commit e729470a2747af68a6104ae3419dbe7cfa526567 · www.zenfyr.dev/composition

+121

LICENSE

···

       1
       1
       +
       Creative Commons Legal Code

     

       2
       2
       +
       

     

       3
       3
       +
       CC0 1.0 Universal

     

       4
       4
       +
       

     

       5
       5
       +
           CREATIVE COMMONS CORPORATION IS NOT A LAW FIRM AND DOES NOT PROVIDE

     

       6
       6
       +
           LEGAL SERVICES. DISTRIBUTION OF THIS DOCUMENT DOES NOT CREATE AN

     

       7
       7
       +
           ATTORNEY-CLIENT RELATIONSHIP. CREATIVE COMMONS PROVIDES THIS

     

       8
       8
       +
           INFORMATION ON AN "AS-IS" BASIS. CREATIVE COMMONS MAKES NO WARRANTIES

     

       9
       9
       +
           REGARDING THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS

     

       10
       10
       +
           PROVIDED HEREUNDER, AND DISCLAIMS LIABILITY FOR DAMAGES RESULTING FROM

     

       11
       11
       +
           THE USE OF THIS DOCUMENT OR THE INFORMATION OR WORKS PROVIDED

     

       12
       12
       +
           HEREUNDER.

     

       13
       13
       +
       

     

       14
       14
       +
       Statement of Purpose

     

       15
       15
       +
       

     

       16
       16
       +
       The laws of most jurisdictions throughout the world automatically confer

     

       17
       17
       +
       exclusive Copyright and Related Rights (defined below) upon the creator

     

       18
       18
       +
       and subsequent owner(s) (each and all, an "owner") of an original work of

     

       19
       19
       +
       authorship and/or a database (each, a "Work").

     

       20
       20
       +
       

     

       21
       21
       +
       Certain owners wish to permanently relinquish those rights to a Work for

     

       22
       22
       +
       the purpose of contributing to a commons of creative, cultural and

     

       23
       23
       +
       scientific works ("Commons") that the public can reliably and without fear

     

       24
       24
       +
       of later claims of infringement build upon, modify, incorporate in other

     

       25
       25
       +
       works, reuse and redistribute as freely as possible in any form whatsoever

     

       26
       26
       +
       and for any purposes, including without limitation commercial purposes.

     

       27
       27
       +
       These owners may contribute to the Commons to promote the ideal of a free

     

       28
       28
       +
       culture and the further production of creative, cultural and scientific

     

       29
       29
       +
       works, or to gain reputation or greater distribution for their Work in

     

       30
       30
       +
       part through the use and efforts of others.

     

       31
       31
       +
       

     

       32
       32
       +
       For these and/or other purposes and motivations, and without any

     

       33
       33
       +
       expectation of additional consideration or compensation, the person

     

       34
       34
       +
       associating CC0 with a Work (the "Affirmer"), to the extent that he or she

     

       35
       35
       +
       is an owner of Copyright and Related Rights in the Work, voluntarily

     

       36
       36
       +
       elects to apply CC0 to the Work and publicly distribute the Work under its

     

       37
       37
       +
       terms, with knowledge of his or her Copyright and Related Rights in the

     

       38
       38
       +
       Work and the meaning and intended legal effect of CC0 on those rights.

     

       39
       39
       +
       

     

       40
       40
       +
       1. Copyright and Related Rights. A Work made available under CC0 may be

     

       41
       41
       +
       protected by copyright and related or neighboring rights ("Copyright and

     

       42
       42
       +
       Related Rights"). Copyright and Related Rights include, but are not

     

       43
       43
       +
       limited to, the following:

     

       44
       44
       +
       

     

       45
       45
       +
         i. the right to reproduce, adapt, distribute, perform, display,

     

       46
       46
       +
            communicate, and translate a Work;

     

       47
       47
       +
        ii. moral rights retained by the original author(s) and/or performer(s);

     

       48
       48
       +
       iii. publicity and privacy rights pertaining to a person's image or

     

       49
       49
       +
            likeness depicted in a Work;

     

       50
       50
       +
        iv. rights protecting against unfair competition in regards to a Work,

     

       51
       51
       +
            subject to the limitations in paragraph 4(a), below;

     

       52
       52
       +
         v. rights protecting the extraction, dissemination, use and reuse of data

     

       53
       53
       +
            in a Work;

     

       54
       54
       +
        vi. database rights (such as those arising under Directive 96/9/EC of the

     

       55
       55
       +
            European Parliament and of the Council of 11 March 1996 on the legal

     

       56
       56
       +
            protection of databases, and under any national implementation

     

       57
       57
       +
            thereof, including any amended or successor version of such

     

       58
       58
       +
            directive); and

     

       59
       59
       +
       vii. other similar, equivalent or corresponding rights throughout the

     

       60
       60
       +
            world based on applicable law or treaty, and any national

     

       61
       61
       +
            implementations thereof.

