I2P_Developers/i2p.www
3
0
Fork 5
Code Issues 27 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

overhaul of reseed docs

Browse Source
This commit is contained in:
idk
2023-01-05 01:53:35 +00:00
parent 5e3d53aa4b
commit ea736ff862
5 changed files with 300 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

256
i2p2www/pages/site/get-involved/guides/reseed-debian.html
View File

@ -5,174 +5,156 @@
<h2>{% trans %}General Information{% endtrans %}</h2>
<h4><a href="reseed-policy">To read the reseed policy, follow this link.</a></h4>
<h4><a href="reseed">Please see the general information for all reseed servers in addition to reading this section.</a></h4>
<p>{% trans %}
These guidelines are based on idk's <a href="https://i2pgit.org/idk/reseed-tools">reseed-tools</a> server.
There are no other known Debian-style packages for installing and configuring a reseed server.
{% endtrans %}</p>
<h4><a href="reseed-policy">{% trans %}To read the reseed policy, follow this link.{% endtrans %}</a></h4>
<h4><a href="reseed">{% trans %}Please see the general information for all reseed servers in addition to reading this section.{% endtrans %}</a></h4>
<h2>{% trans %}Reseed on Debian using {% endtrans %} <code>checkinstall</code>, <code>apt-get</code></h2>
<p>
It is possible to easily and automatically configure a reseed server
with a self-signed certificate on any Debian-based operating system,
including Ubuntu and it&rsquo;s downstreams. This is achieved using the
<code>
checkinstall
</code>
tool to set up the software dependencies and the operating system to
run the
<code>
I2P
</code>
service and the
<code>
reseed
</code>
service.
</p>
<h2>
Using a binary package
</h2>
<p>
If you do not wish to build from source, you can use a binary package
from me(idk). This package is built from this repo with the
<code>
make checkinstall
</code>
target and uploaded by me. I build it on an up-to-date Debian
<code>
sid
</code>
system
at tag time. It contains a static binary and files for configuring it as a
system service.
</p>
<pre><code class="language-sh">
<p>{% trans %}
It is possible to easily and automatically configure a reseed server
with a self-signed certificate on any Debian-based operating system,
including Ubuntu and it&rsquo;s downstreams. This is achieved using the
{% endtrans %}<code>
checkinstall
</code>{% trans %}
tool to set up the software dependencies and the operating system to
run the
{% endtrans %}<code>
I2P
</code>
{% trans %}service and the{% endtrans %}
<code>
reseed
</code>
{% trans %}service.{% endtrans %}
</p>
<h2>
{% trans %}Using a binary package{% endtrans %}
</h2>
<p>{% trans %}
If you do not wish to build from source, you can use a binary package
from me(idk). This package is built from this repo with the
{% endtrans %}<code>
make checkinstall
</code>
{% trans %}target and uploaded by me. I build it on an up-to-date Debian sid system at tag time.
It contains a static binary and files for configuring it as a system service.
{% endtrans %}
</p>
<pre><code class="language-sh">
wget https://github.com/eyedeekay/reseed-tools/releases/download/v0.2.30/reseed-tools_0.2.30-1_amd64.deb
# Obtain the checksum from the release web page and store it in the SHA256SUMS file
echo &quot;38941246e980dfc0456e066f514fc96a4ba25d25a7ef993abd75130770fa4d4d reseed-tools_0.2.30-1_amd64.deb&quot; &gt; SHA256SUMS
sha256sums -c SHA256SUMS
sudo apt-get install ./reseed-tools_0.2.30-1_amd64.deb
</code></pre>
<h2>
Building the
<code>
.deb
</code>
package from the source(Optional)
</h2>
<p>
If your software is too old, it&rsquo;s possible that the binary package I build will
not work for you. It&rsquo;s very easy to generate your own from the source code in this
repository.
</p>
<p>
<h2>
