/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3
+        </a>
+      </li>
+      <li>
+        freebsd/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3
+        </a>
+      </li>
+      <li>
+        windows/amd64:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3
+        </a>
+      </li>
+      <li>
+        windows/386:
+        <a href="http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3">
+          http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3
+        </a>
+      </li>
+    </ul>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/docs/PLUGIN.md
+++ b/docs/PLUGIN.md
@ -0,0 +1,26 @@
+# Plugin install URL's
+
+Plugin releases are available inside of i2p at http://idk.i2p/reseed-tools/
+and via the github mirror at https://github.com/eyedeekay/reseed-tools/releases.
+These can be installed by adding them on the 
+[http://127.0.0.1:7657/configplugins](http://127.0.0.1:7657/configplugins).
+
+After installing the plugin, you should immediately edit the `$PLUGIN/signer`
+file in order to set your `--signer` email, which is used to name your keys.
+You can find the `$PLUGIN` directory in your I2P config directory, which is
+usually `$HOME/.i2p` on Unixes.
+
+This will allow the developers to contact you if your reseed has issues
+and will authenticate your reseed to the I2P routers that use it.
+
+- darwin/amd64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3)
+- darwin/arm64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3)
+- linux/386: [http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3)
+- linux/amd64: [http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-amd64.su3)
+- linux/arm: [http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-arm.su3)
+- linux/arm64: [http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-arm64.su3)
+- openbsd/amd64: [http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-openbsd-amd64.su3)
+- freebsd/386: [http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3](http://idk.i2p/reseed-tools/reseed-tools-freebsd-386.su3)
+- freebsd/amd64: [http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-freebsd-amd64.su3)
+- windows/amd64: [http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-windows-amd64.su3)
+- windows/386: [http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3](http://idk.i2p/reseed-tools/reseed-tools-windows-386.su3)
--- a/docs/PROXY.md
+++ b/docs/PROXY.md
--- a/docs/README.md
+++ b/docs/README.md
@ -0,0 +1,91 @@
+Configure an I2P Reseed Server Very Rapidly on Debian and Ubuntu
+================================================================
+
+It is possible to easily and automatically configure a reseed server
+with a self-signed certificate on any Debian-based operating system,
+including Ubuntu and it's downstreams. This is achieved using the `checkinstall`
+tool to set up the software dependencies and the operating system to
+run the `I2P` service and the `reseed` service.
+
+Using a binary package
+----------------------
+
+If you do not wish to build from source, you can use a binary package
+from me. This package is built from this repo with the `make checkinstall`
+target and uploaded by me. I build it on an up-to-date Debian `sid` system
+at tag time. It contains a static binary and files for configuring it as a
+system service.
+
+```sh
+
+wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
+# Obtain the checksum from the release web page
+echo "38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb" > SHA256SUMS
+sha256sums -c SHA256SUMS
+sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
+```
+
+Building the `.deb` package from the source(Optional)
+-----------------------------------------------------
+
+If your software is too old, it's possible that the binary package I build will
+not work for you. It's very easy to generate your own from the source code in this
+repository.
+
+\\**1.** Install the build dependencies
+
+```sh
+
+sudo apt-get install fakeroot checkinstall go git make
+```
+
+\\**2.** Clone the source code
+
+```sh
+
+git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
+```
+
+\\**3.** Generate the `.deb` package using the `make checkinstall` target
+
+```sh
+
+cd ~/go/src/i2pgit.org/idk/reseed-tools
+make checkinstall
+```
+
+\\**4.** Install the `.deb` package
+
+```sh
+
+sudo apt-get install ./reseed-tools_*.deb
+```
+
+Running the Service
+-------------------
+
+\\**1.** First, ensure that the I2P service is already running. The longer the better,
+if you have to re-start the service, or if the service has very few peers, allow it to
+run for 24 hours before advancing to step **2.**
+
+```sh
+
+sudo systemctl start i2p
+# or, if you use sysvinit
+sudo service i2p start
+```
+
+\\**2.** Once your I2P router is "Well-Integrated," start the reseed service.
+
+```sh
+
+sudo systemctl start reseed
+# or, if you use sysvinit
+sudo service reseed start
+```
+
+Your reseed will auto-configure with a self-signed certificate on port `:8443`. The
+certificates themselves are available in `/var/lib/i2p/i2p-config/reseed`. When
+you are ready, you should copy the `*.crt` files from that directory and share them
+witth the I2P community on [`zzz.i2p`](http://zzz.i2p). These will allow I2P users
+to authenticate your reseed services and secure the I2P network.
--- a/docs/REMOTE-SSH.md
+++ b/docs/REMOTE-SSH.md
@ -0,0 +1,94 @@
+Using a remote Network Database with SSH
+========================================
+
+Beginning in `reseed-tools 2.5.0` it is possible to use reseed-tools to "share" a netDb directory on one host with a reseed server on another host.
+This feature is built into the reseed-tools software.
+It is also possible to do this manually using `sshfs`, `ssh` combined with `cron`, and most available backup utilities like `borg` and `syncthing`.
+This guide only covers `rsync+ssh` and `cron` where I2P is running as a user(not as `i2psvc`).
+It requires 2 hosts with exposed SSH ports that can reach eachother.
+It also pretty much assumes you're using something based on Debian.
+
+Why?
+----
+
+In most setups, a reseed service is using a network database which is kept on the same server as the I2P router where it finds it's netDb.
+This is convenient, however if reseed servers are targeted for a RouterInfo spam attack, then the reseed server could potentially be overwhelmed with spammy routerInfos.
+That impairs a new user's ability to join the network and slows down network integration.
+
+SSH-Protected Retrieval of NetDB content over I2P
+-----------------------------------------------
+
+In this guide, the NetDB is retrieved from a remote router by the reseed server.
+
+### On the Remote Router
+
+Install openssh-server and rsync and enable the service:
+
+```sh
+sudo apt install openssh-server rsync
+sudo systemctl enable ssh
+```
+
+### On the Reseed Server
+
+Set up SSH and generate new keys, without passwords:
+
+```sh
+ssh-keygen -f ~/.ssh/netdb_sync_ed25519 -N ""
+```
+
+Then, copy the keys to the remote router:
+
+```sh
+ssh-copy-id -f ~/.ssh/netdb_sync_ed25519 $(UserRunningI2P)@$(RemoteRouter)
+```
+
+After, set up the `cron` job to copy the netDB.
+
+```sh
+crontab -e
+>>
+* 30 * * *  rsync --update -raz $(UserRunningI2P)@$(RemoteRouter):$(/Path/To/Remote/NetDB) $(Path/To/My/NetDB)
+```
+
+SSH-Protected Sharing of NetDB content over I2P
+-----------------------------------------------
+
+In this guide, the NetDB is pushed to a reseed server by a remote router.
+
+### On the Reseed Server
+
+Install openssh-server and rsync and enable the service:
+
+```sh
+sudo apt install openssh-server rsync
+sudo systemctl enable ssh
+```
+
+Next, stop your reseed server.
+
+```sh
+killall reseed-tools
+```
+
+### On the Remote Router
+
+Start by setting up SSH and generating new keys, without passwords:
+
+```sh
+ssh-keygen -f ~/.ssh/netdb_sync_ed25519 -N ""
+```
+
+Then, copy the keys to the Reseed Server:
+
+```sh
+ssh-copy-id -f ~/.ssh/netdb_sync_ed25519 $(UserRunningReseed)@$(ReseedServer)
+```
+
+After, set up the `cron` job to copy the netDB.
+
+```sh
+crontab -e
+>>
+* 30 * * *  rsync --update -raz $(/Path/To/My/NetDB) $(UserRunningReseed)@$(ReseedServer):/$(Path/To/Reseed/NetDB)
+```
--- a/docs/REMOTE.md
+++ b/docs/REMOTE.md
@ -0,0 +1,47 @@
+Using a remote Network Database
+===============================
+
+Beginning in `reseed-tools 2.5.0` it is possible to use reseed-tools to "share" a netDb directory on one host with a reseed server on another host.