     

       62
       62
       +
       

     

       63
       63
       +
       2. Waiver. To the greatest extent permitted by, but not in contravention

     

       64
       64
       +
       of, applicable law, Affirmer hereby overtly, fully, permanently,

     

       65
       65
       +
       irrevocably and unconditionally waives, abandons, and surrenders all of

     

       66
       66
       +
       Affirmer's Copyright and Related Rights and associated claims and causes

     

       67
       67
       +
       of action, whether now known or unknown (including existing as well as

     

       68
       68
       +
       future claims and causes of action), in the Work (i) in all territories

     

       69
       69
       +
       worldwide, (ii) for the maximum duration provided by applicable law or

     

       70
       70
       +
       treaty (including future time extensions), (iii) in any current or future

     

       71
       71
       +
       medium and for any number of copies, and (iv) for any purpose whatsoever,

     

       72
       72
       +
       including without limitation commercial, advertising or promotional

     

       73
       73
       +
       purposes (the "Waiver"). Affirmer makes the Waiver for the benefit of each

     

       74
       74
       +
       member of the public at large and to the detriment of Affirmer's heirs and

     

       75
       75
       +
       successors, fully intending that such Waiver shall not be subject to

     

       76
       76
       +
       revocation, rescission, cancellation, termination, or any other legal or

     

       77
       77
       +
       equitable action to disrupt the quiet enjoyment of the Work by the public

     

       78
       78
       +
       as contemplated by Affirmer's express Statement of Purpose.

     

       79
       79
       +
       

     

       80
       80
       +
       3. Public License Fallback. Should any part of the Waiver for any reason

     

       81
       81
       +
       be judged legally invalid or ineffective under applicable law, then the

     

       82
       82
       +
       Waiver shall be preserved to the maximum extent permitted taking into

     

       83
       83
       +
       account Affirmer's express Statement of Purpose. In addition, to the

     

       84
       84
       +
       extent the Waiver is so judged Affirmer hereby grants to each affected

     

       85
       85
       +
       person a royalty-free, non transferable, non sublicensable, non exclusive,

     

       86
       86
       +
       irrevocable and unconditional license to exercise Affirmer's Copyright and

     

       87
       87
       +
       Related Rights in the Work (i) in all territories worldwide, (ii) for the

     

       88
       88
       +
       maximum duration provided by applicable law or treaty (including future

     

       89
       89
       +
       time extensions), (iii) in any current or future medium and for any number

     

       90
       90
       +
       of copies, and (iv) for any purpose whatsoever, including without

     

       91
       91
       +
       limitation commercial, advertising or promotional purposes (the

     

       92
       92
       +
       "License"). The License shall be deemed effective as of the date CC0 was

     

       93
       93
       +
       applied by Affirmer to the Work. Should any part of the License for any

     

       94
       94
       +
       reason be judged legally invalid or ineffective under applicable law, such

     

       95
       95
       +
       partial invalidity or ineffectiveness shall not invalidate the remainder

     

       96
       96
       +
       of the License, and in such case Affirmer hereby affirms that he or she

     

       97
       97
       +
       will not (i) exercise any of his or her remaining Copyright and Related

     

       98
       98
       +
       Rights in the Work or (ii) assert any associated claims and causes of

     

       99
       99
       +
       action with respect to the Work, in either case contrary to Affirmer's

     

       100
       100
       +
       express Statement of Purpose.

     

       101
       101
       +
       

     

       102
       102
       +
       4. Limitations and Disclaimers.

     

       103
       103
       +
       

     

       104
       104
       +
        a. No trademark or patent rights held by Affirmer are waived, abandoned,

     

       105
       105
       +
           surrendered, licensed or otherwise affected by this document.

     

       106
       106
       +
        b. Affirmer offers the Work as-is and makes no representations or

     

       107
       107
       +
           warranties of any kind concerning the Work, express, implied,

     

       108
       108
       +
           statutory or otherwise, including without limitation warranties of

     

       109
       109
       +
           title, merchantability, fitness for a particular purpose, non

     

       110
       110
       +
           infringement, or the absence of latent or other defects, accuracy, or

     

       111
       111
       +
           the present or absence of errors, whether or not discoverable, all to

     

       112
       112
       +
           the greatest extent permissible under applicable law.

     

       113
       113
       +
        c. Affirmer disclaims responsibility for clearing rights of other persons

     

       114
       114
       +
           that may apply to the Work or any use thereof, including without

     

       115
       115
       +
           limitation any person's Copyright and Related Rights in the Work.

     

       116
       116
       +
           Further, Affirmer disclaims responsibility for obtaining any necessary

     

       117
       117
       +
           consents, permissions or other rights required for any use of the

     

       118
       118
       +
           Work.

     

       119
       119
       +
        d. Affirmer understands and acknowledges that Creative Commons is not a

     

       120
       120
       +
           party to this document and has no duty or obligation with respect to

     

       121
       121
       +
           this CC0 or use of the Work.

README.md

···

       1
       1
       +
       # composition

     

       2
       2
       +
       

     

       3
       3
       +
       a collection of docker-compose related stuff, mainly service configs

+57

i2pd-tools/Dockerfile

···

       1
       1
       +
       # Use the official Debian stable slim image

     

       2
       2
       +
       FROM debian:stable-slim AS base

     

       3
       3
       +
       

     

       4
       4
       +
       # prevent interactive prompts during package installation

     

       5
       5
       +
       ARG DEBIAN_FRONTEND=noninteractive

     

       6
       6
       +
       

     

       7
       7
       +
       # Install dependencies

     

       8
       8
       +
       RUN apt-get update && apt-get install -y --no-install-recommends \

     

       9
       9
       +
             libboost-dev \

     

       10
       10
       +
             libboost-chrono-dev \

     