{% trans %}Building the .deb package from the source(Optional){% endtrans %}
</h2>
<p>{% trans %}
If your software is too old, it&rsquo;s possible that the binary package I build will
not work for you. It&rsquo;s very easy to generate your own from the source code in this
repository.
{% endtrans %}</p>
<p>
<strong>
1.
</strong>
Install the build dependencies
</p>
<pre><code class="language-sh">
<strong>
1.
</strong>
{% trans %}Install the build dependencies{% endtrans %}
</p>
<pre><code class="language-sh">
sudo apt-get install fakeroot checkinstall go git make
</code></pre>
<p>
<p>
<strong>
2.
</strong>
Clone the source code
</p>
<pre><code class="language-sh">
<strong>
2.
</strong>
{% trans %}Clone the source code{% endtrans %}
</p>
<pre><code class="language-sh">
git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
</code></pre>
<p>
<p>
<strong>
3.
</strong>
Generate the
<code>
.deb
</code>
package using the
<code>
make checkinstall
</code>
target
</p>
<pre><code class="language-sh">
<strong>
3.
</strong>
{% trans %}Generate the .deb package using the make checkinstall target {% endtrans %}
</p>
<pre><code class="language-sh">
cd ~/go/src/i2pgit.org/idk/reseed-tools
make checkinstall
</code></pre>
<p>
<p>
<strong>
4.
</strong>
Install the
<code>
.deb
</code>
package
</p>
<pre><code class="language-sh">
<strong>
4.
</strong>
{% trans %}Install the .deb package{% endtrans %}
</p>
<pre><code class="language-sh">
sudo apt-get install ./reseed-tools_*.deb
</code></pre>
<h2>
Running the Service
</h2>
<p>
<h2>
{% trans %}Running the Service{% endtrans %}
</h2>
<p>
<strong>
1.
</strong>
First, ensure that the I2P service is already running. The longer the better,
if you have to re-start the service, or if the service has very few peers, allow it to
run for 24 hours before advancing to step
<strong>
2.
</strong>
</p>
<pre><code class="language-sh">
<strong>
1.
</strong>{% trans %}
First, ensure that the I2P service is already running. The longer the better,
if you have to re-start the service, or if the service has very few peers, allow it to
run for 24 hours before advancing to step
{% endtrans %}
<strong>
2.
</strong>
</p>
<pre><code class="language-sh">
sudo systemctl start i2p
# or, if you use sysvinit
sudo service i2p start
</code></pre>
<p>
<p>
<strong>
2.
</strong>
Once your I2P router is &ldquo;Well-Integrated,&rdquo; start the reseed service.
</p>
<pre><code class="language-sh">
<strong>
2.
</strong>
{% trans %}Once your I2P router is &ldquo;Well-Integrated,&rdquo; start the reseed service.{% endtrans %}
</p>
<pre><code class="language-sh">
sudo systemctl start reseed
# or, if you use sysvinit
sudo service reseed start
</code></pre>
<p>
Your reseed will auto-configure with a self-signed certificate on port
<code>
:8443
</code>
. The
certificates themselves are available in
<code>
/var/lib/i2p/i2p-config/reseed
</code>
. When
you are ready, you should copy the
<code>
*.crt
</code>
files from that directory and share them
witth the I2P community on
<a href="http://zzz.i2p">
<code>
zzz.i2p
</code>
</a>
. These will allow I2P users
to authenticate your reseed services and secure the I2P network.
</p>
<p>
{% trans %}Your reseed will auto-configure with a self-signed certificate on port{% endtrans %}
<code>
:8443
</code>
. {% trans %}The certificates themselves are available in{% endtrans %}
<code>
/var/lib/i2p/i2p-config/reseed
</code>
. {% trans %}When you are ready, you should copy the{% endtrans %}
<code>
*.crt
</code>
{% trans %}files from that directory and share them with the I2P community on{% endtrans %}
<a href="http://zzz.i2p">
<code>
zzz.i2p
</code>
</a>
. {% trans %}These will allow I2P users to authenticate your reseed services and secure the I2P network.{% endtrans %}
</p>
{% endblock %}