+This feature is built into the reseed-tools software.
+It is also possible to do this manually using `sshfs`, `ssh` combined with `cron`, and most available backup utilities like `borg` and `syncthing`.
+This guide only covers `reseed-tools`.
+It requires only `reseed-tools` and an I2P router.
+Presumably, if you are reading this document, you are already comfortable running both of these pieces of software.
+
+Why?
+----
+
+In most setups, a reseed service is using a network database which is kept on the same server as the I2P router where it finds it's netDb.
+This is convenient, however if reseed servers are targeted for a RouterInfo spam attack, then the reseed server could potentially be overwhelmed with spammy RouterInfos.
+That impairs a new user's ability to join the network and slows down network integration.
+
+Password-Protected Sharing of NetDB content over I2P
+----------------------------------------------------
+
+This method uses SAMv3 via the `onramp` library with `wide` tunnel options(1 hop, 2 tunnels) on both sides.
+By using I2P, this method trades some performance for ofuscation.
+However, the data is tiny so in-practice it works very well.
+
+Run this command on a well-integrated I2P router which is **not** hosting a reseed server on the same IP address.
+To share the whole contents of your netDb directory over I2P, run reseed-tools with the following arguments:
+
+```sh
+reseed-tools share --share-password $(use_a_strong_password) --netdb $(path_to_your_netdb)
+```
+
+In a few seconds, you will have a new I2P site which will provide your netDb as a `.tar.gz` file to anyone with the password.
+Make a note of the base32 address of the new site for the next step.
+
+Password-Protected Retrieval of Shared NetDB content over I2P
+-------------------------------------------------------------
+
+Run this command on a router hosting which **is** hosting a reseed server on the same IP address, or add the arguments to your existing command.
+To retrieve a remote NetDB bundle from a hidden service, run reseed tools with the following arguments:
+
+```sh
+reseed-tools reseed --share-peer $(thebase32addressyoumadeanoteofaboveintheotherstepnow.b32.i2p) --share-password $(use_a_strong_password) --netdb $(path_to_your_netdb)
+```
+
+Periodically, the remote `netdb.tar.gz` bundle will be fetched from the remote server and extracted to the `--netdb` directory.
+If the `--netdb` directory is not empty, local RI's are left intact and never overwritten, essentially combining the local and remote netDb.
+If the directory is empty, the remote netDb will be the only netDb used by the reseed server.
--- a/docs/SERVICES.html
+++ b/docs/SERVICES.html
@ -0,0 +1,254 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Service Integration
+    </h1>
+    <p>
+      Support for running as a system service as part of the reseed package
+      is new. PR&rsquo;s that improve integration are welcome.
+    </p>
+    <h2>
+      Systemd Service
+    </h2>
+    <p>
+      A systemd service is provided which should work with the I2P Debian package
+      when reseed-tools is installed in
+      <code>
+        /usr/bin/reseed-tools
+      </code>
+      . If you install with
+      <code>
+        make install
+      </code>
+      this service is also installed. This service will cause the
+      bundles to regenerate every 12 hours.
+    </p>
+    <p>
+      The contact email for your reseed should be added in:
+      <code>
+        /etc/systemd/system/reseed.service.d/override.conf
+      </code>
+      .
+    </p>
+    <p>
+      Self-signed certificates will be auto-generated for these services. To change
+      this you should edit the
+      <code>
+        /etc/systemd/system/reseed.service
+      </code>
+      . For instance:
+    </p>
+    <pre><code>ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb --trustProxy --ip=127.0.0.1
+</code></pre>
+    <p>
+      to disable self-signed certificate generation.
+    </p>
+    <ul>
+      <li>
+        To enable starting the reseed service automatically with the system:
+        <code>
+          sudo systemctl enable reseed.service
+        </code>
+      </li>
+      <li>
+        To run the service manually:
+        <code>
+          sudo sysctl start reseed.service
+        </code>
+        <br />
+      </li>
+      <li>
+        To reload the systemd services:
+        <code>
+          sudo systemctl daemon-reload
+        </code>
+      </li>
+      <li>
+        To view the status/logs:
+        <code>
+          sudo journalctl -u reseed.service
+        </code>
+      </li>
+    </ul>
+    <h2>
+      SysV Service
+    </h2>
+    <p>
+      An initscript is also provided. The initscript, unlike the systemd service,
+      cannot schedule itself to restart. You should restart the service roughly once
+      a day to ensure that the information does not expire.
+    </p>
+    <p>
+      The contact email for your reseed should be added in:
+      <code>
+        /etc/init.d/reseed
+      </code>
+      .
+    </p>
+    <p>
+      Self-signed certificates will be auto-generated for these services.
+      To change this you should edit the
+      <code>
+        /etc/default/reseed
+      </code>
+      .
+      Create a
+      <code>
+        MORE_OPTIONS=&quot;&quot;
+      </code>
+      field. For instance:
+    </p>
+    <pre><code class="language-sh">MORE_OPTIONS=&quot;--trustProxy --ip=127.0.0.1&quot;
+</code></pre>
+    <p>
+      will disable self-signed certificate generation.
+    </p>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/docs/SERVICES.md
+++ b/docs/SERVICES.md
@ -0,0 +1,47 @@
+# Service Integration
+
+Support for running as a system service as part of the reseed package
+is new. PR's that improve integration are welcome.
+
+## Systemd Service
+
+A systemd service is provided which should work with the I2P Debian package
+when reseed-tools is installed in `/usr/bin/reseed-tools`. If you install with
+`make install` this service is also installed. This service will cause the
+bundles to regenerate every 12 hours.
+
+The contact email for your reseed should be added in:
+`/etc/systemd/system/reseed.service.d/override.conf`.
+
+Self-signed certificates will be auto-generated for these services. To change
+this you should edit the `/etc/systemd/system/reseed.service`. For instance:
+
+```
+ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb --trustProxy --ip=127.0.0.1
+```
+
+to disable self-signed certificate generation.
+
+- To enable starting the reseed service automatically with the system: `sudo systemctl enable reseed.service`
+- To run the service manually: `sudo sysctl start reseed.service`  
+- To reload the systemd services: `sudo systemctl daemon-reload`
+- To view the status/logs: `sudo journalctl -u reseed.service`
+
+## SysV Service
+
+An initscript is also provided. The initscript, unlike the systemd service,
+cannot schedule itself to restart. You should restart the service roughly once
+a day to ensure that the information does not expire.
+
+The contact email for your reseed should be added in:
+`/etc/init.d/reseed`.
+
+Self-signed certificates will be auto-generated for these services.
+To change this you should edit the `/etc/default/reseed`.
+Create a `MORE_OPTIONS=""` field. For instance:
+
+```sh
+MORE_OPTIONS="--trustProxy --ip=127.0.0.1"
+```
+
+will disable self-signed certificate generation.
--- a/docs/TLS.html
+++ b/docs/TLS.html
@ -0,0 +1,263 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      TLS Configuration for your Reseed Server
+    </h1>
+    <p>
+      By default,
+      <code>
+        reseed-tools
+      </code>
+      will generate self-signed certificates for your reseed service.
+      This is so that it can use TLS by default, and so that it can offer self-signed certificates when operating in
+      <code>
+        .onion
+      </code>
+      mode.
+      It is also possible to configure
+      <code>
+        reseed-tools
+      </code>
+      without TLS certificates,
+      or to configure it to use ACME in order to automtically obtain a certificate from Let&rsquo;s Encrypt.
+    </p>
+    <p>
+      I2P does not rely on TLS Certificate Authorities to authenticate reseed servers.