       11
       11
       +
             libboost-date-time-dev \

     

       12
       12
       +
             libboost-filesystem-dev \

     

       13
       13
       +
             libboost-program-options-dev \

     

       14
       14
       +
             libboost-system-dev \

     

       15
       15
       +
             libboost-thread-dev \

     

       16
       16
       +
             libssl-dev \

     

       17
       17
       +
             zlib1g-dev

     

       18
       18
       +
             

     

       19
       19
       +
       FROM base AS builder

     

       20
       20
       +
       

     

       21
       21
       +
       # Install build dependencies

     

       22
       22
       +
       RUN apt-get install -y --no-install-recommends \

     

       23
       23
       +
             make \

     

       24
       24
       +
             gcc g++

     

       25
       25
       +
       

     

       26
       26
       +
       # Copy sources into the layer

     

       27
       27
       +
       COPY . /opt/i2pd-tools

     

       28
       28
       +
       WORKDIR /opt/i2pd-tools

     

       29
       29
       +
       

     

       30
       30
       +
       # Build all the tools

     

       31
       31
       +
       RUN make -j"$(nproc)"

     

       32
       32
       +
       

     

       33
       33
       +
       FROM base

     

       34
       34
       +
       

     

       35
       35
       +
       # Copy binaries to base layer

     

       36
       36
       +
       COPY --from=builder \

     

       37
       37
       +
             /opt/i2pd-tools/autoconf \

     

       38
       38
       +
             /opt/i2pd-tools/keygen \

     

       39
       39
       +
             /opt/i2pd-tools/keyinfo \

     

       40
       40
       +
             /opt/i2pd-tools/famtool \

     

       41
       41
       +
             /opt/i2pd-tools/i2pbase64 \

     

       42
       42
       +
             /opt/i2pd-tools/regaddr \

     

       43
       43
       +
             /opt/i2pd-tools/regaddralias \

     

       44
       44
       +
             /opt/i2pd-tools/routerinfo \

     

       45
       45
       +
             /opt/i2pd-tools/vain \

     

       46
       46
       +
             /opt/i2pd-tools/b33address \

     

       47
       47
       +
             /opt/i2pd-tools/offlinekeys \

     

       48
       48
       +
             /opt/i2pd-tools/regaddr_3ld \

     

       49
       49
       +
             /opt/i2pd-tools/verifyhost \

     

       50
       50
       +
             /opt/i2pd-tools/x25519 \

     

       51
       51
       +
             /usr/local/bin/

     

       52
       52
       +
       

     

       53
       53
       +
       WORKDIR /data

     

       54
       54
       +
       

     

       55
       55
       +
       # Drop into a shell by default so you can run any tool interactively

     

       56
       56
       +
       CMD ["bash"]

     

       57
       57
       +

+21

i2pd-tools/README.md

···

       1
       1
       +
       # i2pd-tools

     

       2
       2
       +
       

     

       3
       3
       +
       this is a Dockerfile for [i2pd-tools](https://github.com/purplei2p/i2pd-tools), mainly to use with `vain`.

     

       4
       4
       +
       

     

       5
       5
       +
       to build, first clone the i2pd-tools repo:

     

       6
       6
       +
       

     

       7
       7
       +
       ```

     

       8
       8
       +
       git clone --recursive https://github.com/purplei2p/i2pd-tools

     

       9
       9
       +
       ```

     

       10
       10
       +
       

     

       11
       11
       +
       then:

     

       12
       12
       +
       

     

       13
       13
       +
       ```

     

       14
       14
       +
       docker build -t melontini/i2pd-tools .

     

       15
       15
       +
       ```

     

       16
       16
       +
       

     

       17
       17
       +
       now you can run, for example, `vain` to get a vanity address:

     

       18
       18
       +
       

     

       19
       19
       +
       ```

     

       20
       20
       +
       docker run --rm -it -v "$PWD":/data melontini/i2pd-tools:latest vain hawk2

     

       21
       21
       +
       ```

+14

i2pd/README.md

···

       1
       1
       +
       # i2pd

     

       2
       2
       +
       

     

       3
       3
       +
       based on the https://hub.docker.com/r/purplei2p/i2pd image. this doesn't require host networking, but this config uses it anyway because it's easier.

     

       4
       4
       +
       

     

       5
       5
       +
       if you're facing permission issues, before starting, make the data dir world writable.

     

       6
       6
       +
       

     

       7
       7
       +
       ```

     

       8
       8
       +
       mkdir -p ./data

     

       9
       9
       +
       chmod -R 777 ./data

     

       10
       10
       +
       ```

     

       11
       11
       +
       

     

       12
       12
       +
       check and modify i2pd.conf and tunnels.conf before starting the service! enables ssh access over i2p on port 22 by default!

     

       13
       13
       +
       

     

       14
       14
       +
       learn more about i2p https://geti2p.net/en/ and i2pd https://i2pd.website/

i2pd/compose.yml

···

       1
       1
       +
       services:

     

       2
       2
       +
         i2pd:

     

       3
       3
       +
           image: purplei2p/i2pd

     

       4
       4
       +
           container_name: i2pd

     

       5
       5
       +
           network_mode: host

     

       6
       6
       +
           restart: unless-stopped

     

       7
       7
       +
           volumes:

     

       8
       8
       +
             - "./data:/home/i2pd/data"

+279

i2pd/data/i2pd.conf

···

       1
       1
       +
       ## Configuration file for a typical i2pd user

     

       2
       2
       +
       ## See https://i2pd.readthedocs.io/en/latest/user-guide/configuration/

     

       3
       3
       +
       ## for more options you can use in this file.