155
i2p2www/pages/site/get-involved/guides/reseed-docker.html
View File

@ -5,88 +5,89 @@
<h2>{% trans %}General Information{% endtrans %}</h2>
<h4><a href="reseed-policy">To read the reseed policy, follow this link.</a></h4>
<h4><a href="reseed">Please see the general information for all reseed servers in addition to reading this section.</a></h4>
<p>{% trans %}
These guidelines are based on idk's <a href="https://i2pgit.org/idk/reseed-tools">reseed-tools</a> server.
They should be very similar to the guidelines for DivaExchange's <a href="https://codeberg.org/diva.exchange/i2p-reseed">i2p-reseed</a> server.
These guidelines make use of Docker to manage the reseed server in lieu of the initsystem.
If you are not interested in using Docker they will be of no use to you.
{% endtrans %}</p>
<h4><a href="reseed-policy">{% trans %}To read the reseed policy, follow this link.{% endtrans %}</a></h4>
<h4><a href="reseed">{% trans %}Please see the general information for all reseed servers in addition to reading this section.{% endtrans %}</a></h4>
<h2>{% trans %}Installation from a Docker Image{% endtrans %}</h2>
<p>
To make it easier to deploy reseeds, it is possible to run this software as a
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
</p>
<p>
When you run a reseed under Docker in this fashion, it will automatically
generate a self-signed certificate for your reseed server in a Docker volume
named reseed-keys.
<em>
Back up this directory
</em>
, if it is lost it is impossible
to reproduce.
</p>
<p>
Additional flags can be passed to the application in the Docker container by
appending them to the command. Please note that Docker is not currently
compatible with .onion reseeds unless you pass the &ndash;network=host tag.
</p>
<h2>
If I2P is running as your user, do this:
</h2>
<pre><code> docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
<p>{% trans %}
To make it easier to deploy reseeds, it is possible to run the reseed-tools as a
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
{% endtrans %}</p>
<p>{% trans %}
When you run a reseed under Docker in this fashion, it will automatically
generate a self-signed certificate for your reseed server in a Docker volume
named reseed-keys.{% endtrans %}
<em>
{% trans %}Back up this directory{% endtrans %}
</em>
, {% trans %}if it is lost it is impossible to reproduce.{% endtrans %}
</p>
<p>{% trans %}
Additional flags can be passed to the application in the Docker container by
appending them to the command. Please note that Docker is not currently
compatible with .onion reseeds unless you pass the &ndash;network=host tag.
{% endtrans %}</p>
<h2>
{% trans %}If I2P is running as your user, do this:{% endtrans %}
</h2>
<pre><code> docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
<h2>
If I2P is running as another user, do this:
</h2>
<pre><code> docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
<h2>
{% trans %}If I2P is running as another user, do this:{% endtrans %}
</h2>
<pre><code> docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
<h2>
<strong>
Debian/Ubuntu and Docker
</strong>
</h2>
<p>
In many cases I2P will be running as the Debian system user
<code>
i2psvc
</code>
. This
is the case for all installs where Debian&rsquo;s Advanced Packaging Tool(apt) was
used to peform the task. If you used
<code>
apt-get install
</code>
this command will
work for you. In that case, just copy-and-paste:
</p>
<pre><code> docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
<h2>
<strong>
{% trans %}Debian/Ubuntu and Docker{% endtrans %}
</strong>
</h2>
<p>
{% trans %}In many cases I2P will be running as the Debian system user{% endtrans %}
<code>
i2psvc
</code>
. {% trans %}This is the case for all installs where Debian&rsquo;s Advanced Packaging Tool(apt) was used to peform the task.
If you used "apt-get install" this command will work for you. In that case, just copy-and-paste:{% endtrans %}
</p>
<pre><code> docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
</code></pre>
{% endblock %}

