loveisgrief/Reseed_Tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove example clutter from readme

Browse Source
This commit is contained in:
idk
2021-12-04 11:31:50 -05:00
parent 1acf807a13
commit 76b5e6b2e8
4 changed files with 113 additions and 165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
DOCKER.md Normal file
View File

@ -0,0 +1,57 @@
### Docker
To make it easier to deploy reseeds, it is possible to run this software as a
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
When you run a reseed under Docker in this fashion, it will automatically
generate a self-signed certificate for your reseed server in a Docker volume
mamed reseed-keys. *Back up this directory*, if it is lost it is impossible
to reproduce.
Please note that Docker is not currently compatible with .onion reseeds unless
you pass the --network=host tag.
#### If I2P is running as your user, do this:
docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
#### If I2P is running as another user, do this:
docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
#### **Debian/Ubuntu and Docker**
In many cases I2P will be running as the Debian system user ```i2psvc```. This
is the case for all installs where Debian's Advanced Packaging Tool(apt) was
used to peform the task. If you used ```apt-get install``` this command will
work for you. In that case, just copy-and-paste:
docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE

46
EXAMPLES.md Normal file
View File

@ -0,0 +1,46 @@
## Example Commands:
### Without a webserver, standalone, automatic OnionV3 with TLS support
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
```
### Without a webserver, standalone, serve P2P with LibP2P
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
```
### Without a webserver, standalone, upload a single signed .su3 to github
* This one isn't working yet, I'll get to it eventually, I've got a cooler idea now.
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --github --ghrepo=reseed-tools --ghuser=eyedeekay
```
### Without a webserver, standalone, in-network reseed
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, I2P In-Network reseed, and LibP2P, self-supervising
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p --littleboss=start
```

118
README.md
View File

@ -1,8 +1,9 @@
I2P Reseed Tools
==================
This tool provides a secure and efficient reseed server for the I2P network. There are several utility commands to
create, sign, and validate SU3 files. Please note that this requires at least Go version 1.13, and uses Go Modules.
This tool provides a secure and efficient reseed server for the I2P network.
There are several utility commands to create, sign, and validate SU3 files.
Please note that this requires at least Go version 1.13, and uses Go Modules.
## Dependencies
@ -65,6 +66,8 @@ The contact email for your reseed should be added in:
Self-signed certificates will be auto-generated for these services. To change
this you should edit the `/etc/init.d/reseed`.
## Example Commands:
### Without a webserver, standalone with TLS support
If this is your first time running a reseed server (ie. you don't have any existing keys),
@ -76,8 +79,6 @@ Afterwards an HTTPS reseed server will start on the default port and generate 6
reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
```
## Example Commands:
### Locally behind a webserver (reverse proxy setup), preferred:
If you are using a reverse proxy server it may provide the TLS certificate instead.
@ -86,110 +87,5 @@ If you are using a reverse proxy server it may provide the TLS certificate inste
reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy
```
### Without a webserver, standalone, self-supervising(Automatic restarts)
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --littleboss=start
```
### Without a webserver, standalone, automatic OnionV3 with TLS support
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p
```
### Without a webserver, standalone, serve P2P with LibP2P
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p
```
### Without a webserver, standalone, upload a single signed .su3 to github
* This one isn't working yet, I'll get to it eventually, I've got a cooler idea now.
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --github --ghrepo=reseed-tools --ghuser=eyedeekay
```
### Without a webserver, standalone, in-network reseed
```
./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p
```
### Without a webserver, standalone, Regular TLS, OnionV3 with TLS, I2P In-Network reseed, and LibP2P, self-supervising
```
./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p --littleboss=start
```
### Docker
To make it easier to deploy reseeds, it is possible to run this software as a
Docker image. Because the software requires access to a network database to host
a reseed, you will need to mount the netDb as a volume inside your docker
container to provide access to it, and you will need to run it as the same user
and group inside the container as I2P.
When you run a reseed under Docker in this fashion, it will automatically
generate a self-signed certificate for your reseed server in a Docker volume
mamed reseed-keys. *Back up this directory*, if it is lost it is impossible
to reproduce.
Please note that Docker is not currently compatible with .onion reseeds unless
you pass the --network=host tag.
#### If I2P is running as your user, do this:
docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
#### If I2P is running as another user, do this:
docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
#### **Debian/Ubuntu and Docker**
In many cases I2P will be running as the Debian system user ```i2psvc```. This
is the case for all installs where Debian's Advanced Packaging Tool(apt) was
used to peform the task. If you used ```apt-get install``` this command will
work for you. In that case, just copy-and-paste:
docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE
- **Usage** [More examples can be found here.](EXAMPLES.md)
- **Docker** [Eocker examples can be found here](DOCKER.md)

