Allow configuration of the signer email with a file

.dockerignore

@@ -6,3 +6,18 @@
 # CI cache folder storing docker images
 ci-exports
 
+/i2p-tools
+/cert.pem
+/key.pem
+/_netdb
+i2pseeds.su3
+*.pem
+onion.key
+tmp/
+i2p-tools-*
+*.crl
+*.crt
+*.pem
+plugin
+reseed-tools*
+data-dir*

CHANGELOG.md

@@ -1,3 +1,8 @@
+2021-12-14
+ * app.Version = "0.2.10"
+ * restart changelog
+ * fix websiteURL in plugin.config
+
 2019-04-21
  * app.Version = "0.1.7"
  * enabling TLS 1.3 *only*

Makefile

@@ -1,7 +1,11 @@
 
-VERSION=0.2.5
+VERSION=0.2.11
 APP=reseed-tools
 USER_GH=eyedeekay
+CGO_ENABLED=0
+export CGO_ENABLED=0
+PLUGIN_PORT=7671
+export PLUGIN_PORT=7671
 
 GOOS?=$(shell uname -s | tr A-Z a-z)
 GOARCH?="amd64"
@@ -117,7 +121,7 @@ docker:
 	docker build -t eyedeekay/reseed .
 
 docker-push: docker
-	docker push --disable-content-trust false eyedeekay/reseed:$(VERSION)
+	docker push --disable-content-trust=false eyedeekay/reseed:$(VERSION)
 
 users:
 	docker run --rm eyedeekay/reseed cat /etc/passwd
@@ -180,7 +184,7 @@ jar: gojava
 release: version upload checkinstall upload-single-deb plugins upload-su3s upload-bin 
 
 version:
-	cat README.md | gothub release -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -
+	cat README.md | gothub release -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION) -d -; true
 
 delete-version:
 	gothub delete -s $(GITHUB_TOKEN) -u $(USER_GH) -r $(APP) -t v$(VERSION)
@@ -233,7 +237,7 @@ upload-bin:
 rm-su3s:
 	rm *.su3 -f
 
-download-su3s: rm-su3s
+download-su3s:
 	GOOS=darwin GOARCH=amd64 make download-single-su3
 	GOOS=darwin GOARCH=arm64 make download-single-su3
 	GOOS=linux GOARCH=386 make download-single-su3
@@ -274,6 +278,7 @@ upload-single-su3:
 tmp/content:
 	mkdir -p tmp
 	cp -rv content tmp/content
+	echo "you@mail.i2p" > tmp/signer
 
 tmp/lib:
 	mkdir -p tmp/lib
@@ -286,13 +291,13 @@ su3s: tmp/content tmp/lib
 		-author=hankhill19580@gmail.com \
 		-autostart=true \
 		-clientname=reseed-tools-$(GOOS)-$(GOARCH) \
-		-command="reseed-tools-$(GOOS)-$(GOARCH) reseed --yes --signer=you@mail.i2p --netdb=\$$CONFIG/netDb" \
+		-command="reseed-tools-$(GOOS)-$(GOARCH) reseed --yes --signer=\$$PLUGIN/signer --port=$(PLUGIN_PORT)" \
 		-consolename="Reseed Tools" \
-		-consoleurl="http://127.0.0.1:8443" \
+		-consoleurl="https://127.0.0.1:$(PLUGIN_PORT)" \
 		-updateurl="http://idk.i2p/reseed-tools/reseed-tools-$(GOOS)-$(GOARCH).su3" \
 		-website="http://idk.i2p/reseed-tools/" \
 		-icondata="content/images/reseed-icon.png" \
-		-delaystart="3" \
+		-delaystart="1" \
 		-desc="`cat description-pak`" \
 		-exename=reseed-tools-$(GOOS)-$(GOARCH) \
 		-targetos="$(GOOS)" \

README.md

@@ -5,6 +5,9 @@ This tool provides a secure and efficient reseed server for the I2P network.
 There are several utility commands to create, sign, and validate SU3 files.
 Please note that this requires at least Go version 1.13, and uses Go Modules.
 
+Standard reseeds are distributed with the I2P packages. To get your reseed
+included, apply on [zzz.i2p](http://zzz.i2p).
+
 ## Dependencies
 
 `go`, `git`, and optionally `make` are required to build the project.
@@ -31,6 +34,14 @@ and via the github mirror at https://github.com/eyedeekay/reseed-tools/releases.
 These can be installed by adding them on the 
 [http://127.0.0.1:7657/configplugins](http://127.0.0.1:7657/configplugins).
 