     

       4
       4
       +
       

     

       5
       5
       +
       ## Lines that begin with "## " try to explain what's going on. Lines

     

       6
       6
       +
       ## that begin with just "#" are disabled commands: you can enable them

     

       7
       7
       +
       ## by removing the "#" symbol.

     

       8
       8
       +
       

     

       9
       9
       +
       ## Tunnels config file

     

       10
       10
       +
       ## Default: ~/.i2pd/tunnels.conf or /var/lib/i2pd/tunnels.conf

     

       11
       11
       +
       # tunconf = /var/lib/i2pd/tunnels.conf

     

       12
       12
       +
       

     

       13
       13
       +
       ## Tunnels config files path

     

       14
       14
       +
       ## Use that path to store separated tunnels in different config files.

     

       15
       15
       +
       ## Default: ~/.i2pd/tunnels.d or /var/lib/i2pd/tunnels.d

     

       16
       16
       +
       # tunnelsdir = /var/lib/i2pd/tunnels.d

     

       17
       17
       +
       

     

       18
       18
       +
       ## Path to certificates used for verifying .su3, families

     

       19
       19
       +
       ## Default: ~/.i2pd/certificates or /var/lib/i2pd/certificates

     

       20
       20
       +
       # certsdir = /var/lib/i2pd/certificates

     

       21
       21
       +
       

     

       22
       22
       +
       ## Where to write pidfile (default: /run/i2pd.pid, not used in Windows)

     

       23
       23
       +
       # pidfile = /run/i2pd.pid

     

       24
       24
       +
       

     

       25
       25
       +
       ## Logging configuration section

     

       26
       26
       +
       ## By default logs go to stdout with level 'info' and higher

     

       27
       27
       +
       ## For Windows OS by default logs go to file with level 'warn' and higher

     

       28
       28
       +
       ##

     

       29
       29
       +
       ## Logs destination (valid values: stdout, file, syslog)

     

       30
       30
       +
       ##  * stdout - print log entries to stdout

     

       31
       31
       +
       ##  * file - log entries to a file

     

       32
       32
       +
       ##  * syslog - use syslog, see man 3 syslog

     

       33
       33
       +
       # log = file

     

       34
       34
       +
       ## Path to logfile (default: autodetect)

     

       35
       35
       +
       # logfile = /var/log/i2pd/i2pd.log

     

       36
       36
       +
       ## Log messages above this level (debug, info, *warn, error, critical, none)

     

       37
       37
       +
       ## If you set it to none, logging will be disabled

     

       38
       38
       +
       # loglevel = warn

     

       39
       39
       +
       ## Write full CLF-formatted date and time to log (default: write only time)

     

       40
       40
       +
       # logclftime = true

     

       41
       41
       +
       

     

       42
       42
       +
       ## Daemon mode. Router will go to background after start. Ignored on Windows

     

       43
       43
       +
       ## (default: true)

     

       44
       44
       +
       # daemon = true

     

       45
       45
       +
       

     

       46
       46
       +
       ## Specify a family, router belongs to (default - none)

     

       47
       47
       +
       # family =

     

       48
       48
       +
       

     

       49
       49
       +
       ## Network interface to bind to

     

       50
       50
       +
       ## Updates address4/6 options if they are not set

     

       51
       51
       +
       # ifname =

     

       52
       52
       +
       ## You can specify different interfaces for IPv4 and IPv6

     

       53
       53
       +
       # ifname4 =

     

       54
       54
       +
       # ifname6 =

     

       55
       55
       +
       

     

       56
       56
       +
       ## Local address to bind transport sockets to

     

       57
       57
       +
       ## Overrides host option if:

     

       58
       58
       +
       ## For ipv4: if ipv4 = true and nat = false

     

       59
       59
       +
       ## For ipv6: if 'host' is not set or ipv4 = true

     

       60
       60
       +
       # address4 =

     

       61
       61
       +
       # address6 =

     

       62
       62
       +
       

     

       63
       63
       +
       ## External IPv4 or IPv6 address to listen for connections

     

       64
       64
       +
       ## By default i2pd sets IP automatically

     

       65
       65
       +
       ## Sets published NTCP2v4/SSUv4 address to 'host' value if nat = true

     

       66
       66
       +
       ## Sets published NTCP2v6/SSUv6 address to 'host' value if ipv4 = false

     

       67
       67
       +
       # host = 1.2.3.4

     

       68
       68
       +
       

     

       69
       69
       +
       ## Port to listen for connections

     

       70
       70
       +
       ## By default i2pd picks random port. You MUST pick a random number too,

     

       71
       71
       +
       ## don't just uncomment this

     

       72
       72
       +
       # port = 60668

     

       73
       73
       +
       

     

       74
       74
       +
       ## Enable communication through ipv4 (default: true)

     

       75
       75
       +
       ipv4 = true

     

       76
       76
       +
       ## Enable communication through ipv6 (default: false)

     

       77
       77
       +
       ipv6 = true

     

       78
       78
       +
       

     

       79
       79
       +
       ## Bandwidth configuration

     

       80
       80
       +
       ## L limit bandwidth to 32 KB/sec, O - to 256 KB/sec, P - to 2048 KB/sec,

     

       81
       81
       +
       ## X - unlimited

     

       82
       82
       +
       ## Default is L (regular node) and X if floodfill mode enabled.