+      Instead, the certificates are effectively &ldquo;Pinned&rdquo; in the software, after manual review by the I2P developers and the community.
+      It is acceptable to use self-signed certificates in this fashion because they are not summarily trusted.
+      A self-signed certificate which is not configured in the I2P software will not work when serving a reseed to an I2P router.
+    </p>
+    <h2>
+      Disable TLS
+    </h2>
+    <p>
+      If you do this, it is highly recommended that you use a reverse proxy such as
+      <code>
+        Apache2
+      </code>
+      or
+      <code>
+        nginx
+      </code>
+      to provide a TLS connection to clients.
+      Alternatively, you could run
+      <code>
+        reseed-tools
+      </code>
+      as an
+      <code>
+        .onion
+      </code>
+      service and rely on Tor for encryption and authentication.
+    </p>
+    <p>
+      You can disable automatic TLS configuration with the
+      <code>
+        --trustProxy
+      </code>
+      flag like this:
+    </p>
+    <pre><code class="language-sh">
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --trustProxy --ip=127.0.0.1
+</code></pre>
+    <h2>
+      Setup Self-Signed TLS non-interactively
+    </h2>
+    <p>
+      If you don&rsquo;t want to interactively configure TLS but still want to use self-signed certificates, you can pass the
+      <code>
+        --yes
+      </code>
+      flag, which will use the defaults for all config values.
+    </p>
+    <pre><code class="language-sh">
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --yes
+</code></pre>
+    <h2>
+      Use ACME to acquire TLS certificate
+    </h2>
+    <p>
+      Instead of self-signed certificates, if you want to chain up to a TLS CA, you can.
+      To automate this process using an ACME CA, like Let&rsquo;s Encrypt, you can use the
+      <code>
+        --acme
+      </code>
+      flag.
+      Be sure to change the
+      <code>
+        --acmeserver
+      </code>
+      option in order to use a
+      <strong>
+        production
+      </strong>
+      ACME server, as
+      the software defaults to a
+      <strong>
+        staging
+      </strong>
+      ACME server for testing purposes.
+    </p>
+    <p>
+      This functionality is new and may have issues. Please file bug reports at (i2pgit)[
+      <a href="https://i2pgit.org/idk/reseed-tools)">
+        https://i2pgit.org/idk/reseed-tools)
+      </a>
+      or
+      <a href="https://github.com/eyedeekay/reseed-tools">
+        github
+      </a>
+      .
+    </p>
+    <pre><code class="language-sh">
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --acme --acmeserver=&quot;https://acme-v02.api.letsencrypt.org/directory&quot;
+</code></pre>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/docs/TLS.md
+++ b/docs/TLS.md
@ -0,0 +1,50 @@
+TLS Configuration for your Reseed Server
+========================================
+
+By default, `reseed-tools` will generate self-signed certificates for your reseed service.
+This is so that it can use TLS by default, and so that it can offer self-signed certificates when operating in `.onion` mode.
+It is also possible to configure `reseed-tools` without TLS certificates,
+or to configure it to use ACME in order to automtically obtain a certificate from Let's Encrypt.
+
+I2P does not rely on TLS Certificate Authorities to authenticate reseed servers.
+Instead, the certificates are effectively "Pinned" in the software, after manual review by the I2P developers and the community.
+It is acceptable to use self-signed certificates in this fashion because they are not summarily trusted.
+A self-signed certificate which is not configured in the I2P software will not work when serving a reseed to an I2P router.
+
+Disable TLS
+-----------
+
+If you do this, it is highly recommended that you use a reverse proxy such as `Apache2` or `nginx` to provide a TLS connection to clients.
+Alternatively, you could run `reseed-tools` as an `.onion` service and rely on Tor for encryption and authentication.
+
+You can disable automatic TLS configuration with the `--trustProxy` flag like this:
+
+```sh
+
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --trustProxy --ip=127.0.0.1
+```
+
+Setup Self-Signed TLS non-interactively
+---------------------------------------
+
+If you don't want to interactively configure TLS but still want to use self-signed certificates, you can pass the `--yes` flag, which will use the defaults for all config values.
+
+```sh
+
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --yes
+```
+
+Use ACME to acquire TLS certificate
+-----------------------------------
+
+Instead of self-signed certificates, if you want to chain up to a TLS CA, you can.
+To automate this process using an ACME CA, like Let's Encrypt, you can use the `--acme` flag.
+Be sure to change the `--acmeserver` option in order to use a **production** ACME server, as
+the software defaults to a **staging** ACME server for testing purposes.
+
+This functionality is new and may have issues. Please file bug reports at (i2pgit)[https://i2pgit.org/idk/reseed-tools) or [github](https://github.com/eyedeekay/reseed-tools).
+
+```sh
+
+./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --acme --acmeserver="https://acme-v02.api.letsencrypt.org/directory"
+```
--- a/docs/UPGRADE.md
+++ b/docs/UPGRADE.md
@ -0,0 +1,40 @@
+Upgrading from an older version of reseed-tools
+===============================================
+
+This reseed server sometimes gains helpful features that reseed operators may wish to use.
+Additionally, it is possible that at some point we'll need to release a security update.
+This document provides a path to upgrade the various binary distributions of reseed-tools.
+
+Debian and Ubuntu Users
+-----------------------
+
+1. Shut down the existing `reseed-tools` service.
+ If you are using `sysvinit` or something like it, you should be able to run: `sudo service reseed stop`.
+ If you are using `systemd` you should be able to run `sudo systemctl stop reseed`.
+ If those commands don't work, use `killall reseed-tools`
+2. Download the `.deb` package from the Github Releases page.
+ Make sure you get the right package for your ARCH/OS pair.
+ Most will need the `_amd64.deb` package.
+3. Install the package using: `sudo dpkg -i ./reseed-tools*.deb`
+
+Docker Users
+------------
+
+1. Build the container locally: `docker build -t eyedeekay/reseed .`
+2. Stop the container: `docker stop reseed`
+3. Start the container: `docker start reseed`
+
+Freestanding `tar.gz` Users, People who built from source
+---------------------------------------------------------
+
+1. Shut down the existing `reseed-tools` service.
+ If you are using `sysvinit` or something like it, you should be able to run: `sudo service reseed stop`.
+ If you are using `systemd` you should be able to run `sudo systemctl stop reseed`.
+ If those commands don't work, use `killall reseed-tools`
+2. Extract the tar file: `tar xzf reseed-tools.tgz`
+3. Copy the `reseed-tools` binary to the correct location if you're on `amd64` or compile it if you are not.
+ `cp reseed-tools reseed-tools-linux-amd64`
+ OR
+ `make build`
+4. Install the new software and service management files:
+ `sudo make install`
--- a/docs/index.html
+++ b/docs/index.html
@ -0,0 +1,318 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href=""></a>
+            </li>
+            <li>
+              <a href="DEBIAN.html">
+                DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="DOCKER.html">
+                DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="EXAMPLES.html">
+                EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="PLUGIN.html">
+                PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="SERVICES.html">
+                SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="TLS.html">
+                TLS
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      Configure an I2P Reseed Server Very Rapidly on Debian and Ubuntu
+    </h1>
+    <p>
+      It is possible to easily and automatically configure a reseed server
+      with a self-signed certificate on any Debian-based operating system,
+      including Ubuntu and it&rsquo;s downstreams. This is achieved using the
+      <code>
+        checkinstall
+      </code>
+      tool to set up the software dependencies and the operating system to
+      run the
+      <code>
+        I2P
+      </code>
+      service and the
+      <code>
+        reseed
+      </code>
+      service.
+    </p>
+    <h2>
+      Using a binary package
+    </h2>
+    <p>
+      If you do not wish to build from source, you can use a binary package
+      from me. This package is built from this repo with the
+      <code>
+        make checkinstall
+      </code>
+      target and uploaded by me. I build it on an up-to-date Debian
+      <code>
+        sid
+      </code>
+      system
+      at tag time. It contains a static binary and files for configuring it as a
+      system service.