57
index.html
View File

@ -35,67 +35,16 @@ sudo make install</code></pre>
<p>An initscript is also provided. The initscript, unlike the systemd service, cannot schedule itself to restart. You should restart the service roughly once a day to ensure that the information does not expire.</p>
<p>The contact email for your reseed should be added in: <code>/etc/init.d/reseed</code>.</p>
<p>Self-signed certificates will be auto-generated for these services. To change this you should edit the <code>/etc/init.d/reseed</code>.</p>
<h2 id="example-commands">Example Commands:</h2>
<h3 id="without-a-webserver-standalone-with-tls-support">Without a webserver, standalone with TLS support</h3>
<p>If this is your first time running a reseed server (ie. you dont have any existing keys), you can simply run the command and follow the prompts to create the appropriate keys, crl and certificates. Afterwards an HTTPS reseed server will start on the default port and generate 6 files in your current directory (a TLS key, certificate and crl, and a su3-file signing key, certificate and crl).</p>
<pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld</code></pre>
<h2 id="example-commands">Example Commands:</h2>
<h3 id="locally-behind-a-webserver-reverse-proxy-setup-preferred">Locally behind a webserver (reverse proxy setup), preferred:</h3>
<p>If you are using a reverse proxy server it may provide the TLS certificate instead.</p>
<pre><code>reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443 --ip=127.0.0.1 --trustProxy</code></pre>
<h3 id="without-a-webserver-standalone-self-supervisingautomatic-restarts">Without a webserver, standalone, self-supervising(Automatic restarts)</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --littleboss=start</code></pre>
<h3 id="without-a-webserver-standalone-automatic-onionv3-with-tls-support">Without a webserver, standalone, automatic OnionV3 with TLS support</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --i2p --p2p</code></pre>
<h3 id="without-a-webserver-standalone-serve-p2p-with-libp2p">Without a webserver, standalone, serve P2P with LibP2P</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --p2p</code></pre>
<h3 id="without-a-webserver-standalone-upload-a-single-signed-.su3-to-github">Without a webserver, standalone, upload a single signed .su3 to github</h3>
<ul>
<li>This one isnt working yet, Ill get to it eventually, Ive got a cooler idea now.</li>
<li><strong>Usage</strong> <a href="EXAMPLES.md">More examples can be found here.</a></li>
<li><strong>Docker</strong> <a href="DOCKER.md">Eocker examples can be found here</a></li>
</ul>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --github --ghrepo=reseed-tools --ghuser=eyedeekay</code></pre>
<h3 id="without-a-webserver-standalone-in-network-reseed">Without a webserver, standalone, in-network reseed</h3>
<pre><code>./reseed-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --i2p</code></pre>
<h3 id="without-a-webserver-standalone-regular-tls-onionv3-with-tls">Without a webserver, standalone, Regular TLS, OnionV3 with TLS</h3>
<pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion</code></pre>
<h3 id="without-a-webserver-standalone-regular-tls-onionv3-with-tls-and-libp2p">Without a webserver, standalone, Regular TLS, OnionV3 with TLS, and LibP2P</h3>
<pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p</code></pre>
<h3 id="without-a-webserver-standalone-regular-tls-onionv3-with-tls-i2p-in-network-reseed-and-libp2p-self-supervising">Without a webserver, standalone, Regular TLS, OnionV3 with TLS, I2P In-Network reseed, and LibP2P, self-supervising</h3>
<pre><code>./reseed-tools reseed --tlsHost=your-domain.tld --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion --p2p --littleboss=start</code></pre>
<h3 id="docker">Docker</h3>
<p>To make it easier to deploy reseeds, it is possible to run this software as a Docker image. Because the software requires access to a network database to host a reseed, you will need to mount the netDb as a volume inside your docker container to provide access to it, and you will need to run it as the same user and group inside the container as I2P.</p>
<p>When you run a reseed under Docker in this fashion, it will automatically generate a self-signed certificate for your reseed server in a Docker volume mamed reseed-keys. <em>Back up this directory</em>, if it is lost it is impossible to reproduce.</p>
<p>Please note that Docker is not currently compatible with .onion reseeds unless you pass the network=host tag.</p>
<h4 id="if-i2p-is-running-as-your-user-do-this">If I2P is running as your user, do this:</h4>
<pre><code> docker run -itd \
--name reseed \
--publish 443:8443 \
--restart always \
--volume $HOME/.i2p/netDb:$HOME/.i2p/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE</code></pre>
<h4 id="if-i2p-is-running-as-another-user-do-this">If I2P is running as another user, do this:</h4>
<pre><code> docker run -itd \
--name reseed \
--user $(I2P_UID) \
--group-add $(I2P_GID) \
--publish 443:8443 \
--restart always \
--volume /PATH/TO/USER/I2P/HERE/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE</code></pre>
<h4 id="debianubuntu-and-docker"><strong>Debian/Ubuntu and Docker</strong></h4>
<p>In many cases I2P will be running as the Debian system user <code>i2psvc</code>. This is the case for all installs where Debians Advanced Packaging Tool(apt) was used to peform the task. If you used <code>apt-get install</code> this command will work for you. In that case, just copy-and-paste:</p>
<pre><code> docker run -itd \
--name reseed \
--user $(id -u i2psvc) \
--group-add $(id -g i2psvc) \
--publish 443:8443 \
--restart always \
--volume /var/lib/i2p/i2p-config/netDb:/var/lib/i2p/i2p-config/netDb:z \
--volume reseed-keys:/var/lib/i2p/i2p-config/reseed \
eyedeekay/reseed \
--signer $YOUR_EMAIL_HERE</code></pre>
</body>
</html>