     

       83
       83
       +
       ## If you want to share more bandwidth without floodfill mode, uncomment

     

       84
       84
       +
       ## that line and adjust value to your possibilities. Value can be set to

     

       85
       85
       +
       ## integer in kilobytes, it will apply that limit and flag will be used

     

       86
       86
       +
       ## from next upper limit (example: if you set 4096 flag will be X, but real

     

       87
       87
       +
       ## limit will be 4096 KB/s). Same can be done when floodfill mode is used,

     

       88
       88
       +
       ## but keep in mind that low values may be negatively evaluated by Java

     

       89
       89
       +
       ## router algorithms.

     

       90
       90
       +
       # bandwidth = L

     

       91
       91
       +
       ## Max % of bandwidth limit for transit. 0-100 (default: 100)

     

       92
       92
       +
       # share = 100

     

       93
       93
       +
       

     

       94
       94
       +
       ## Router will not accept transit tunnels, disabling transit traffic completely

     

       95
       95
       +
       ## (default: false)

     

       96
       96
       +
       # notransit = true

     

       97
       97
       +
       

     

       98
       98
       +
       ## Router will be floodfill (default: false)

     

       99
       99
       +
       ## Note: that mode uses much more network connections and CPU!

     

       100
       100
       +
       # floodfill = true

     

       101
       101
       +
       

     

       102
       102
       +
       [ntcp2]

     

       103
       103
       +
       ## Enable NTCP2 transport (default: true)

     

       104
       104
       +
       # enabled = true

     

       105
       105
       +
       ## Publish address in RouterInfo (default: true)

     

       106
       106
       +
       # published = true

     

       107
       107
       +
       ## Port for incoming connections (default is global port option value)

     

       108
       108
       +
       # port = 4567

     

       109
       109
       +
       

     

       110
       110
       +
       [ssu2]

     

       111
       111
       +
       ## Enable SSU2 transport (default: true)

     

       112
       112
       +
       # enabled = true

     

       113
       113
       +
       ## Publish address in RouterInfo (default: true)

     

       114
       114
       +
       # published = true

     

       115
       115
       +
       ## Port for incoming connections (default is global port option value)

     

       116
       116
       +
       # port = 4567

     

       117
       117
       +
       

     

       118
       118
       +
       [http]

     

       119
       119
       +
       ## Web Console settings

     

       120
       120
       +
       ## Enable the Web Console (default: true)

     

       121
       121
       +
       # enabled = true

     

       122
       122
       +
       ## Address and port service will listen on (default: 127.0.0.1:7070)

     

       123
       123
       +
       # address = 127.0.0.1

     

       124
       124
       +
       # port = 7070

     

       125
       125
       +
       ## Path to web console (default: /)

     

       126
       126
       +
       # webroot = /

     

       127
       127
       +
       ## Enable Web Console authentication (default: false)

     

       128
       128
       +
       ## You should not use Web Console via public networks without additional encryption.

     

       129
       129
       +
       ## HTTP authentication is not encryption layer!

     

       130
       130
       +
       # auth = true

     

       131
       131
       +
       # user = i2pd

     

       132
       132
       +
       # pass = changeme

     

       133
       133
       +
       ## Select webconsole language

     

       134
       134
       +
       ## Currently supported english (default), afrikaans, armenian, chinese, czech, french,

     

       135
       135
       +
       ## german, italian, polish, portuguese, russian, spanish, turkish, turkmen, ukrainian

     

       136
       136
       +
       ## and uzbek languages

     

       137
       137
       +
       # lang = english

     

       138
       138
       +
       

     

       139
       139
       +
       [httpproxy]

     

       140
       140
       +
       ## Enable the HTTP proxy (default: true)

     

       141
       141
       +
       enabled = false

     

       142
       142
       +
       ## Address and port service will listen on (default: 127.0.0.1:4444)

     

       143
       143
       +
       # address = 127.0.0.1

     

       144
       144
       +
       # port = 4444

     

       145
       145
       +
       ## Optional keys file for proxy local destination (default: http-proxy-keys.dat)

     

       146
       146
       +
       # keys = http-proxy-keys.dat

     

       147
       147
       +
       ## Enable address helper for adding .i2p domains with "jump URLs" (default: true)

     

       148
       148
       +
       ## You should disable this feature if your i2pd HTTP Proxy is public,

     

       149
       149
       +
       ## because anyone could spoof the short domain via addresshelper and forward other users to phishing links

     

       150
       150
       +
       # addresshelper = true

     

       151
       151
       +
       ## Address of a proxy server inside I2P, which is used to visit regular Internet

     

       152
       152
       +
       # outproxy = http://false.i2p

     

       153
       153
       +
       ## httpproxy section also accepts I2CP parameters, like "inbound.length" etc.