11
i2p2www/pages/site/get-involved/guides/reseed-plugin.html
View File

@ -5,9 +5,16 @@
<h2>{% trans %}General Information{% endtrans %}</h2>
<h4><a href="reseed-policy">To read the reseed policy, follow this link.</a></h4>
<h4><a href="reseed">Please see the general information for all reseed servers in addition to reading this section.</a></h4>
<p>{% trans %}
These guidelines are based on idk's <a href="https://i2pgit.org/idk/reseed-tools">reseed-tools</a> server.
There are no other known I2P Console Plugin packages for installing and configuring a reseed server.
{% endtrans %}</p>
<h4><a href="reseed-policy">{% trans %}To read the reseed policy, follow this link.{% endtrans %}</a></h4>
<h4><a href="reseed">{% trans %}Please see the general information for all reseed servers in addition to reading this section.{% endtrans %}</a></h4>
<h2>{% trans %}Installation from an I2P console plugin{% endtrans %}</h2>
<!--TODO: port over plugin install docs-->
{% endblock %}

16
i2p2www/pages/site/get-involved/guides/reseed-proxy.html
View File

@ -5,9 +5,21 @@
<h2>{% trans %}General Information{% endtrans %}</h2>
<h4><a href="reseed-policy">To read the reseed policy, follow this link.</a></h4>
<h4><a href="reseed">Please see the general information for all reseed servers in addition to reading this section.</a></h4>
<p>{% trans %}
These guidelines are based on idk's <a href="https://i2pgit.org/idk/reseed-tools">reseed-tools</a> server.
They should be very similar to the guidelines for DivaExchange's <a href="https://codeberg.org/diva.exchange/i2p-reseed">i2p-reseed</a> server.
{% endtrans %}</p>
<p>{% trans %}
These guidelines will help you to configure your reseed server behind a reverse proxy like Apache2 or nginx.
These will allow you to configure additional behaviors like filtering, adding and removing headers, or temporary logging to debug issues.
The specifics of customizing your reverse proxy are outside the scope of this document.
{% endtrans %}</p>
<h4><a href="reseed-policy">{% trans %}To read the reseed policy, follow this link.{% endtrans %}</a></h4>
<h4><a href="reseed">{% trans %}Please see the general information for all reseed servers in addition to reading this section.{% endtrans %}</a></h4>
<h2>{% trans %}Reseed Installation using a Reverse Proxy{% endtrans %}</h2>
<!--TODO: port over reverse proxy install docs-->
{% endblock %}