+    </p>
+    <pre><code class="language-sh">
+wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
+# Obtain the checksum from the release web page
+echo &quot;38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb&quot; &gt; SHA256SUMS
+sha256sums -c SHA256SUMS
+sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
+</code></pre>
+    <h2>
+      Building the
+      <code>
+        .deb
+      </code>
+      package from the source(Optional)
+    </h2>
+    <p>
+      If your software is too old, it&rsquo;s possible that the binary package I build will
+      not work for you. It&rsquo;s very easy to generate your own from the source code in this
+      repository.
+    </p>
+    <p>
+      \
+      <strong>
+        1.
+      </strong>
+      Install the build dependencies
+    </p>
+    <pre><code class="language-sh">
+sudo apt-get install fakeroot checkinstall go git make
+</code></pre>
+    <p>
+      \
+      <strong>
+        2.
+      </strong>
+      Clone the source code
+    </p>
+    <pre><code class="language-sh">
+git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
+</code></pre>
+    <p>
+      \
+      <strong>
+        3.
+      </strong>
+      Generate the
+      <code>
+        .deb
+      </code>
+      package using the
+      <code>
+        make checkinstall
+      </code>
+      target
+    </p>
+    <pre><code class="language-sh">
+cd ~/go/src/i2pgit.org/idk/reseed-tools
+make checkinstall
+</code></pre>
+    <p>
+      \
+      <strong>
+        4.
+      </strong>
+      Install the
+      <code>
+        .deb
+      </code>
+      package
+    </p>
+    <pre><code class="language-sh">
+sudo apt-get install ./reseed-tools_*.deb
+</code></pre>
+    <h2>
+      Running the Service
+    </h2>
+    <p>
+      \
+      <strong>
+        1.
+      </strong>
+      First, ensure that the I2P service is already running. The longer the better,
+      if you have to re-start the service, or if the service has very few peers, allow it to
+      run for 24 hours before advancing to step
+      <strong>
+        2.
+      </strong>
+    </p>
+    <pre><code class="language-sh">
+sudo systemctl start i2p
+# or, if you use sysvinit
+sudo service i2p start
+</code></pre>
+    <p>
+      \
+      <strong>
+        2.
+      </strong>
+      Once your I2P router is &ldquo;Well-Integrated,&rdquo; start the reseed service.
+    </p>
+    <pre><code class="language-sh">
+sudo systemctl start reseed
+# or, if you use sysvinit
+sudo service reseed start
+</code></pre>
+    <p>
+      Your reseed will auto-configure with a self-signed certificate on port
+      <code>
+        :8443
+      </code>
+      . The
+      certificates themselves are available in
+      <code>
+        /var/lib/i2p/i2p-config/reseed
+      </code>
+      . When
+      you are ready, you should copy the
+      <code>
+        *.crt
+      </code>
+      files from that directory and share them
+      witth the I2P community on
+      <a href="http://zzz.i2p">
+        <code>
+          zzz.i2p
+        </code>
+      </a>
+      . These will allow I2P users
+      to authenticate your reseed services and secure the I2P network.
+    </p>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/docs/showhider.css
+++ b/docs/showhider.css
@ -0,0 +1,15 @@
+/* edgar showhider CSS file */
+#show {display:none; }
+#hide {display:block; }
+#show:target {display: block; }
+#hide:target {display: none; }
+
+#shownav {display:none; }
+#hidenav {display:block; }
+#shownav:target {display: block; }
+#hidenav:target {display: none; }
+
+#donate {display:none; }
+#hidedonate {display:block; }
+#donate:target {display: block; }
+#hidedonate:target {display: none; }
--- a/docs/style.css
+++ b/docs/style.css
@ -0,0 +1,165 @@
+/* edgar default CSS file */
+
+body {
+    font-family: "Roboto";
+    font-family: monospace;
+    text-align: justify;
+    background-color: #373636;
+    color: whitesmoke;
+    font-size: 1.15em;
+}
+
+ul {
+    width: 55%;
+    display: block;
+}
+
+ol {
+    width: 55%;
+    display: block;
+}
+
+li {
+    margin-top: 1%;
+}
+
+p {
+    max-width: 90%;
+    margin-top: 1%;
+    margin-left: 3%;
+    margin-right: 3%;
+}
+
+img {
+    float: left;
+    top: 5%;
+    left: 5%;
+    max-width: 60%;
+    display: inline;
+    padding-right: 2%;
+}
+
+.inline {
+    display: inline;
+}
+
+.link-button:focus {
+    outline: none;
+}
+
+.link-button:active {
+    color: red;
+}
+
+code {
+    font-family: monospace;
+    border-radius: 5%;
+    padding: 1%;
+    border-color: darkgray;
+    font-size: .9em;
+}
+
+a {
+    color: #C6D9FE;
+    padding: 1%;
+}
+
+ul li {
+    color: #C6D9FE;
+}
+
+iframe {
+    background: aliceblue;
+    border-radius: 15%;
+    margin: 2%;
+}
+
+.container {
+    width: 36vw;
+    height: 64vh;
+    display: inline-block;
+    margin: 0;
+    padding: 0;
+}
+
+.editor-toolbar a {
+    display: inline-block;
+    text-align: center;
+    text-decoration: none !important;
+    color: whitesmoke !important;
+}
+
+#feed {
+    width: 60vw;
+    height: unset !important;
+    margin: 0;
+    padding: 0;
+    float: right;
+    background-color: #373636;
+    color: whitesmoke;
+    border: #C6D9FE solid 1px;
+}
+
+.thread-post,
+.thread {
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.thread-post {
+    margin-left: 4%;
+}
+
+input {
+    text-align: center;
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font: normal normal normal 14px/1 FontAwesome;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.thread-hash {
+    text-align: right;
+    color: whitesmoke !important;
+    background-color: #373636;
+    border: 1px solid darkgray;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+
+.post-body {
+    text-align: left;
+    color: whitesmoke !important;
+    font-size: inherit;
+    padding-top: 1%;
+    padding-bottom: 1%;
+}
+#show {display:none; }
+#hide {display:block; }
+#show:target {display: block; }
+#hide:target {display: none; }
+
+#shownav {display:none; }
+#hidenav {display:block; }
+#shownav:target {display: block; }
+#hidenav:target {display: none; }
+
+#navbar {
+	float: right;
+	width: 15%;
+}
+#returnhome {
+    font-size: xxx-large;
+    display: inline;
+}
+h1 {
+    display: inline;
+}
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -1,5 +1,7 @@
 #! /usr/bin/env sh

-cp -r /var/lib/i2p/go/src/github.com/eyedeekay/i2p-tools-1/content ./content
+cd /var/lib/i2p/i2p-config/reseed

-/var/lib/i2p/go/src/github.com/eyedeekay/i2p-tools-1/i2p-tools-1 reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb $@