     

       154
       154
       +
       

     

       155
       155
       +
       [socksproxy]

     

       156
       156
       +
       ## Enable the SOCKS proxy (default: true)

     

       157
       157
       +
       enabled = false

     

       158
       158
       +
       ## Address and port service will listen on (default: 127.0.0.1:4447)

     

       159
       159
       +
       # address = 127.0.0.1

     

       160
       160
       +
       # port = 4447

     

       161
       161
       +
       ## Optional keys file for proxy local destination (default: socks-proxy-keys.dat)

     

       162
       162
       +
       # keys = socks-proxy-keys.dat

     

       163
       163
       +
       ## Socks outproxy. Example below is set to use Tor for all connections except i2p

     

       164
       164
       +
       ## Enable using of SOCKS outproxy (works only with SOCKS4, default: false)

     

       165
       165
       +
       # outproxy.enabled = false

     

       166
       166
       +
       ## Address and port of outproxy

     

       167
       167
       +
       # outproxy = 127.0.0.1

     

       168
       168
       +
       # outproxyport = 9050

     

       169
       169
       +
       ## socksproxy section also accepts I2CP parameters, like "inbound.length" etc.

     

       170
       170
       +
       

     

       171
       171
       +
       [sam]

     

       172
       172
       +
       ## Enable the SAM bridge (default: true)

     

       173
       173
       +
       # enabled = false

     

       174
       174
       +
       ## Address and ports service will listen on (default: 127.0.0.1:7656, udp: 7655)

     

       175
       175
       +
       # address = 127.0.0.1

     

       176
       176
       +
       # port = 7656

     

       177
       177
       +
       # portudp = 7655

     

       178
       178
       +
       

     

       179
       179
       +
       [bob]

     

       180
       180
       +
       ## Enable the BOB command channel (default: false)

     

       181
       181
       +
       # enabled = false

     

       182
       182
       +
       ## Address and port service will listen on (default: 127.0.0.1:2827)

     

       183
       183
       +
       # address = 127.0.0.1

     

       184
       184
       +
       # port = 2827

     

       185
       185
       +
       

     

       186
       186
       +
       [i2cp]

     

       187
       187
       +
       ## Enable the I2CP protocol (default: false)

     

       188
       188
       +
       # enabled = false

     

       189
       189
       +
       ## Address and port service will listen on (default: 127.0.0.1:7654)

     

       190
       190
       +
       # address = 127.0.0.1

     

       191
       191
       +
       # port = 7654

     

       192
       192
       +
       

     

       193
       193
       +
       [i2pcontrol]

     

       194
       194
       +
       ## Enable the I2PControl protocol (default: false)

     

       195
       195
       +
       # enabled = false

     

       196
       196
       +
       ## Address and port service will listen on (default: 127.0.0.1:7650)

     

       197
       197
       +
       # address = 127.0.0.1

     

       198
       198
       +
       # port = 7650

     

       199
       199
       +
       ## Authentication password (default: itoopie)

     

       200
       200
       +
       # password = itoopie

     

       201
       201
       +
       

     

       202
       202
       +
       [precomputation]

     

       203
       203
       +
       ## Enable or disable elgamal precomputation table

     

       204
       204
       +
       ## By default, enabled on i386 hosts

     

       205
       205
       +
       # elgamal = true

     

       206
       206
       +
       

     

       207
       207
       +
       [upnp]

     

       208
       208
       +
       ## Enable or disable UPnP: automatic port forwarding (enabled by default in WINDOWS, ANDROID)

     

       209
       209
       +
       # enabled = false

     

       210
       210
       +
       ## Name i2pd appears in UPnP forwardings list (default: I2Pd)

     

       211
       211
       +
       # name = I2Pd

     

       212
       212
       +
       

     

       213
       213
       +
       [meshnets]

     

       214
       214
       +
       ## Enable connectivity over the Yggdrasil network  (default: false)

     

       215
       215
       +
       # yggdrasil = true

     

       216
       216
       +
       ## You can bind address from your Yggdrasil subnet 300::/64

     

       217
       217
       +
       ## The address must first be added to the network interface

     

       218
       218
       +
       # yggaddress =

     

       219
       219
       +
       

     

       220
       220
       +
       [reseed]

     

       221
       221
       +
       ## Options for bootstrapping into I2P network, aka reseeding

     

       222
       222
       +
       ## Enable reseed data verification (default: true)

     

       223
       223
       +
       verify = true

     

       224
       224
       +
       ## URLs to request reseed data from, separated by comma

     

       225
       225
       +
       ## Default: "mainline" I2P Network reseeds

     

       226
       226
       +
       # urls = https://reseed.i2p-projekt.de/,https://i2p.mooo.com/netDb/,https://netdb.i2p2.no/

     

       227
       227
       +
       ## Reseed URLs through the Yggdrasil, separated by comma

     

       228
       228
       +
       # yggurls = http://[324:71e:281a:9ed3::ace]:7070/

     

       229
       229
       +
       ## Path to local reseed data file (.su3) for manual reseeding

     

       230
       230
       +
       # file = /path/to/i2pseeds.su3

     

       231
       231
       +
       ## or HTTPS URL to reseed from

     

       232
       232
       +
       # file = https://legit-website.com/i2pseeds.su3

     

       233
       233
       +
       ## Path to local ZIP file or HTTPS URL to reseed from

     

       234
       234
       +
       # zipfile = /path/to/netDb.zip

     

       235
       235
       +
       ## If you run i2pd behind a proxy server, set proxy server for reseeding here

     

       236
       236
       +
       ## Should be http://address:port or socks://address:port