159
i2p2www/pages/site/get-involved/guides/reseed.html
View File

@ -5,19 +5,19 @@
<h2>{% trans %}General Information{% endtrans %}</h2>
<p>{% trans -%}
Thank you for volunteering to run an I2P reseed server.
"Reseeding" is our term for bootstrapping new routers into the network.
New routers fetch a bundle of peer references, or "router infos", from one or more of a hardcoded list of HTTPS URLs.
{%- endtrans %}</p>
<p>{% trans -%}
Thank you for volunteering to run an I2P reseed server.
"Reseeding" is our term for bootstrapping new routers into the network.
New routers fetch a bundle of peer references, or "router infos", from one or more of a hardcoded list of HTTPS URLs.
{%- endtrans %}</p>
<h2>{% trans %}Requirements{% endtrans %}</h2>
<p>{% trans -%}
A reseed server must be reachable on the public internet.
It must use TLS, but it may use a self-signed TLS certificate if the reseed administrator is in communication with the router development team.
The administrator of the reseed server should provide contact information in order to respond to issues and be in touch with the I2P team.
{%- endtrans %}</p>
<p>{% trans -%}
A reseed server must be reachable on the public internet.
It must use TLS, but it may use a self-signed TLS certificate if the reseed administrator is in communication with the router development team.
The administrator of the reseed server should provide contact information in order to respond to issues and be in touch with the I2P team.
{%- endtrans %}</p>
<h2>{% trans %}More Information{% endtrans %}</h2>
@ -30,45 +30,46 @@
<h2>{% trans %}Installation from Source Code{% endtrans %}</h2>
<p>
Reseed Tools is a pure Go application which can be built statically without CGO.
It makes use of Go Modules.
A Makefile is provided with some targets which are convenient helpers for generating binaries, especially for production and release purposes.
</p>
<p>{% trans %}
These guidelines are based on idk's <a href="https://i2pgit.org/idk/reseed-tools">reseed-tools</a> server.
They should be very similar to the guidelines for DivaExchange's <a href="https://codeberg.org/diva.exchange/i2p-reseed">i2p-reseed</a> server.
{% endtrans %}</p>
<p>{% trans %}
Reseed Tools is a pure Go application which can be built statically without CGO.
It makes use of Go Modules.
A Makefile is provided with some targets which are convenient helpers for generating binaries, especially for production and release purposes.
{% endtrans %}</p>
<p>
<strong>
1.
</strong>
Install the build dependencies
<strong>
1.
</strong>
{% trans %}Install the build dependencies{% endtrans %}
</p>
<pre><code class="language-sh">
sudo apt-get install go git make
</code></pre>
<p>
<strong>
2.
</strong>
Clone the source code
<strong>
2.
</strong>
{% trans %}Clone the source code{% endtrans %}
</p>
<pre><code class="language-sh">
git clone https://i2pgit.org/idk/reseed-tools ~/go/src/i2pgit.org/idk/reseed-tools
</code></pre>
<p>
<strong>
3.
</strong>
Generate the
<code>
binaries
</code>
package using the
<code>
make build
</code>
target
<strong>
3.
</strong>
{% trans %}Generate the binaries using the{% endtrans %}
<code>
make build
</code>
{% trans %}command{% endtrans %}
</p>
<pre><code class="language-sh">
cd ~/go/src/i2pgit.org/idk/reseed-tools
@ -76,28 +77,28 @@ make build
</code></pre>
<p>
<strong>
4.
</strong>
Install the binary and the config files
<strong>
4.
</strong>
{% trans %}Install the binary and the config files{% endtrans %}
</p>
<pre><code class="language-sh">
sudo make install
</code></pre>
<h2>
Running the Service
</h2>
<h2>{% trans %}
Running the Service
{% endtrans %}</h2>
<p>
<strong>
1.
</strong>
First, ensure that the I2P service is already running. The longer the better,
if you have to re-start the service, or if the service has very few peers, allow it to
run for 24 hours before advancing to step
<strong>
2.
</strong>
<strong>
1.
</strong>
{% trans %}First, ensure that the I2P service is already running. The longer the better,
if you have to re-start the service, or if the service has very few peers, allow it to
run for 24 hours before advancing to step{% endtrans %}
<strong>
2.
</strong>
</p>
<pre><code class="language-sh">
sudo systemctl start i2p
@ -106,10 +107,10 @@ sudo service i2p start
</code></pre>
<p>
<strong>
2.
</strong>
Once your I2P router is &ldquo;Well-Integrated,&rdquo; start the reseed service.
<strong>
2.
</strong>
{% trans %}Once your I2P router is &ldquo;Well-Integrated,&rdquo; start the reseed service.{% endtrans %}
</p>
<pre><code class="language-sh">
sudo systemctl start reseed
@ -117,29 +118,29 @@ sudo systemctl start reseed
sudo service reseed start
</code></pre>
<p>
Your reseed will auto-configure with a self-signed certificate on port
<code>
:8443
</code>
. The
certificates themselves are available in
<code>
/var/lib/i2p/i2p-config/reseed
</code>
. When
you are ready, you should copy the
<code>
*.crt
</code>
files from that directory and share them
witth the I2P community on
<a href="http://zzz.i2p">
<code>
zzz.i2p
</code>
</a>
. These will allow I2P users
to authenticate your reseed services and secure the I2P network.
{% trans %}Your reseed will auto-configure with a self-signed certificate on port{% endtrans %}
<code>
:8443
</code>
. {% trans %}The
certificates themselves are available in{% endtrans %}
<code>
/var/lib/i2p/i2p-config/reseed
</code>
. {% trans %}When
you are ready, you should copy the{% endtrans %}
<code>
*.crt
</code>
{% trans %}files from that directory and share them
witth the I2P community on{% endtrans %}
<a href="http://zzz.i2p">
<code>
zzz.i2p
</code>
</a>
. {% trans %}These will allow I2P users
to authenticate your reseed services and secure the I2P network.{% endtrans %}
</p>
{% endblock %}