bump version

.dockerignore

@@ -6,3 +6,18 @@
 # CI cache folder storing docker images
 ci-exports
 
+/i2p-tools
+/cert.pem
+/key.pem
+/_netdb
+i2pseeds.su3
+*.pem
+onion.key
+tmp/
+i2p-tools-*
+*.crl
+*.crt
+*.pem
+plugin
+reseed-tools*
+data-dir*

Makefile

@@ -1,7 +1,9 @@
 
-VERSION=0.2.5
+VERSION=0.2.6
 APP=reseed-tools
 USER_GH=eyedeekay
+CGO_ENABLED=0
+export CGO_ENABLED=0
 
 GOOS?=$(shell uname -s | tr A-Z a-z)
 GOARCH?="amd64"
@@ -117,7 +119,7 @@ docker:
 	docker build -t eyedeekay/reseed .
 
 docker-push: docker
-	docker push --disable-content-trust false eyedeekay/reseed:$(VERSION)
+	docker push --disable-content-trust=false eyedeekay/reseed:$(VERSION)
 
 users:
 	docker run --rm eyedeekay/reseed cat /etc/passwd

README.md

@@ -5,6 +5,9 @@ This tool provides a secure and efficient reseed server for the I2P network.
 There are several utility commands to create, sign, and validate SU3 files.
 Please note that this requires at least Go version 1.13, and uses Go Modules.
 
+Standard reseeds are distributed with the I2P packages. To get your reseed
+included, apply on [zzz.i2p](http://zzz.i2p).
+
 ## Dependencies
 
 `go`, `git`, and optionally `make` are required to build the project.
@@ -114,4 +117,4 @@ reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=84
 ```
 
 - **Usage** [More examples can be found here.](EXAMPLES.md)
-- **Docker** [Eocker examples can be found here](DOCKER.md)
+- **Docker** [Docker examples can be found here](DOCKER.md)

cmd/keygen.go

@@ -27,6 +27,7 @@ func NewKeygenCommand() cli.Command {
 func keygenAction(c *cli.Context) {
 	signerID := c.String("signer")
 	tlsHost := c.String("tlsHost")
+	trustProxy := c.Bool("trustProxy")
 
 	if signerID == "" && tlsHost == "" {
 		fmt.Println("You must specify either --tlsHost or --signer")
@@ -40,10 +41,12 @@ func keygenAction(c *cli.Context) {
 		}
 	}
 
-	if tlsHost != "" {
-		if err := createTLSCertificate(tlsHost); nil != err {
-			fmt.Println(err)
-			return
+	if trustProxy {
+		if tlsHost != "" {
+			if err := createTLSCertificate(tlsHost); nil != err {
+				fmt.Println(err)
+				return
+			}
 		}
 	}
 }

cmd/reseed.go

@@ -256,18 +256,21 @@ func reseedAction(c *cli.Context) {
 
 		// prompt to create tls keys if they don't exist?
 		auto := c.Bool("yes")
-		// use ACME?
-		acme := c.Bool("acme")
-		if acme {
-			acmeserver := c.String("acmeserver")
-			err := checkUseAcmeCert(tlsHost, signerID, acmeserver, &tlsCert, &tlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
-			}
-		} else {
-			err := checkOrNewTLSCert(tlsHost, &tlsCert, &tlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
+		ignore := c.Bool("ignore")
+		if !ignore {
+			// use ACME?
+			acme := c.Bool("acme")
+			if acme {
+				acmeserver := c.String("acmeserver")
+				err := checkUseAcmeCert(tlsHost, signerID, acmeserver, &tlsCert, &tlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
+			} else {
+				err := checkOrNewTLSCert(tlsHost, &tlsCert, &tlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
 			}
 		}
 
@@ -295,9 +298,12 @@ func reseedAction(c *cli.Context) {
 
 			// prompt to create tls keys if they don't exist?
 			auto := c.Bool("yes")
-			err := checkOrNewTLSCert(i2pTlsHost, &i2pTlsCert, &i2pTlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
+			ignore := c.Bool("trustProxy")
+			if !ignore {
+				err := checkOrNewTLSCert(i2pTlsHost, &i2pTlsCert, &i2pTlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
 			}
 		}
 	}
@@ -337,9 +343,12 @@ func reseedAction(c *cli.Context) {
 
 			// prompt to create tls keys if they don't exist?
 			auto := c.Bool("yes")
-			err := checkOrNewTLSCert(onionTlsHost, &onionTlsCert, &onionTlsKey, auto)
-			if nil != err {
-				log.Fatalln(err)
+			ignore := c.Bool("trustProxy")
+			if !ignore {
+				err := checkOrNewTLSCert(onionTlsHost, &onionTlsCert, &onionTlsKey, auto)
+				if nil != err {
+					log.Fatalln(err)
+				}
 			}
 		}
 	}
@@ -401,7 +410,7 @@ func reseedAction(c *cli.Context) {
 			reseedP2P(c, reseeder)
 		}
 	}
-	if tlsHost != "" && tlsCert != "" && tlsKey != "" {
+	if !c.Bool("trustProxy") {
 		log.Printf("HTTPS server starting\n")
 		reseedHTTPS(c, tlsCert, tlsKey, reseeder)
 	} else {

entrypoint.sh

@@ -1,5 +1,7 @@
 #! /usr/bin/env sh
 
+cd /var/lib/i2p/i2p-config/reseed
+
 cp -r /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/content ./content
 
 /var/lib/i2p/go/src/i2pgit.org/idk/reseed-tools/reseed-tools reseed --yes=true --netdb=/var/lib/i2p/i2p-config/netDb $@

index.html

@@ -7,6 +7,7 @@
 <body>
 <h1 id="i2p-reseed-tools">I2P Reseed Tools</h1>
 <p>This tool provides a secure and efficient reseed server for the I2P network. There are several utility commands to create, sign, and validate SU3 files. Please note that this requires at least Go version 1.13, and uses Go Modules.</p>
+<p>Standard reseeds are distributed with the I2P packages. To get your reseed included, apply on <a href="http://zzz.i2p">zzz.i2p</a>.</p>
 <h2 id="dependencies">Dependencies</h2>
 <p><code>go</code>, <code>git</code>, and optionally <code>make</code> are required to build the project. Precompiled binaries for most platforms are available at my github mirror https://github.com/eyedeekay/i2p-tools-1.</p>
 <p>In order to install the build-dependencies on Ubuntu or Debian, you may use:</p>
@@ -61,7 +62,7 @@ sudo make install</code></pre>
 <pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy</code></pre>
 <ul>
 <li><strong>Usage</strong> <a href="EXAMPLES.md">More examples can be found here.</a></li>
-<li><strong>Docker</strong> <a href="DOCKER.md">Eocker examples can be found here</a></li>
+<li><strong>Docker</strong> <a href="DOCKER.md">Docker examples can be found here</a></li>
 </ul>
 </body>
 </html>