+cp -r /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/content ./content
+
+/var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb $@
--- a/etc/default/reseed
+++ b/etc/default/reseed
@ -0,0 +1,3 @@
+# Edit the contact/signing email used by your reseed server here
+# Required: Set a valid email address
+export RESEED_EMAIL=""
--- a/etc/init.d/reseed
+++ b/etc/init.d/reseed
@ -1,49 +1,75 @@
-#!/bin/sh
+#!/bin/bash
 ### BEGIN INIT INFO
-# Provides:          samcatd
+# Provides:          reseed
 # Required-Start:    $local_fs $network $named $time $syslog
 # Required-Stop:     $local_fs $network $named $time $syslog
 # Default-Start:     2 3 4 5
 # Default-Stop:      0 1 6
-# Description:       <DESCRIPTION>
+# Description:       an I2P reseed server
 ### END INIT INFO

-SCRIPT='/usr/local/bin/i2p-tools'
+SCRIPT='/usr/bin/reseed-tools'
 RUNAS=i2psvc
 NETDBDIR=/var/lib/i2p/i2p-config/netDb
 RUNDIR=/var/lib/i2p/i2p-config/reseed
-SIGNER=you@mail.i2p
 MORE_OPTIONS=""
+PIDFILE="$RUNDIR/reseed.pid"
+TIMEOUT=60
 if [ -f /etc/default/reseed ]; then
-    source /etc/default/reseed
+    . /etc/default/reseed
 fi
-RUNOPTS=" reseed --signer=$SIGNER --netdb=$NETDBDIR $MORE_OPTIONS "
-
-rundir(){
-    if [ !-d $RUNDIR ]; then
-        install -d -oi2psvc -m2770 $RUNDIR
-    fi
-    cd $RUNDIR
-}
+RUNOPTS=" reseed --yes=true --netdb=$NETDBDIR $MORE_OPTIONS "

 start() {
-    rundir
-    su - $RUNAS $SCRIPT $RUNOPTS --restart=start
+    if [ ! -d "$RUNDIR" ]; then
+        mkdir -p "$RUNDIR"
+        chown $RUNAS:$RUNAS "$RUNDIR"
+    fi
+    if [ -z "$RESEED_EMAIL" ]; then
+        echo "Error: RESEED_EMAIL not configured" >&2
+        return 1
+    fi
+    start-stop-daemon --background \
+        --user $RUNAS \
+        --chuid $RUNAS \
+        --exec $SCRIPT \
+        --chdir $RUNDIR \
+        --make-pidfile \
+        --pidfile $PIDFILE \
+        --start \
+        --startas $SCRIPT -- $RUNOPTS
+
+    for i in $(seq 1 $TIMEOUT); do
+        if status >/dev/null; then
+            return 0
+        fi
+        sleep 1
+    done
+    return 1
 }

 stop() {
-    rundir
-    su - $RUNAS $SCRIPT $RUNOPTS --restart=stop
-}
-
-start() {
-    rundir
-    su - $RUNAS $SCRIPT $RUNOPTS --restart=restart
+    start-stop-daemon \
+      --user $RUNAS \
+      --exec $SCRIPT \
+      --chdir $RUNDIR \
+      --remove-pidfile \
+      --pidfile $RUNDIR/reseed.pid \
+      --stop
 }

 status() {
-    rundir
-    su - $RUNAS $SCRIPT $RUNOPTS --restart=status
+    start-stop-daemon \
+      --user $RUNAS \
+      --exec $SCRIPT \
+      --chdir $RUNDIR \
+      --pidfile $RUNDIR/reseed.pid \
+      --status
+}
+
+restart() {
+    stop
+    start
 }

 uninstall() {
@ -53,7 +79,7 @@ uninstall() {
  if [ "$SURE" = "yes" ]; then
    stop
    rm -f "$PIDFILE"
-    echo "Notice: log file is not be removed: '$LOGFILE'" >&2
+    echo "Notice: log file is not removed" >&2
    update-rc.d -f reseed remove
    rm -fv "$0"
  fi
@ -76,5 +102,5 @@ case "$1" in
    restart
    ;;
  *)
-    echo "Usage: $0 {start|stop|restart|uninstall}"
+    echo "Usage: $0 {start|stop|restart|uninstall|status}"
 esac
--- a/etc/systemd/system/reseed.service
+++ b/etc/systemd/system/reseed.service
@ -0,0 +1,20 @@
+[Unit]
+Description=I2P reseed service
+After=network.target
+StartLimitIntervalSec=0
+Requires=i2p.service
+
+[Service]
+User=i2psvc
+WorkingDirectory=/var/lib/i2p/i2p-config/reseed
+ExecStart=/usr/bin/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb
+Restart=always
+RestartSec=10
+RuntimeMaxSec=43200
+StandardOutput=journal
+StandardError=journal
+#MemoryMax=512M
+#CPUQuota=50%
+
+[Install]
+WantedBy=multi-user.target
--- a/etc/systemd/system/reseed.service.d/override.conf
+++ b/etc/systemd/system/reseed.service.d/override.conf
@ -0,0 +1,6 @@
+# Use this file to configure the contact/signer email used for the reseed service.
+# without it the reseed will fail to start.
+
+[Service]
+# Required: Set a valid email address
+Environment="RESEED_EMAIL="
--- a/go.mod
+++ b/go.mod
@ -1,38 +1,25 @@
 module i2pgit.org/idk/reseed-tools

-go 1.13
+go 1.16

 require (
-	github.com/btcsuite/btcd v0.21.0-beta // indirect
-	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
-	github.com/cretz/bine v0.1.0
-	github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c // indirect
-	github.com/eyedeekay/ramp v0.0.0-20190429201811-305b382042ab // indirect
-	github.com/eyedeekay/sam3 v0.32.32
-	github.com/gomodule/redigo v1.8.3 // indirect
-	github.com/google/gopacket v1.1.19 // indirect
-	github.com/google/uuid v1.1.2 // indirect
+	github.com/cretz/bine v0.2.0
+	github.com/eyedeekay/checki2cp v0.33.8
+	github.com/eyedeekay/go-i2pd v0.0.0-20220213070306-9807541b2dfc
+	github.com/eyedeekay/i2pkeys v0.33.8
+	github.com/eyedeekay/onramp v0.33.7
+	github.com/eyedeekay/sam3 v0.33.8
+	github.com/eyedeekay/unembed v0.0.0-20230123014222-9916b121855b
+	github.com/go-acme/lego/v4 v4.3.1
+	github.com/go-i2p/go-i2p v0.0.0-20250130205134-f144c457ba5d
 	github.com/gorilla/handlers v1.5.1
-	github.com/jackpal/gateway v1.0.6 // indirect
 	github.com/justinas/alice v1.2.0
-	github.com/koron/go-ssdp v0.0.2 // indirect
-	github.com/libp2p/go-libp2p v0.13.0
-	github.com/libp2p/go-libp2p-core v0.8.0
-	github.com/libp2p/go-libp2p-gostream v0.3.0
-	github.com/libp2p/go-libp2p-http v0.2.0
-	github.com/libp2p/go-libp2p-noise v0.1.2 // indirect
-	github.com/libp2p/go-netroute v0.1.4 // indirect
-	github.com/libp2p/go-sockaddr v0.1.0 // indirect
-	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/throttled/throttled v2.2.4+incompatible
-	github.com/urfave/cli v1.22.5
-	gitlab.com/golang-commonmark/linkify v0.0.0-20200225224916-64bca66f6ad3 // indirect
+	github.com/otiai10/copy v1.14.0
+	github.com/rglonek/untar v0.0.1
+	github.com/throttled/throttled/v2 v2.7.1
+	github.com/urfave/cli/v3 v3.0.0-alpha
 	gitlab.com/golang-commonmark/markdown v0.0.0-20191127184510-91b5b3c99c19
-	go.opencensus.io v0.22.5 // indirect
-	go.uber.org/multierr v1.6.0 // indirect
-	go.uber.org/zap v1.16.0 // indirect
-	golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad // indirect
-	golang.org/x/net v0.0.0-20201224014010-6772e930b67b // indirect
-	golang.org/x/sys v0.0.0-20201223074533-0d417f636930 // indirect
-	golang.org/x/text v0.3.4
+	golang.org/x/text v0.15.0
 )
+
+//replace github.com/go-i2p/go-i2p => ../../../github.com/go-i2p/go-i2p
--- a/go.sum
+++ b/go.sum
--- a/history.txt
+++ b/history.txt
@ -1,44 +0,0 @@
-2019-11-16
- * allow multiple reseed transports from the same application
- * incorporate libp2p(ipfs) listener from RTradeLtd/i2p-tools-1 master
- * in-network(I2P) reseeds in case there's a point to that.
