From e64e12b3fb4289bc298f35d985eb89c15b8e9e88 Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Sat, 23 Jan 2021 18:19:31 +0100 Subject: [PATCH 1/8] Fix docker build ant needed to be updated to >1.9, but the old image used an old alpine with the max version of ant being 1.8. The build is split into 2 phases to reduce the size of the image. A builder makes the installer and installs it in one image. The installed files are copied over to the actual result image. --- .dockerignore | 31 ++++++++++++++++ Docker.entrypoint.sh | 14 -------- Dockerfile | 84 ++++++++++++++++++-------------------------- 3 files changed, 65 insertions(+), 64 deletions(-) create mode 100644 .dockerignore delete mode 100644 Docker.entrypoint.sh diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000000..5136b3b8a9 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,31 @@ +.idea +.git +Dockerfile + + +# Gradle +.gradle +build +apps/BOB/build +apps/addressbook/build +apps/desktopgui/build +apps/i2pcontrol/build +apps/i2psnark/build +apps/i2ptunnel/build +apps/imagegen/build +apps/jetty/build +apps/jrobin/build +apps/ministreaming/java/build +apps/ministreaming/build +apps/routerconsole/build +apps/sam/build +apps/streaming/build +apps/susidns/build +apps/susimail/build +apps/systray/build +core/java/build +core/build +installer/build +router/java/build +router/build + diff --git a/Docker.entrypoint.sh b/Docker.entrypoint.sh deleted file mode 100644 index 755179e75a..0000000000 --- a/Docker.entrypoint.sh +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/sh - -export JAVA_HOME=/opt/jdk/jre - -# Ensure user rights -chown -R i2p:nobody /opt/i2p -chmod -R u+rwx /opt/i2p - -gosu i2p /opt/i2p/i2psvc /opt/i2p/wrapper.config wrapper.pidfile=/var/tmp/i2p.pid \ - wrapper.name=i2p \ - wrapper.displayname="I2P Service" \ - wrapper.statusfile=/var/tmp/i2p.status \ - wrapper.java.statusfile=/var/tmp/i2p.java.status \ - wrapper.logfile=/var/tmp/wrapper.log diff --git a/Dockerfile b/Dockerfile index 6d04eadb7b..24427afd14 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,62 +1,46 @@ -FROM meeh/java8server:latest -# Docker image based on Alpine with Java. +# Use a multi-stage build to reduce the size of the resulting image +# We need alpine >v3 in order to install an apache-ant > 1.9 +FROM alpine:3 as builder +ENV I2P_PREFIX="/opt/i2p" -# We use Oracle Java to run I2P, but uses the openjdk to build it. +WORKDIR /tmp/build +COPY . ./ +# Build installer +RUN apk --no-cache add build-base gettext tar bzip2 apache-ant openjdk8 expect +RUN echo "noExe=true" >> build.properties +RUN ant installer-linux +RUN mkdir -p /opt +RUN mv i2pinstall*.jar /tmp/i2pinstall.jar -MAINTAINER Mikal Villa +# Install i2p using the installer into I2P_PREFIX +RUN expect -f ./Docker.expt +RUN cd ${I2P_PREFIX} +RUN rm -fr man docs *.bat *.command *.app -ENV GIT_BRANCH="master" +# Second stage only using the installer from the last stage +# --------------------------------------------------------- +# We can't use alpine here as the java service wrapper is built with glibc +# alpine uses musl +FROM openjdk:11.0-jre-slim + +ARG I2P_UID=1000 +ARG I2P_USER=i2p ENV I2P_PREFIX="/opt/i2p" ENV PATH=${I2P_PREFIX}/bin:$PATH -ENV JAVA_HOME=/usr/lib/jvm/default-jvm - -ENV GOSU_VERSION=1.7 -ENV GOSU_SHASUM="34049cfc713e8b74b90d6de49690fa601dc040021980812b2f1f691534be8a50 /usr/local/bin/gosu" - -RUN mkdir /user && adduser -S -h /user i2p && chown -R i2p:nobody /user - -# Adding files first, since Docker.expt is required for