+After installing the plugin, you should immediately edit the `$PLUGIN/signer`
+file in order to set your `--signer` email, which is used to name your keys.
+You can find the `$PLUGIN` directory in your I2P config directory, which is
+usually `$HOME/.i2p` on Unixes.
+
+This will allow the developers to contact you if your reseed has issues
+and will authenticate your reseed to the I2P routers that use it.
+
 - darwin/amd64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3)
 - darwin/arm64: [http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3](http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3)
 - linux/386: [http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3](http://idk.i2p/reseed-tools/reseed-tools-linux-386.su3)
@@ -114,4 +125,4 @@ reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=84
 ```
 
 - **Usage** [More examples can be found here.](EXAMPLES.md)
-- **Docker** [Eocker examples can be found here](DOCKER.md)
+- **Docker** [Docker examples can be found here](DOCKER.md)

cmd/keygen.go

@@ -27,6 +27,7 @@ func NewKeygenCommand() cli.Command {
 func keygenAction(c *cli.Context) {
 	signerID := c.String("signer")
 	tlsHost := c.String("tlsHost")
+	trustProxy := c.Bool("trustProxy")
 
 	if signerID == "" && tlsHost == "" {
 		fmt.Println("You must specify either --tlsHost or --signer")
@@ -40,10 +41,12 @@ func keygenAction(c *cli.Context) {
 		}
 	}
 
-	if tlsHost != "" {
-		if err := createTLSCertificate(tlsHost); nil != err {
-			fmt.Println(err)
-			return
+	if trustProxy {
+		if tlsHost != "" {
+			if err := createTLSCertificate(tlsHost); nil != err {
+				fmt.Println(err)
+				return
+			}
 		}
 	}
 }

cmd/reseed.go

@@ -2,6 +2,8 @@ package cmd
 
 import (
 	"context"
+	"strings"
+
 	//"flag"
 	"fmt"
 	"io/ioutil"
@@ -214,6 +216,16 @@ func LoadKeys(keysPath string, c *cli.Context) (i2pkeys.I2PKeys, error) {
 	}
 }
 
+// fileExists checks if a file exists and is not a directory before we
+// try using it to prevent further errors.
+func fileExists(filename string) bool {
+	info, err := os.Stat(filename)
+	if os.IsNotExist(err) {
+		return false
+	}
+	return !info.IsDir()
+}
+
 func reseedAction(c *cli.Context) {
 	netdbDir := c.String("netdb")
 	if netdbDir == "" {
@@ -222,10 +234,22 @@ func reseedAction(c *cli.Context) {
 	}
 
 	signerID := c.String("signer")
-	if signerID == "" {
+	if signerID == "" || signerID == "you@mail.i2p" {
 		fmt.Println("--signer is required")
 		return
 	}
+	if !strings.Contains(signerID, "@") {
+		if !fileExists(signerID) {
+			fmt.Println("--signer must be an email address or a file containing an email address.")
+			return
+		}
+		bytes, err := ioutil.ReadFile(signerID)
+		if err != nil {
+			fmt.Println("--signer must be an email address or a file containing an email address.")
+			return
+		}
+		signerID = string(bytes)
+	}
 
 	var tlsCert, tlsKey string
 	tlsHost := c.String("tlsHost")
@@ -256,18 +280,21 @@ func reseedAction(c *cli.Context) {
 
 		// prompt to create tls keys if they don't exist?
 		auto := c.Bool("yes")
-		// use ACME?
-		acme := c.Bool("acme")
-		if acme {
-			acmeserver := c.String("acmeserver")
-			err := checkUseAcmeCert(tlsHost, signerID, acmeserver, &tlsCert, &tlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
-			}
-		} else {
-			err := checkOrNewTLSCert(tlsHost, &tlsCert, &tlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
+		ignore := c.Bool("ignore")
+		if !ignore {
+			// use ACME?
+			acme := c.Bool("acme")
+			if acme {
+				acmeserver := c.String("acmeserver")
+				err := checkUseAcmeCert(tlsHost, signerID, acmeserver, &tlsCert, &tlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
+			} else {
+				err := checkOrNewTLSCert(tlsHost, &tlsCert, &tlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
 			}
 		}
 
@@ -295,9 +322,12 @@ func reseedAction(c *cli.Context) {
 
 			// prompt to create tls keys if they don't exist?
 			auto := c.Bool("yes")
-			err := checkOrNewTLSCert(i2pTlsHost, &i2pTlsCert, &i2pTlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
+			ignore := c.Bool("trustProxy")
+			if !ignore {
+				err := checkOrNewTLSCert(i2pTlsHost, &i2pTlsCert, &i2pTlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