- * self-supervising reseed service, if it crashes it will restart itself
- * add an initscript
-
-2019-06-27
- * automatically configuring Tor Onionv3 Server
-
-2019-04-21
- * app.Version = "0.1.7"
- * enabling TLS 1.3 *only*
-
-2016-12-21
- * deactivating previous random time delta, makes only sense when patching ri too
- * app.Version = "0.1.6"
-
-2016-10-09
- * seed the math random generator with time.Now().UnixNano()
- * added 6h+6h random time delta at su3-age to increase anonymity
- * app.Version = "0.1.5"
-
-
-2016-05-15
- * README.md updated
- * allowed routerInfos age increased from 96 to 192 hours
- * app.Version = "0.1.4"
-
-2016-03-05
- * app.Version = "0.1.3"
- * CRL creation added
-
-2016-01-31
- * allowed TLS ciphers updated (hardened)
- * TLS certificate generation: RSA 4096 --> ECDSAWithSHA512 384bit secp384r1
- * ECDHE handshake: only CurveP384 + CurveP521, default CurveP256 removed
- * TLS certificate valid: 2y --> 5y
- * throttled.PerDay(4) --> PerHour(4), to enable limited testing
- * su3 RebuildInterval: 24h --> 90h, higher anonymity for the running i2p-router
- * numRi per su3 file: 75 --> 77
-
-2016-01
- * fork from https://github.com/eyedeekay/i2p-tools-1
--- a/i2plogo.png
+++ b/i2plogo.png
--- a/index.html
+++ b/index.html
@ -0,0 +1,302 @@
+<html>
+  <head>
+    <title>
+      I2P Reseed Tools
+    </title>
+    <meta name="author" content="eyedeekay" />
+    <meta name="description" content="reseed-tools" />
+    <meta name="keywords" content="master" />
+    <link rel="stylesheet" type="text/css" href="style.css" />
+    <link rel="stylesheet" type="text/css" href="showhider.css" />
+  </head>
+  <body>
+    <div id="navbar">
+      <a href="#shownav">
+        Show navigation
+      </a>
+      <div id="shownav">
+        <div id="hidenav">
+          <ul>
+            <li>
+              <a href="..">
+                Up one level ^
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index
+              </a>
+            </li>
+            <li>
+              <a href="CHANGELOG.html">
+                CHANGELOG
+              </a>
+            </li>
+            <li>
+              <a href="content/index.html">
+                content/index.html
+              </a>
+            </li>
+            <li>
+              <a href="docs/index.html">
+                docs/index.html
+              </a>
+            </li>
+            <li>
+              <a href="index.html">
+                index.html
+              </a>
+            </li>
+            <li>
+              <a href="docs/DEBIAN.html">
+                docs/DEBIAN
+              </a>
+            </li>
+            <li>
+              <a href="docs/DOCKER.html">
+                docs/DOCKER
+              </a>
+            </li>
+            <li>
+              <a href="docs/EXAMPLES.html">
+                docs/EXAMPLES
+              </a>
+            </li>
+            <li>
+              <a href="docs/PLUGIN.html">
+                docs/PLUGIN
+              </a>
+            </li>
+            <li>
+              <a href="docs/index.html">
+                docs/index
+              </a>
+            </li>
+            <li>
+              <a href="docs/SERVICES.html">
+                docs/SERVICES
+              </a>
+            </li>
+            <li>
+              <a href="docs/TLS.html">
+                docs/TLS
+              </a>
+            </li>
+            <li>
+              <a href="docs/index.html">
+                docs/index.html
+              </a>
+            </li>
+          </ul>
+          <br>
+          <a href="#hidenav">
+            Hide Navigation
+          </a>
+        </div>
+      </div>
+    </div>
+    <a id="returnhome" href="/">
+      /
+    </a>
+    <h1>
+      I2P Reseed Tools
+    </h1>
+    <p>
+      <img src="content/images/reseed.png" alt="Reseed Tools Poster" />
+    </p>
+    <p>
+      This tool provides a secure and efficient reseed server for the I2P network.
+      There are several utility commands to create, sign, and validate SU3 files.
+      Please note that this requires at least Go version 1.13, and uses Go Modules.
+    </p>
+    <p>
+      Standard reseeds are distributed with the I2P packages. To get your reseed
+      included, apply on
+      <a href="http://zzz.i2p">
+        zzz.i2p
+      </a>
+      .
+    </p>
+    <h2>
+      Dependencies
+    </h2>
+    <p>
+      <code>
+        go
+      </code>
+      ,
+      <code>
+        git
+      </code>
+      , and optionally
+      <code>
+        make
+      </code>
+      are required to build the project.
+      Precompiled binaries for most platforms are available at my github mirror
+      <a href="https://github.com/eyedeekay/i2p-tools-1">
+        https://github.com/eyedeekay/i2p-tools-1
+      </a>
+      .
+    </p>
+    <p>
+      In order to install the build-dependencies on Ubuntu or Debian, you may use:
+    </p>
+    <pre><code class="language-sh">sudo apt-get install golang-go git make
+</code></pre>
+    <h2>
+      Installation
+    </h2>
+    <p>
+      Reseed-tools can be run as a user, as a freestanding service, or be installed
+      as an I2P Plugin. It will attempt to configure itself automatically. You should
+      make sure to set the
+      <code>
+        --signer
+      </code>
+      flag or the
+      <code>
+        RESEED_EMAIL
+      </code>
+      environment variable
+      to configure your signing keys/contact info.
+    </p>
+    <h3>
+      Installation(From Source)
+    </h3>
+    <pre><code>git clone https://i2pgit.org/idk/reseed-tools
+cd reseed-tools
+make build
+# Optionally, if you want to install to /usr/bin/reseed-tools
+sudo make install
+</code></pre>
+    <h2>
+      Usage
+    </h2>
+    <h4>
+      Debian/Ubuntu note:
+    </h4>
+    <p>
+      It is possible to create a
+      <code>
+        .deb
+      </code>
+      package using
+      <a href="docs/DEBIAN.md">
+        these instructions
+      </a>
+      .
+    </p>
+    <p>
+      Debian users who are running I2P as a system service must also run the
+      <code>
+        reseed-tools
+      </code>
+      as the same user. This is so that the reseed-tools can access
+      the I2P service&rsquo;s netDb directory. On Debian and Ubuntu, that user is
+      <code>
+        i2psvc
+      </code>
+      and the netDb directory is:
+      <code>
+        /var/lib/i2p/i2p-config/netDb
+      </code>
+      .
+    </p>
+    <h2>
+      Example Commands:
+    </h2>
+    <h3>
+      Without a webserver, standalone with TLS support
+    </h3>
+    <p>
+      If this is your first time running a reseed server (ie. you don&rsquo;t have any existing keys),
+      you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates.
+      Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory
+      (a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).
+    </p>
+    <pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
+</code></pre>
+    <h3>
+      Locally behind a webserver (reverse proxy setup), preferred:
+    </h3>
+    <p>
+      If you are using a reverse proxy server it may provide the TLS certificate instead.
+    </p>
+    <pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
+</code></pre>
+    <ul>
+      <li>
+        <strong>
+          Usage
+        </strong>
+        <a href="docs/EXAMPLES.md">
+          More examples can be found here.
+        </a>
+      </li>
+      <li>
+        <strong>
+          Docker
+        </strong>
+        <a href="docs/DOCKER.md">
+          Docker examples can be found here
+        </a>
+      </li>
+    </ul>
+    <div id="sourcecode">
+      <span id="sourcehead">
+        <strong>
+          Get the source code:
+        </strong>
+      </span>
+      <ul>
+        <li>
+          <a href="https://i2pgit.org/idk/reseed-tools">
+            Source Repository: (https://i2pgit.org/idk/reseed-tools)
+          </a>
+        </li>
+      </ul>
+    </div>
+    <div>
+      <a href="#show">
+        Show license
+      </a>
+      <div id="show">
+        <div id="hide">
+          <pre><code>Copyright (c) 2014 Matt Drollette
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.