installation -ADD Docker.expt /tmp/Docker.expt -ADD Docker.entrypoint.sh /entrypoint.sh - -# Required for wget https -RUN apk add --no-cache openssl -# Gosu is a replacement for su/sudo in docker and not a backdoor :) See https://github.com/tianon/gosu -RUN wget -O /usr/local/bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 \ - && echo "${GOSU_SHASUM}" | sha256sum -c && chmod +x /usr/local/bin/gosu - -# -# Each RUN is a layer, adding the dependencies and building i2pd in one layer takes around 8-900Mb, so to keep the -# image under 200mb we need to remove all the build dependencies in the same "RUN" / layer. -# - -# The main layer -RUN apk --no-cache add build-base git gettext tar bzip2 apache-ant openjdk8 expect \ - && mkdir -p /usr/src/build \ - && cd /usr/src/build \ - && git clone -b ${GIT_BRANCH} https://github.com/i2p/i2p.i2p.git \ - && cd /usr/src/build/i2p.i2p \ - && echo "noExe=true" >> build.properties \ - && ant installer-linux \ - && cp i2pinstall*.jar /tmp/i2pinstall.jar \ - && mkdir -p /opt \ - && chown i2p:root /opt \ - && chmod u+rw /opt \ - && gosu i2p expect -f /tmp/Docker.expt \ - && cd ${I2P_PREFIX} \ - && rm -fr man docs *.bat *.command *.app /tmp/i2pinstall.jar /tmp/Docker.expt \ - && rm -fr /usr/src/build \ - && apk --purge del build-base apache-ant expect tcl expat git openjdk8 openjdk8-jre openjdk8-jre-base openjdk8-jre-lib bzip2 tar \ - binutils-libs binutils pkgconfig libcurl libc-dev musl-dev g++ make fortify-headers pkgconf giflib libssh2 libxdmcp libxcb \ - libx11 pcre alsa-lib libxi libxrender libxml2 readline bash openssl \ - && rm -fr /usr/lib/jvm/default-jre \ - && ln -sf /opt/jdk/jre /usr/lib/jvm/default-jre \ - && chmod a+x /entrypoint.sh +# "install" i2p by copying over installed files +COPY --from=builder /opt/i2p ${I2P_PREFIX} +# Setup user and fix permissions in +RUN adduser --system --uid ${I2P_UID} --home /user ${I2P_USER} \ + && chown -R ${I2P_USER} /user \ + && chown -R ${I2P_USER} ${I2P_PREFIX} \ + && chmod -R u+rwx ${I2P_PREFIX} EXPOSE 7654 7656 7657 7658 4444 6668 8998 7659 7660 4445 15000-20000 -ENTRYPOINT [ "/entrypoint.sh" ] +USER i2p +ENTRYPOINT [ "/opt/i2p/i2psvc" ] +CMD [ "/opt/i2p/wrapper.config", "wrapper.pidfile=/var/tmp/i2p.pid", "wrapper.name=i2p", "wrapper.displayname=\"I2P Service\"" , "wrapper.statusfile=/var/tmp/i2p.status", "wrapper.java.statusfile=/var/tmp/i2p.java.status", "wrapper.logfile=/var/tmp/wrapper.log" ] From fb317b44ba3f402be1c8083793b6990db7345018 Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Sat, 23 Jan 2021 22:32:10 +0100 Subject: [PATCH 2/8] CI: make sure we can build Docker image --- .gitlab-ci.yml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 72a2732885..0eee974015 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -22,3 +22,41 @@ test: only: - merge_requests - tags + +# Make sure we can build a docker image +# It's cached for later jobs +build_docker: + stage: test + image: docker:19.03.12 + services: + - docker:19.03.12-dind + script: + # Try to load latest branch image from local tar or from registry + - docker load ci-exports/$CI_COMMIT_REF_SLUG.tar || docker pull $CI_REGISTRY_IMAGE:latest || true + - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:latest . + - mkdir -p ci-exports/ + - docker save $CI_REGISTRY_IMAGE:latest > ci-exports/$CI_COMMIT_REF_SLUG.tar + variables: + # When using dind service, we need to instruct docker to talk with + # the daemon started inside of the service. The daemon is available + # with a network connection instead of the