     

       237
       237
       +
       # proxy = http://127.0.0.1:8118

     

       238
       238
       +
       ## Minimum number of known routers, below which i2pd triggers reseeding (default: 25)

     

       239
       239
       +
       # threshold = 25

     

       240
       240
       +
       

     

       241
       241
       +
       [addressbook]

     

       242
       242
       +
       ## AddressBook subscription URL for initial setup

     

       243
       243
       +
       ## Default: reg.i2p at "mainline" I2P Network

     

       244
       244
       +
       # defaulturl = http://shx5vqsw7usdaunyzr2qmes2fq37oumybpudrd4jjj4e4vk4uusa.b32.i2p/hosts.txt

     

       245
       245
       +
       ## Optional subscriptions URLs, separated by comma

     

       246
       246
       +
       # subscriptions = http://reg.i2p/hosts.txt,http://identiguy.i2p/hosts.txt,http://stats.i2p/cgi-bin/newhosts.txt

     

       247
       247
       +
       

     

       248
       248
       +
       [limits]

     

       249
       249
       +
       ## Maximum active transit sessions (default: 10000)

     

       250
       250
       +
       ## This value is doubled if floodfill mode is enabled!

     

       251
       251
       +
       # transittunnels = 10000

     

       252
       252
       +
       ## Limit number of open file descriptors (0 - use system limit)

     

       253
       253
       +
       # openfiles = 0

     

       254
       254
       +
       ## Maximum size of corefile in Kb (0 - use system limit)

     

       255
       255
       +
       # coresize = 0

     

       256
       256
       +
       

     

       257
       257
       +
       [trust]

     

       258
       258
       +
       ## Enable explicit trust options. (default: false)

     

       259
       259
       +
       # enabled = true

     

       260
       260
       +
       ## Make direct I2P connections only to routers in specified Family.

     

       261
       261
       +
       # family = MyFamily

     

       262
       262
       +
       ## Make direct I2P connections only to routers specified here. Comma separated list of base64 identities.

     

       263
       263
       +
       # routers =

     

       264
       264
       +
       ## Should we hide our router from other routers? (default: false)

     

       265
       265
       +
       # hidden = true

     

       266
       266
       +
       

     

       267
       267
       +
       [exploratory]

     

       268
       268
       +
       ## Exploratory tunnels settings with default values

     

       269
       269
       +
       # inbound.length = 2

     

       270
       270
       +
       # inbound.quantity = 3

     

       271
       271
       +
       # outbound.length = 2

     

       272
       272
       +
       # outbound.quantity = 3

     

       273
       273
       +
       

     

       274
       274
       +
       [persist]

     

       275
       275
       +
       ## Save peer profiles on disk (default: true)

     

       276
       276
       +
       # profiles = true

     

       277
       277
       +
       ## Save full addresses on disk (default: true)

     

       278
       278
       +
       # addressbook = true

     

       279
       279
       +

+10

i2pd/data/tunnels.conf

···

       1
       1
       +
       [ssh-server]

     

       2
       2
       +
       type = server

     

       3
       3
       +
       host = 127.0.0.1

     

       4
       4
       +
       port = 22

     

       5
       5
       +
       inbound.length = 1

     

       6
       6
       +
       outbound.length = 1

     

       7
       7
       +
       inbound.quantity = 5

     

       8
       8
       +
       outbound.quantity = 5

     

       9
       9
       +
       i2cp.reduceOnIdle = true

     

       10
       10
       +
       keys = ssh-in.dat

yggdrasil/README.md

···

       1
       1
       +
       # yggdrasil

     

       2
       2
       +
       

     

       3
       3
       +
       based on the https://hub.docker.com/r/jauderho/yggdrasil-go image. this doesn't work with podman due to networling stuff. ygg requires /dev/tun and net admin to route traffic to the daemon.

     

       4
       4
       +
       

     

       5
       5
       +
       the included config file enables NodeInfoPrivacy and changes AdminListen to tcp instead of a socket.

     

       6
       6
       +
       

     

       7
       7
       +
       learn more about the yggdrasil router here: https://yggdrasil-network.github.io/

+16

yggdrasil/compose.yml

···

       1
       1
       +
       services:

     

       2
       2
       +
         yggdrasil:

     

       3
       3
       +
           container_name: yggdrasil

     

       4
       4
       +
           image: jauderho/yggdrasil-go

     

       5
       5
       +
           restart: unless-stopped

     

       6
       6
       +
           network_mode: host

     

       7
       7
       +
           cap_add:

     

       8
       8
       +
             - NET_ADMIN

     

       9
       9
       +
           devices:

     

       10
       10
       +
             - /dev/net/tun:/dev/net/tun

     

       11
       11
       +
           volumes:

     

       12
       12
       +
             - "./yggdrasil.conf:/etc/yggdrasil.conf"

     

       13
       13
       +
           command:

     

       14
       14
       +
             - "yggdrasil"

     

       15
       15
       +
             - "-useconffile"

     

       16
       16
       +
             - "/etc/yggdrasil.conf"

+82

yggdrasil/yggdrasil.conf

···

       1
       1
       +
       {

     

       2
       2
       +
         # Your private key. DO NOT share this with anyone!

