only allow TLS+onion
This commit is contained in:
idk
@@ -26,16 +26,10 @@ i2p-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --port=8443
|
||||
i2p-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld
|
||||
```
|
||||
|
||||
### Without a webserver, standalone, automatic OnionV3
|
||||
|
||||
```
|
||||
i2p-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
|
||||
```
|
||||
|
||||
### Without a webserver, standalone, automatic OnionV3 with TLS support
|
||||
|
||||
```
|
||||
i2p-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --tlsHost=your-domain.tld --onion
|
||||
i2p-tools reseed --signer=you@mail.i2p --netdb=/home/i2p/.i2p/netDb --onion
|
||||
```
|
||||
|
||||
If this is your first time running a reseed server (ie. you don't have any existing keys),
|
||||
|
||||
134
cmd/reseed.go
134
cmd/reseed.go
@@ -124,9 +124,11 @@ func reseedAction(c *cli.Context) {
|
||||
var tlsCert, tlsKey string
|
||||
tlsHost := c.String("tlsHost")
|
||||
|
||||
if c.Bool("onion") {
|
||||
tlsHost = "onion"
|
||||
}
|
||||
if c.Bool("onion") {
|
||||
if tlsHost == "" {
|
||||
tlsHost = "onion"
|
||||
}
|
||||
}
|
||||
|
||||
if tlsHost != "" {
|
||||
tlsKey = c.String("tlsKey")
|
||||
@@ -195,7 +197,7 @@ func reseedAction(c *cli.Context) {
|
||||
if c.Duration("stats") != 0 {
|
||||
go func() {
|
||||
var mem runtime.MemStats
|
||||
for _ = range time.Tick(c.Duration("stats")) {
|
||||
for range time.Tick(c.Duration("stats")) {
|
||||
runtime.ReadMemStats(&mem)
|
||||
log.Printf("TotalAllocs: %d Kb, Allocs: %d Kb, Mallocs: %d, NumGC: %d", mem.TotalAlloc/1024, mem.Alloc/1024, mem.Mallocs, mem.NumGC)
|
||||
}
|
||||
@@ -212,70 +214,70 @@ func reseedAction(c *cli.Context) {
|
||||
if err != nil {
|
||||
log.Fatalln(err.Error())
|
||||
} else {
|
||||
if tlsCert != "" && tlsKey != "" {
|
||||
log.Fatalln(
|
||||
server.ListenAndServeOnionTLS(
|
||||
nil,
|
||||
&tor.ListenConf{
|
||||
LocalPort: port,
|
||||
Key: ed25519.PrivateKey(ok),
|
||||
RemotePorts: []int{443},
|
||||
Version3: true,
|
||||
NonAnonymous: c.Bool("singleOnion"),
|
||||
DiscardKey: false,
|
||||
},
|
||||
tlsCert, tlsKey,
|
||||
c.String("onionKey"),
|
||||
),
|
||||
)
|
||||
}else{
|
||||
log.Fatalln(
|
||||
server.ListenAndServeOnion(
|
||||
nil,
|
||||
&tor.ListenConf{
|
||||
LocalPort: port,
|
||||
Key: ed25519.PrivateKey(ok),
|
||||
RemotePorts: []int{80},
|
||||
Version3: true,
|
||||
NonAnonymous: c.Bool("singleOnion"),
|
||||
DiscardKey: false,
|
||||
},
|
||||
c.String("onionKey"),
|
||||
),
|
||||
)
|
||||
}
|
||||
if tlsCert != "" && tlsKey != "" {
|
||||
log.Fatalln(
|
||||
server.ListenAndServeOnionTLS(
|
||||
nil,
|
||||
&tor.ListenConf{
|
||||
LocalPort: port,
|
||||
Key: ed25519.PrivateKey(ok),
|
||||
RemotePorts: []int{443},
|
||||
Version3: true,
|
||||
NonAnonymous: c.Bool("singleOnion"),
|
||||
DiscardKey: false,
|
||||
},
|
||||
tlsCert, tlsKey,
|
||||
c.String("onionKey"),
|
||||
),
|
||||
)
|
||||
} else {
|
||||
log.Fatalln(
|
||||
server.ListenAndServeOnion(
|
||||
nil,
|
||||
&tor.ListenConf{
|
||||
LocalPort: port,
|
||||
Key: ed25519.PrivateKey(ok),
|
||||
RemotePorts: []int{80},
|
||||
Version3: true,
|
||||
NonAnonymous: c.Bool("singleOnion"),
|
||||
DiscardKey: false,
|
||||
},
|
||||
c.String("onionKey"),
|
||||
),
|
||||
)
|
||||
}
|
||||
}
|
||||
} else if os.IsNotExist(err) {
|
||||
if tlsCert != "" && tlsKey != "" {
|
||||
log.Fatalln(
|
||||
server.ListenAndServeOnionTLS(
|
||||
nil,
|
||||
&tor.ListenConf{
|
||||
LocalPort: port,
|
||||
RemotePorts: []int{443},
|
||||
Version3: true,
|
||||
NonAnonymous: c.Bool("singleOnion"),
|
||||
DiscardKey: false,
|
||||
},
|
||||
tlsCert, tlsKey,
|
||||
c.String("onionKey"),
|
||||
),
|
||||
)
|
||||
}else{
|
||||
log.Fatalln(
|
||||
server.ListenAndServeOnion(
|
||||
nil,
|
||||
&tor.ListenConf{
|
||||
LocalPort: port,
|
||||
RemotePorts: []int{80},
|
||||
Version3: true,
|
||||
NonAnonymous: c.Bool("singleOnion"),
|
||||
DiscardKey: false,
|
||||
},
|
||||
c.String("onionKey"),
|
||||
),
|
||||
)
|
||||
}
|
||||
if tlsCert != "" && tlsKey != "" {
|
||||
log.Fatalln(
|
||||
server.ListenAndServeOnionTLS(
|
||||
nil,
|
||||
&tor.ListenConf{
|
||||
LocalPort: port,
|
||||
RemotePorts: []int{443},
|
||||
Version3: true,
|
||||
NonAnonymous: c.Bool("singleOnion"),
|
||||
DiscardKey: false,
|
||||
},
|
||||
tlsCert, tlsKey,
|
||||
c.String("onionKey"),
|
||||
),
|
||||
)
|
||||
} else {
|
||||
log.Fatalln(
|
||||
server.ListenAndServeOnion(
|
||||
nil,
|
||||
&tor.ListenConf{
|
||||
LocalPort: port,
|
||||
RemotePorts: []int{80},
|
||||
Version3: true,
|
||||
NonAnonymous: c.Bool("singleOnion"),
|
||||
DiscardKey: false,
|
||||
},
|
||||
c.String("onionKey"),
|
||||
),
|
||||
)
|
||||
}
|
||||
} else {
|
||||
|
||||
}
|
||||
|
||||
@@ -140,11 +140,11 @@ func (srv *Server) ListenAndServeOnionTLS(startConf *tor.StartConf, listenConf *
|
||||
if srv.TLSConfig.NextProtos == nil {
|
||||
srv.TLSConfig.NextProtos = []string{"http/1.1"}
|
||||
}
|
||||
srv.OnionListener, err = tor.Listen(listenCtx, listenConf)
|
||||
srv.OnionListener, err = tor.Listen(listenCtx, listenConf)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
srv.Addr = srv.OnionListener.ID
|
||||
srv.Addr = srv.OnionListener.ID
|
||||
|
||||
// var err error
|
||||
srv.TLSConfig.Certificates = make([]tls.Certificate, 1)
|
||||
|
||||
Reference in New Issue
Block a user