 			}
 		}
 	}
@@ -337,9 +367,12 @@ func reseedAction(c *cli.Context) {
 
 			// prompt to create tls keys if they don't exist?
 			auto := c.Bool("yes")
-			err := checkOrNewTLSCert(onionTlsHost, &onionTlsCert, &onionTlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
+			ignore := c.Bool("trustProxy")
+			if !ignore {
+				err := checkOrNewTLSCert(onionTlsHost, &onionTlsCert, &onionTlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
 			}
 		}
 	}
@@ -401,7 +434,7 @@ func reseedAction(c *cli.Context) {
 			reseedP2P(c, reseeder)
 		}
 	}
-	if tlsHost != "" && tlsCert != "" && tlsKey != "" {
+	if !c.Bool("trustProxy") {
 		log.Printf("HTTPS server starting\n")
 		reseedHTTPS(c, tlsCert, tlsKey, reseeder)
 	} else {

description-pak

@@ -1,2 +1 @@
-Reseed tools is a self-contained, easy-to-configure I2P reseed service
- which can be run on any OS.
+Reseed tools is a self-contained, easy-to-configure I2P reseed service which can be run on any OS.

entrypoint.sh

@@ -1,5 +1,7 @@
 #! /usr/bin/env sh
 
+cd /var/lib/i2p/i2p-config/reseed
+
 cp -r /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/content ./content
 
 /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb $@

index.html

@@ -7,6 +7,7 @@
 <body>
 <h1 id="i2p-reseed-tools">I2P Reseed Tools</h1>
 <p>This tool provides a secure and efficient reseed server for the I2P network. There are several utility commands to create, sign, and validate SU3 files. Please note that this requires at least Go version 1.13, and uses Go Modules.</p>
+<p>Standard reseeds are distributed with the I2P packages. To get your reseed included, apply on <a href="http://zzz.i2p">zzz.i2p</a>.</p>
 <h2 id="dependencies">Dependencies</h2>
 <p><code>go</code>, <code>git</code>, and optionally <code>make</code> are required to build the project. Precompiled binaries for most platforms are available at my github mirror https://github.com/eyedeekay/i2p-tools-1.</p>
 <p>In order to install the build-dependencies on Ubuntu or Debian, you may use:</p>
@@ -15,6 +16,8 @@
 <p>Reseed-tools can be run as a user, as a freestanding service, or be installed as an I2P Plugin. It will attempt to configure itself automatically. You should make sure to set the <code>--signer</code> flag or the <code>RESEED_EMAIL</code> environment variable to configure your signing keys/contact info.</p>
 <h4 id="plugin-install-urls">Plugin install URL’s</h4>
 <p>Plugin releases are available inside of i2p at http://idk.i2p/reseed-tools/ and via the github mirror at https://github.com/eyedeekay/reseed-tools/releases. These can be installed by adding them on the <a href="http://127.0.0.1:7657/configplugins">http://127.0.0.1:7657/configplugins</a>.</p>
+<p>After installing the plugin, you should immediately edit the <code>$PLUGIN/signer</code> file in order to set your <code>--signer</code> email, which is used to name your keys. You can find the <code>$PLUGIN</code> directory in your I2P config directory, which is usually <code>$HOME/.i2p</code> on Unixes.</p>
+<p>This will allow the developers to contact you if your reseed has issues and will authenticate your reseed to the I2P routers that use it.</p>
 <ul>
 <li>darwin/amd64: <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3">http://idk.i2p/reseed-tools/reseed-tools-darwin-amd64.su3</a></li>
 <li>darwin/arm64: <a href="http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3">http://idk.i2p/reseed-tools/reseed-tools-darwin-arm64.su3</a></li>
@@ -61,7 +64,7 @@ sudo make install</code></pre>
 <pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy</code></pre>
 <ul>
 <li><strong>Usage</strong> <a href="EXAMPLES.md">More examples can be found here.</a></li>
-<li><strong>Docker</strong> <a href="DOCKER.md">Eocker examples can be found here</a></li>
+<li><strong>Docker</strong> <a href="DOCKER.md">Docker examples can be found here</a></li>
 </ul>
 </body>
 </html>

main.go

@@ -19,7 +19,7 @@ func main() {
 
 	app := cli.NewApp()
 	app.Name = "reseed-tools"
-	app.Version = "0.1.9"
+	app.Version = "0.2.9"
 	app.Usage = "I2P tools and reseed server"
 	app.Author = "eyedeekay"
 	app.Email = "hankhill19580@gmail.com"