     

       3
       3
       +
         PrivateKey: CHANGE_ME

     

       4
       4
       +
       

     

       5
       5
       +
         # List of outbound peer connection strings (e.g. tls://a.b.c.d:e or

     

       6
       6
       +
         # socks://a.b.c.d:e/f.g.h.i:j). Connection strings can contain options,

     

       7
       7
       +
         # see https://yggdrasil-network.github.io/configurationref.html#peers.

     

       8
       8
       +
         # Yggdrasil has no concept of bootstrap nodes - all network traffic

     

       9
       9
       +
         # will transit peer connections. Therefore make sure to only peer with

     

       10
       10
       +
         # nearby nodes that have good connectivity and low latency. Avoid adding

     

       11
       11
       +
         # peers to this list from distant countries as this will worsen your

     

       12
       12
       +
         # node's connectivity and performance considerably.

     

       13
       13
       +
         Peers: [

     

       14
       14
       +
           ADD_PEERS_HERE

     

       15
       15
       +
         ]

     

       16
       16
       +
       

     

       17
       17
       +
         # List of connection strings for outbound peer connections in URI format,

     

       18
       18
       +
         # arranged by source interface, e.g. { "eth0": [ "tls://a.b.c.d:e" ] }.

     

       19
       19
       +
         # You should only use this option if your machine is multi-homed and you

     

       20
       20
       +
         # want to establish outbound peer connections on different interfaces.

     

       21
       21
       +
         # Otherwise you should use "Peers".

     

       22
       22
       +
         InterfacePeers: {}

     

       23
       23
       +
       

     

       24
       24
       +
         # Listen addresses for incoming connections. You will need to add

     

       25
       25
       +
         # listeners in order to accept incoming peerings from non-local nodes.

     

       26
       26
       +
         # This is not required if you wish to establish outbound peerings only.

     

       27
       27
       +
         # Multicast peer discovery will work regardless of any listeners set

     

       28
       28
       +
         # here. Each listener should be specified in URI format as above, e.g.

     

       29
       29
       +
         # tls://0.0.0.0:0 or tls://[::]:0 to listen on all interfaces.

     

       30
       30
       +
         Listen: [

     

       31
       31
       +
           

     

       32
       32
       +
         ]

     

       33
       33
       +
         

     

       34
       34
       +
         AdminListen: tcp://localhost:9001

     

       35
       35
       +
       

     

       36
       36
       +
         # Configuration for which interfaces multicast peer discovery should be

     

       37
       37
       +
         # enabled on. Regex is a regular expression which is matched against an

     

       38
       38
       +
         # interface name, and interfaces use the first configuration that they

     

       39
       39
       +
         # match against. Beacon controls whether or not your node advertises its

     

       40
       40
       +
         # presence to others, whereas Listen controls whether or not your node

     

       41
       41
       +
         # listens out for and tries to connect to other advertising nodes. See

     

       42
       42
       +
         # https://yggdrasil-network.github.io/configurationref.html#multicastinterfaces

     

       43
       43
       +
         # for more supported options.

     

       44
       44
       +
         MulticastInterfaces: [

     

       45
       45
       +
           {

     

       46
       46
       +
             Regex: .*

     

       47
       47
       +
             Beacon: true

     

       48
       48
       +
             Listen: true

     

       49
       49
       +
             Password: ""

     

       50
       50
       +
           }

     

       51
       51
       +
         ]

     

       52
       52
       +
       

     

       53
       53
       +
         # List of peer public keys to allow incoming peering connections

     

       54
       54
       +
         # from. If left empty/undefined then all connections will be allowed

     

       55
       55
       +
         # by default. This does not affect outgoing peerings, nor does it

     

       56
       56
       +
         # affect link-local peers discovered via multicast.

     

       57
       57
       +
         # WARNING: THIS IS NOT A FIREWALL and DOES NOT limit who can reach

     

       58
       58
       +
         # open ports or services running on your machine!

     

       59
       59
       +
         AllowedPublicKeys: []

     

       60
       60
       +
       

     

       61
       61
       +
         # Local network interface name for TUN adapter, or "auto" to select

     

       62
       62
       +
         # an interface automatically, or "none" to run without TUN.

     

       63
       63
       +
         IfName: auto

     

       64
       64
       +
       

     

       65
       65
       +
         # Maximum Transmission Unit (MTU) size for your local TUN interface.

     

       66
       66
       +
         # Default is the largest supported size for your platform. The lowest

     

       67
       67
       +
         # possible value is 1280.

     

       68
       68
       +
         IfMTU: 65535

     

       69
       69
       +
       

     

       70
       70
       +
         # By default, nodeinfo contains some defaults including the platform,

     

       71
       71
       +
         # architecture and Yggdrasil version. These can help when surveying

     

       72
       72
       +
         # the network and diagnosing network routing problems. Enabling

     

       73
       73
       +
         # nodeinfo privacy prevents this, so that only items specified in

     

       74
       74
       +
         # "NodeInfo" are sent back if specified.

     

       75
       75
       +
         NodeInfoPrivacy: true

     

       76
       76
       +
       

     

       77
       77
       +
         # Optional nodeinfo. This must be a { "key": "value", ... } map

     

       78
       78
       +
         # or set as null. This is entirely optional but, if set, is visible

     

       79
       79
       +
         # to the whole network on request.

     

       80
       80
       +
         NodeInfo: {

     

       81
       81
       +
         }

     

       82
       82
       +
       }