default + # /var/run/docker.sock socket. Docker 19.03 does this automatically + # by setting the DOCKER_HOST in + # https://github.com/docker-library/docker/blob/d45051476babc297257df490d22cbd806f1b11e4/19.03/docker-entrypoint.sh#L23-L29 + # + # The 'docker' hostname is the alias of the service container as described at + # https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#accessing-the-services. + # + # Specify to Docker where to create the certificates, Docker will + # create them automatically on boot, and will create + # `/certs/client` that will be shared between the service and job + # container, thanks to volume mount from config.toml + DOCKER_TLS_CERTDIR: "/certs" + # Use TLS https://docs.gitlab.com/ee/ci/docker/using_docker_build.html#tls-enabled + DOCKER_HOST: tcp://docker:2376 + cache: + # The same key should be used across branches + key: "$CI_COMMIT_REF_SLUG" + paths: + - ci-exports/*.tar + From b47269f14efdf8294f4d391b2c6922c371f9bf5c Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Sat, 23 Jan 2021 22:36:56 +0100 Subject: [PATCH 3/8] CI: Fix docker load command It wasn't working at all which mean we would never use the cache --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 0eee974015..19b0fb3ac0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -32,7 +32,7 @@ build_docker: - docker:19.03.12-dind script: # Try to load latest branch image from local tar or from registry - - docker load ci-exports/$CI_COMMIT_REF_SLUG.tar || docker pull $CI_REGISTRY_IMAGE:latest || true + - docker load -i ci-exports/$CI_COMMIT_REF_SLUG.tar || docker pull $CI_REGISTRY_IMAGE:latest || true - docker build --cache-from $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:latest . - mkdir -p ci-exports/ - docker save $CI_REGISTRY_IMAGE:latest > ci-exports/$CI_COMMIT_REF_SLUG.tar From 4a9131c39dce14685c7c90634a02e26a8706069c Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Sat, 23 Jan 2021 22:37:29 +0100 Subject: [PATCH 4/8] CI: Add build_docker job conditions We shouldn't build it for every single branch and commit --- .gitlab-ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 19b0fb3ac0..e4c9e65ec7 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -59,4 +59,8 @@ build_docker: key: "$CI_COMMIT_REF_SLUG" paths: - ci-exports/*.tar + only: + - master + - merge_requests + - tags From c87e74ea1d66ec02cb969ae55527fe17ee6305c7 Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Sat, 23 Jan 2021 22:56:10 +0100 Subject: [PATCH 5/8] CI: Move build_docker to build stage --- .gitlab-ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index e4c9e65ec7..9aaf5aa013 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -2,6 +2,7 @@ image: openjdk:8-alpine stages: - test + - build cache: key: ${CI_COMMIT_REF_SLUG} @@ -26,7 +27,7 @@ test: # Make sure we can build a docker image # It's cached for later jobs build_docker: - stage: test + stage: build image: docker:19.03.12 services: - docker:19.03.12-dind From bd1017ba92d9cccca721c0ee99c545e5fcb43093 Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Mon, 25 Jan 2021 22:00:12 +0100 Subject: [PATCH 6/8] Docker: Expose only the ports necessary The range of 5k ports should be replaced by a more precise choice of ports. It also pollutes the `docker inspect` output with 5k more lines. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 24427afd14..8d5597cf49 100644 --- a/Dockerfile +++ b/Dockerfile @@ -38,7 +38,7 @@ RUN adduser --system --uid ${I2P_UID} --home /user ${I2P_USER} \ && chown -R ${I2P_USER} ${I2P_PREFIX} \ && chmod -R u+rwx ${I2P_PREFIX} -EXPOSE 7654 7656 7657 7658 4444 6668 8998 7659 7660 4445 15000-20000 +EXPOSE 7654 7656 7657 7658 4444 6668 8998 7659 7660 4445 USER i2p ENTRYPOINT [ "/opt/i2p/i2psvc" ] From acbb8d1a24506b569b44c46919a03ebfde9f8fa1 Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Mon, 25 Jan 2021 22:30:04 +0100 Subject: [PATCH 7/8] Docker: Preconfigure clients and tunnels The follow clients and tunnels are available on all interfaces (0.0.0.0) of the container: - routerconsole - SAM - I2P HTTP Proxy - Irc2P --- Dockerfile | 1 + docker/clients.config | 61 +++++++++++++++ docker/i2ptunnel.config | 161 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 223 insertions(+) create mode 100644 docker/clients.config create mode 100644 docker/i2ptunnel.config diff --git a/Dockerfile b/Dockerfile index 8d5597cf49..8f591f87fe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,6 +31,7 @@ ENV PATH=${I2P_PREFIX}/bin:$PATH # "install" i2p by copying over installed files COPY --from=builder /opt/i2p ${I2P_PREFIX} +COPY docker/* /opt/i2p/ # Setup user and fix permissions in RUN adduser --system --uid ${I2P_UID} --home /user ${I2P_USER} \ diff --git a/docker/clients.config b/docker/clients.config new file mode 100644 index 0000000000..190dc9c698 --- /dev/null +++ b/docker/clients.config @@ -0,0 +1,61 @@ +# NOTE: This I2P config file must use UTF-8 encoding +# +# If you have a 'split' directory installation, with configuration +# files in ~/.i2p (Linux), %LOCALAPPDATA%\I2P (Windows), +# or /Users/(user)/Library/Application Support/i2p (Mac), be sure to +# edit the file in the configuration directory, NOT the install directory. +# When running as a Linux daemon, the configuration directory is /var/lib/i2p +# and the install directory is /usr/share/i2p . +# When running as a Windows service, the configuration directory is \ProgramData\i2p +# and the install directory is \Program Files\i2p . +# +# On first run, this file will be split into individual config files +# in clients.config.d/ in the configuration directory. +# Look in that directory for the file to edit. +# + +# fire up the web console +## There are several choices, here are some examples: +## non-SSL, bind to local IPv4 only +#clientApp.0.args=7657 127.0.0.1 ./webapps/ +## non-SSL, bind to local IPv6 only +#clientApp.0.args=7657 ::1 ./webapps/ +## non-SSL, bind to all IPv4 addresses +#clientApp.0.args=7657 0.0.0.0 ./webapps/ +## non-SSL, bind to all IPv6 addresses +#clientApp.0.args=7657 :: ./webapps/ +## For SSL only, change clientApp.4.args below to https:// +## SSL only +#clientApp.0.args=-s 7657 ::1,127.0.0.1 ./webapps/ +## non-SSL and SSL +#clientApp.0.args=7657 ::1,127.0.0.1 -s 7667 ::1,127.0.0.1 ./webapps/ +## non-SSL only, both IPv6 and IPv4 local interfaces +clientApp.0.args=7657 0.0.0.0 ./webapps/ +clientApp.0.main=net.i2p.router.web.RouterConsoleRunner +clientApp.0.name=webConsole +clientApp.0.onBoot=true + +# start up the SAM bridge so other client apps can connect +clientApp.1.main=net.i2p.sam.SAMBridge +clientApp.1.name=SAMBridge +clientApp.1.args=sam.keys 0.0.0.0 7656 i2cp.tcp.host=localhost i2cp.tcp.port=7654 +clientApp.1.startOnLoad=false + +# poke the i2ptunnels defined in i2ptunnel.config +clientApp.2.main=net.i2p.i2ptunnel.TunnelControllerGroup +clientApp.2.name=Tunnels +clientApp.2.args=i2ptunnel.config + +# run our own eepsite with a seperate jetty instance +clientApp.3.main=org.mortbay.jetty.Server +clientApp.3.name=eepsite +clientApp.3.args=eepsite/jetty.xml +clientApp.3.delay=30 +clientApp.3.startOnLoad=false + +# load a browser pointing at the web console whenever we start up +clientApp.4.main=net.i2p.apps.systray.UrlLauncher +clientApp.4.name=consoleBrowser +clientApp.4.args=http://localhost:7657/ +clientApp.4.delay=5 +clientApp.4.startOnLoad=false diff --git a/docker/i2ptunnel.config b/docker/i2ptunnel.config new file mode 100644 index 0000000000..8ff8eb3547 --- /dev/null +++ b/docker/i2ptunnel.config @@ -0,0 +1,161 @@ +# NOTE: This I2P config file must use UTF-8 encoding +# +# If you have a 'split' directory installation, with configuration +# files in ~/.i2p (Linux), %LOCALAPPDATA%\I2P (Windows), +# or /Users/(user)/Library/Application Support/i2p (Mac), be sure to +# edit the file in the configuration directory, NOT the install directory. +# When running as a Linux daemon, the configuration directory is /var/lib/i2p +# and the install directory is /usr/share/i2p . +# When running as a Windows service, the configuration directory is \ProgramData\i2p +# and the install directory is \Program Files\i2p . +# +# On first run, this file will be split into individual config files +# in i2ptunnel.config.d/ in the configuration directory. +# Look in that directory for the file to edit. +# + +# eepproxy +tunnel.0.name=I2P HTTP Proxy +tunnel.0.description=HTTP proxy for browsing eepsites and the web +tunnel.0.type=httpclient +tunnel.0.sharedClient=true +tunnel.0.interface=0.0.0.0 +tunnel.0.listenPort=4444 +tunnel.0.proxyList=false.i2p +tunnel.0.i2cpHost=127.0.0.1 +tunnel.0.i2cpPort=7654 +tunnel.0.option.inbound.nickname=shared clients +tunnel.0.option.outbound.nickname=shared clients +tunnel.0.option.i2cp.leaseSetEncType=4,0 +tunnel.0.option.i2cp.reduceIdleTime=900000 +tunnel.0.option.i2cp.reduceOnIdle=true +tunnel.0.option.i2cp.reduceQuantity=1 +tunnel.0.option.i2p.streaming.connectDelay=1000 +tunnel.0.option.i2ptunnel.httpclient.SSLOutproxies=false.i2p +tunnel.0.option.inbound.length=3 +tunnel.0.option.inbound.lengthVariance=0 +tunnel.0.option.outbound.length=3 +tunnel.0.option.outbound.lengthVariance=0 +tunnel.0.option.outbound.priority=10 +tunnel.0.startOnLoad=true + +# irc +tunnel.1.name=Irc2P +tunnel.1.description=IRC tunnel to access the Irc2P network +tunnel.1.type=ircclient +tunnel.1.sharedClient=false +tunnel.1.interface=0.0.0.0 +tunnel.1.listenPort=6668 +tunnel.1.targetDestination=irc.postman.i2p:6667,irc.echelon.i2p:6667 +tunnel.1.i2cpHost=127.0.0.1 +tunnel.1.i2cpPort=7654 +tunnel.1.option.inbound.nickname=Irc2P +tunnel.1.option.outbound.nickname=Irc2P +tunnel.1.option.i2cp.closeIdleTime=1200000 +tunnel.1.option.i2cp.closeOnIdle=true +tunnel.1.option.i2cp.delayOpen=true +tunnel.1.option.i2cp.destination.sigType=7 +tunnel.1.option.i2cp.leaseSetEncType=4,0 +tunnel.1.option.i2cp.newDestOnResume=false +tunnel.1.option.i2cp.reduceIdleTime=600000 +tunnel.1.option.i2cp.reduceOnIdle=true +tunnel.1.option.i2cp.reduceQuantity=1 +tunnel.1.option.i2p.streaming.connectDelay=1000 +tunnel.1.option.i2p.streaming.maxWindowSize=16 +tunnel.1.option.inbound.length=3 +tunnel.1.option.inbound.lengthVariance=0 +tunnel.1.option.outbound.length=3 +tunnel.1.option.outbound.lengthVariance=0 +tunnel.1.option.outbound.priority=15 +tunnel.1.startOnLoad=true + +# local eepserver +tunnel.3.name=I2P webserver +tunnel.3.description=My eepsite +tunnel.3.type=httpserver +tunnel.3.targetHost=127.0.0.1 +tunnel.3.targetPort=7658 +tunnel.3.spoofedHost=mysite.i2p +tunnel.3.privKeyFile=eepsite/eepPriv.dat +tunnel.3.i2cpHost=127.0.0.1 +tunnel.3.i2cpPort=7654 +tunnel.3.option.inbound.nickname=eepsite +tunnel.3.option.outbound.nickname=eepsite +tunnel.3.option.i2cp.destination.sigType=7 +tunnel.3.option.i2cp.leaseSetEncType=4,0 +tunnel.3.option.inbound.length=3 +tunnel.3.option.inbound.lengthVariance=0 +tunnel.3.option.outbound.length=3 +tunnel.3.option.outbound.lengthVariance=0 +# uncomment for HTTPS to port 7668 +#tunnel.3.option.targetForPort.443=127.0.0.1:7668 +tunnel.3.startOnLoad=false + +# postman's SMTP server - see hq.postman.i2p +tunnel.4.description=smtp server +tunnel.4.i2cpHost=127.0.0.1 +tunnel.4.i2cpPort=7654 +tunnel.4.interface=127.0.0.1 +tunnel.4.listenPort=7659 +tunnel.4.name=smtp.postman.i2p +tunnel.4.option.inbound.nickname=shared clients +tunnel.4.option.outbound.nickname=shared clients +tunnel.4.option.i2cp.leaseSetEncType=4,0 +tunnel.4.option.i2cp.reduceIdleTime=900000 +tunnel.4.option.i2cp.reduceOnIdle=true +tunnel.4.option.i2cp.reduceQuantity=1 +tunnel.4.option.inbound.length=3 +tunnel.4.option.inbound.lengthVariance=0 +tunnel.4.option.outbound.length=3 +tunnel.4.option.outbound.lengthVariance=0 +tunnel.4.startOnLoad=true +tunnel.4.targetDestination=smtp.postman.i2p:25 +tunnel.4.type=client +tunnel.4.sharedClient=true + +# postman's POP3 server - see hq.postman.i2p +tunnel.2.name=pop3.postman.i2p +tunnel.2.description=pop3 server +tunnel.2.i2cpHost=127.0.0.1 +tunnel.2.i2cpPort=7654 +tunnel.2.interface=127.0.0.1 +tunnel.2.listenPort=7660 +tunnel.2.option.inbound.nickname=shared clients +tunnel.2.option.outbound.nickname=shared clients +tunnel.2.option.i2cp.leaseSetEncType=4,0 +tunnel.2.option.i2cp.reduceIdleTime=900000 +tunnel.2.option.i2cp.reduceOnIdle=true +tunnel.2.option.i2cp.reduceQuantity=1 +tunnel.2.option.i2p.streaming.connectDelay=1000 +tunnel.2.option.inbound.length=3 +tunnel.2.option.inbound.lengthVariance=0 +tunnel.2.option.outbound.length=3 +tunnel.2.option.outbound.lengthVariance=0 +tunnel.2.startOnLoad=true +tunnel.2.targetDestination=pop.postman.i2p:110 +tunnel.2.type=client +tunnel.2.sharedClient=true + +# HTTPS (CONNECT) outproxy +tunnel.5.name=I2P HTTPS Proxy +tunnel.5.description=HTTPS proxy for browsing eepsites and the web +tunnel.5.type=connectclient +tunnel.5.sharedClient=true +tunnel.5.interface=127.0.0.1 +tunnel.5.listenPort=4445 +tunnel.5.proxyList=outproxy-tor.meeh.i2p +tunnel.5.i2cpHost=127.0.0.1 +tunnel.5.i2cpPort=7654 +tunnel.5.option.inbound.nickname=shared clients +tunnel.5.option.outbound.nickname=shared clients +tunnel.5.option.i2cp.leaseSetEncType=4,0 +tunnel.5.option.i2cp.reduceIdleTime=900000 +tunnel.5.option.i2cp.reduceOnIdle=true +tunnel.5.option.i2cp.reduceQuantity=1 +tunnel.5.option.i2p.streaming.connectDelay=1000 +tunnel.5.option.inbound.length=3 +tunnel.5.option.inbound.lengthVariance=0 +tunnel.5.option.outbound.length=3 +tunnel.5.option.outbound.lengthVariance=0 +tunnel.5.startOnLoad=true + From b2f4445f50c98d8ee6b85b6acd2b356b38005295 Mon Sep 17 00:00:00 2001 From: LoveIsGrief Date: Wed, 27 Jan 2021 15:04:05 +0100 Subject: [PATCH 8/8] CI:build_docker: cache entire ci-exports/ folder Restoring cached globbed files doesn't seem to work. The folder only contains a single file anyway, so it shouldn't endlessly grow in size. --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 9aaf5aa013..25fff4f7dd 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -59,7 +59,7 @@ build_docker: # The same key should be used across branches key: "$CI_COMMIT_REF_SLUG" paths: - - ci-exports/*.tar + - ci-exports/ only: - master - merge_requests