+</code></pre>
+          <a href="#hide">
+            Hide license
+          </a>
+        </div>
+      </div>
+    </div>
+    <div>
+      <iframe src="https://snowflake.torproject.org/embed.html" width="320" height="240" frameborder="0" scrolling="no"></iframe>
+    </div>
+    <div>
+      <a href="https://geti2p.net/">
+        <img src="i2plogo.png"></img>
+        I2P
+      </a>
+    </div>
+  </body>
+</html>
--- a/main.go
+++ b/main.go
@ -4,8 +4,9 @@ import (
 	"os"
 	"runtime"

-	"github.com/eyedeekay/i2p-tools-1/cmd"
-	"github.com/urfave/cli"
+	"github.com/urfave/cli/v3"
+	"i2pgit.org/idk/reseed-tools/cmd"
+	"i2pgit.org/idk/reseed-tools/reseed"
 )

 func main() {
@ -18,16 +19,21 @@ func main() {
 	runtime.GOMAXPROCS(runtime.NumCPU() / 2)

 	app := cli.NewApp()
-	app.Name = "i2p-tools-1"
-	app.Version = "0.1.7"
+	app.Name = "reseed-tools"
+	app.Version = reseed.Version
 	app.Usage = "I2P tools and reseed server"
-	app.Author = "eyedeekay"
-	app.Email = "hankhill19580@gmail.com"
+	auth := &cli.Author{
+		Name:  "eyedeekay",
+		Email: "hankhill19580@gmail.com",
+	}
+	app.Authors = append(app.Authors, auth)
 	app.Flags = []cli.Flag{}
-	app.Commands = []cli.Command{
+	app.Commands = []*cli.Command{
 		cmd.NewReseedCommand(),
 		cmd.NewSu3VerifyCommand(),
 		cmd.NewKeygenCommand(),
+		cmd.NewShareCommand(),
+		cmd.NewVersionCommand(),
 		// cmd.NewSu3VerifyPublicCommand(),
 	}

--- a/49
+++ b/49
@ -0,0 +1,49 @@
+#! /usr/bin/env sh
+RESEED_MESSAGE="Reseed Tools requires you to set an email for contact purposes.
+This is in case your reseed goes down.
+Please enter your email below."
+
+RESEED_CONF="# Use this file to configure the contact/signer email used for the reseed service.
+# without it the reseed will fail to start.
+
+[Service]
+Environment=\"RESEED_EMAIL="
+
+RESEED_DEFAULT="#Edit the contact/signing email used by your reseed server here
+export RESEED_EMAIL=\""
+
+mkdir -p /etc/systemd/system/reseed.service.d/
+
+INIT=$(file /sbin/init 2>&1 | grep systemd)
+if [ ! -z "$INIT" ]; then
+    rm -f /etc/default/reseed /etc/init.d/reseed
+fi
+
+if [ -t 1 ] ; then 
+    if [ -f /usr/bin/whiptail ]; then    
+        RESEED_EMAIL=$(whiptail --inputbox "$RESEED_MESSAGE" 10 30 3>&1 1>&2 2>&3)
+        if [ ! -z "$INIT" ]; then
+            echo "$RESEED_CONF$RESEED_EMAIL\"" | tee /etc/systemd/system/reseed.service.d/override.conf
+            systemctl enable reseed.service
+            systemctl daemon-reload
+        else
+            echo "$RESEED_DEFAULT$RESEED_EMAIL\"" | tee /etc/default/reseed
+        fi
+        exit 0
+    fi
+else 
+    if [ -f /usr/bin/zenity ]; then
+        RESEED_EMAIL=$(zenity --entry --title "Reseed Configuration" --text "$RESEED_MESSAGE" 10 30 3>&1 1>&2 2>&3)
+        if [ ! -z "$INIT" ]; then
+            echo "$RESEED_CONF$RESEED_EMAIL\"" | tee /etc/systemd/system/reseed.service.d/override.conf
+            #systemctl enable /etc/systemd/system/reseed.service.d/reseed.service
+            systemctl enable reseed.service
+            systemctl daemon-reload
+        else
+            echo "$RESEED_DEFAULT$RESEED_EMAIL\"" | tee /etc/default/reseed
+        fi
+        exit 0
+    fi
+fi
+
+
--- a/7
+++ b/7
@ -0,0 +1,7 @@
+#! /usr/bin/env sh
+
+INIT=$(file /sbin/init 2>&1 | grep systemd)
+if [ ! -z "$INIT" ]; then
+    systemctl daemon-reload
+fi
+
--- a/reseed/content/images/reseed-icon.png
+++ b/reseed/content/images/reseed-icon.png
--- a/reseed/content/images/reseed.png
+++ b/reseed/content/images/reseed.png
--- a/reseed/content/index.html
+++ b/reseed/content/index.html
@ -0,0 +1,10 @@
+<h1 id="you-have-found-an-i2p-reseed">You have found an I2P Reseed</h1>
+<p>Maybe it was by accident, or maybe you visited the URL because you saw it in the software somewhere. While we’ve got your attention, we’re going to take this opportunity to tell you a little about what we do here. I2P is a peer-to-peer network which uses “Garlic Routing” to maintain privacy. Reseed nodes help you get connected to I2P for the first time, and even though you should only have to use them once in a great while, they are very important services.</p>
+<h2 id="to-learn-more-about-i2p-visit"><a href="https://geti2p.net">To learn more about I2P, visit</a></h2>
+<p><a href="https://geti2p.net"><img src="images/reseed.png" alt="Help reseed" /></a></p>
+<ul>
+<li><a href="https://geti2p.net/en/docs/reseed">Learn more about reseeds here:</a></li>
+<li><a href="https://geti2p.net/en/get-involved/guides/reseed">Learn how to run a reseed here:</a></li>
+<li><a href="https://i2pgit.org/idk/reseed-tools">Read the reseed server code and learn about more reseed options here:</a></li>
+</ul>
+<p>Here on purpose? Here’s a one-time link to a reseed bundle for you.</p>
--- a/reseed/content/lang/ar/homepage.md
+++ b/reseed/content/lang/ar/homepage.md
@ -0,0 +1,18 @@
+هذا هو خادم I2P Reseed
+=============================
+
+I2P هي شبكة نظير إلى نظير تستخدم "توجيه الثوم" للحفاظ على الخصوصية.
+تساعدك عقد Reseed على الاتصال بـ I2P لأول مرة ، وعلى الرغم من ذلك
+يجب عليك فقط استخدامها مرة واحدة كل فترة ، فهي مهمة جدًا
+خدمات.
+
+[لمزيد من المعلومات حول I2P ، قم بزيارة موقع المشروع] (https://geti2p.net)
+------------------------------------------------------------------------
+
+[! [إعادة المساعدة] (images / reseed.png)] (https://geti2p.net)
+
+  - [مزيد من المعلومات حول عمليات إعادة التوريد] (https://geti2p.net/en/docs/reseed)
+  - [تعرف على كيفية تشغيل Reseed] (https://geti2p.net/en/get-involved/guides/reseed)
+  - [اقرأ رمز خادم إعادة التزويد وتعرّف على المزيد من خيارات إعادة التزويد] (https://i2pgit.org/idk/reseed-tools)
+
+### هل لديك مشاكل في الاتصال؟ إليك رابط لمرة واحدة لحزمة إعادة إرسال لك.
--- a/reseed/content/lang/bn/homepage.md
+++ b/reseed/content/lang/bn/homepage.md
@ -0,0 +1,18 @@
+এটি একটি I2P রিসিড সার্ভার
+============================
+
+I2P হল একটি পিয়ার-টু-পিয়ার নেটওয়ার্ক যা গোপনীয়তা বজায় রাখতে "গার্লিক রাউটিং" ব্যবহার করে।
+রিসিড নোড আপনাকে প্রথমবার I2P এর সাথে সংযুক্ত হতে সাহায্য করে, এবং যদিও
+আপনি শুধুমাত্র একটি মহান সময়ের মধ্যে একবার তাদের ব্যবহার করা উচিত, তারা খুবই গুরুত্বপূর্ণ
+সেবা.
+
+[I2P সম্পর্কে আরও জানতে, প্রকল্পের ওয়েবসাইট দেখুন](https://geti2p.net)
+-------------------------------------------------------------------------------------
+
+[![রিসিড করতে সাহায্য করুন](images/reseed.png)](https://geti2p.net)
+
+  - [রিসিড সম্পর্কে আরও জানুন](https://geti2p.net/en/docs/reseed)
+  - [কিভাবে রিসিড চালাতে হয় তা জানুন](https://geti2p.net/en/get-involved/guides/reseed)
+  - [রিসিড সার্ভার কোড পড়ুন এবং আরও রিসিড বিকল্প সম্পর্কে জানুন](https://i2pgit.org/idk/reseed-tools)
+
+### সংযোগ সমস্যা হচ্ছে? এখানে আপনার জন্য একটি রিসিড বান্ডেলের একটি এককালীন লিঙ্ক রয়েছে৷
--- a/reseed/content/lang/de/homepage.md
+++ b/reseed/content/lang/de/homepage.md
@ -0,0 +1,18 @@
+Dies ist ein I2P-Reseed-Server
+============================
+
+I2P ist ein Peer-to-Peer-Netzwerk, das „Garlic Routing“ verwendet, um die Privatsphäre zu wahren.
+Reseed-Knoten helfen Ihnen, zum ersten Mal mit I2P verbunden zu werden, und das obwohl
+Sie sollten sie nur ab und zu verwenden müssen, sie sind sehr wichtig
+Dienstleistungen.
+
+[Um mehr über I2P zu erfahren, besuchen Sie die Projektwebsite](https://geti2p.net)
+------------------------------------------------------------------------
+
+[![Hilfe neu aussäen](images/reseed.png)](https://geti2p.net)
+
+  - [Erfahren Sie mehr über Reseeds](https://geti2p.net/en/docs/reseed)
+  - [Erfahren Sie, wie Sie einen Reseed ausführen](https://geti2p.net/en/get-involved/guides/reseed)
+  - [Lesen Sie den Re-Seed-Server-Code und erfahren Sie mehr über Re-Seed-Optionen](https://i2pgit.org/idk/reseed-tools)
+
+### Haben Sie Verbindungsprobleme? Hier ist ein einmaliger Link zu einem Re-Seed-Bundle für Sie.
--- a/reseed/content/lang/en/homepage.md
+++ b/reseed/content/lang/en/homepage.md
@ -0,0 +1,18 @@
+This is an I2P Reseed Server
+============================
+
+I2P is a peer-to-peer network which uses “Garlic Routing” to maintain privacy.
+Reseed nodes help you get connected to I2P for the first time, and even though
+you should only have to use them once in a great while, they are very important
+services.
+
+[To learn more about I2P, visit the project website](https://geti2p.net)
+------------------------------------------------------------------------
+
+[![Help reseed](images/reseed.png)](https://geti2p.net)
+
+ - [Learn more about reseeds](https://geti2p.net/en/docs/reseed)
+ - [Learn how to run a reseed](https://geti2p.net/en/get-involved/guides/reseed)
+ - [Read the reseed server code and learn about more reseed options](https://i2pgit.org/idk/reseed-tools)
+
+### Having connection issues? Here is a one-time link to a reseed bundle for you.
--- a/reseed/content/lang/es/homepage.md
+++ b/reseed/content/lang/es/homepage.md
@ -0,0 +1,18 @@
+Este es un servidor de reinicio I2P
+============================
+
+I2P es una red de igual a igual que utiliza "Enrutamiento de ajo" para mantener la privacidad.
+Los nodos de reseed le ayudan a conectarse a I2P por primera vez, y aunque
+solo debería tener que usarlos de vez en cuando, son muy importantes
+servicios.
+
+[Para obtener más información sobre I2P, visite el sitio web del proyecto] (https://geti2p.net)
+------------------------------------------------------------------------
+
+[! [Help reseed] (images / reseed.png)] (https://geti2p.net)
+
+  - [Obtenga más información sobre reseeds] (https://geti2p.net/en/docs/reseed)
+  - [Aprenda a ejecutar un reseed] (https://geti2p.net/en/get-involved/guides/reseed)
+  - [Lea el código del servidor reseed y conozca más opciones de reseed] (https://i2pgit.org/idk/reseed-tools)
+
+### ¿Tienes problemas de conexión? Aquí hay un enlace único a un paquete reseed para usted.
--- a/reseed/content/lang/fr/homepage.md
+++ b/reseed/content/lang/fr/homepage.md
@ -0,0 +1,18 @@
+Ceci est un serveur de réensemencement I2P
+============================
+
+I2P est un réseau peer-to-peer qui utilise le « routage à l'ail » pour maintenir la confidentialité.
+Les nœuds de réamorçage vous aident à vous connecter à I2P pour la première fois, et même si
+vous ne devriez avoir à les utiliser qu'une fois de temps en temps, ils sont très importants
+prestations de service.
+
+[Pour en savoir plus sur I2P, visitez le site Web du projet](https://geti2p.net)
+------------------------------------------------------------------------
+
+[![Aide à reseed](images/reseed.png)](https://geti2p.net)
+
+  - [En savoir plus sur les réensemencements](https://geti2p.net/en/docs/reseed)
+  - [Apprenez à exécuter un reseed](https://geti2p.net/en/get-involved/guides/reseed)
+  - [Lire le code du serveur de réensemencement et en savoir plus sur les options de réensemencement] (https://i2pgit.org/idk/reseed-tools)
+
+### Vous avez des problèmes de connexion ? Voici un lien unique vers un paquet de graines pour vous.
--- a/reseed/content/lang/hi/homepage.md
+++ b/reseed/content/lang/hi/homepage.md
@ -0,0 +1,18 @@
+यह एक I2P शोधित सर्वर है
+===========================
+
+I2P एक पीयर-टू-पीयर नेटवर्क है जो गोपनीयता बनाए रखने के लिए "लहसुन रूटिंग" का उपयोग करता है।
+रीसेड नोड्स आपको पहली बार I2P से कनेक्ट होने में मदद करते हैं, और भले ही
+आपको उन्हें केवल एक बार ही उपयोग करना चाहिए, वे बहुत महत्वपूर्ण हैं
+सेवाएं।
+
+[I2P के बारे में अधिक जानने के लिए, प्रोजेक्ट वेबसाइट पर जाएँ](https://geti2p.net)
+-------------------------------------------------------------------------
+
+[![Reseed में मदद करें](images/reseed.png)](https://geti2p.net)
+
+  - [रिसेड्स के बारे में और जानें](https://geti2p.net/hi/docs/reseed)
+  - [रिसेड चलाना सीखें](https://geti2p.net/hi/get-involved/guides/reseed)
+  - [रीडेड सर्वर कोड पढ़ें और अधिक शोध विकल्पों के बारे में जानें](https://i2pgit.org/idk/reseed-tools)
+
+### कनेक्शन की समस्या आ रही है? यहां आपके लिए एक शोधित बंडल का वन-टाइम लिंक दिया गया है।
--- a/Show More
+++ b/Show More
				`@ -0,0 +1 @@`
				`Reseed tools is a self-contained, easy-to-configure I2P reseed service which can be run on any OS.`