diff --git a/Makefile b/Makefile index 5c85d04..f22b998 100644 --- a/Makefile +++ b/Makefile @@ -78,7 +78,7 @@ install-all: install install-server remove: rm -rf /usr/local/bin/ephsite /usr/local/bin/eephttpd -gendoc: all +gendoc: @echo "$(appname) - Easy forwarding of local services to i2p" > USAGE.md @echo "==================================================" >> USAGE.md @echo "" >> USAGE.md @@ -93,30 +93,33 @@ gendoc: all ./bin/$(appname) -h 2>> USAGE.md; true @echo '```' >> USAGE.md @echo "" >> USAGE.md - @echo "$(eephttpd) - Static file server automatically forwarded to i2p" >> USAGE.md - @echo "============================================================" >> USAGE.md + @echo "$(samcatd) - Router-independent tunnel management for i2p" >> USAGE.md + @echo "=========================================================" >> USAGE.md + @echo "" >> USAGE.md + @echo "$(samcatd) is a daemon which runs a group of forwarding proxies to" >> USAGE.md + @echo "provide services over i2p independent of the router. It also serves" >> USAGE.md + @echo "as a generalized i2p networking utility for power-users." >> USAGE.md @echo "" >> USAGE.md @echo "usage:" >> USAGE.md @echo "------" >> USAGE.md @echo "" >> USAGE.md - @echo "$(eephttpd) is a static http server which automatically runs on i2p with" >> USAGE.md - @echo "the help of the SAM bridge. By default it will only be available from" >> USAGE.md - @echo "the localhost and it's i2p tunnel. It can be masked from the localhost" >> USAGE.md - @echo "using a container." >> USAGE.md - @echo "" >> USAGE.md @echo '```' >> USAGE.md - ./bin/$(eephttpd) -h 2>> USAGE.md; true + ./bin/$(samcatd) -h 2>> USAGE.md; true @echo '```' >> USAGE.md @echo "" >> USAGE.md - make docker-cmd + make example-config + +example-config: + @echo "example config - valid for both ephsite and samcat" >> USAGE.md + @echo "==================================================" >> USAGE.md @echo "" >> USAGE.md - @echo "instance" >> USAGE.md - @echo "--------" >> USAGE.md + @echo "(ephsite will only use top-level options)" >> USAGE.md @echo "" >> USAGE.md - @echo "a running instance of eephttpd with the example index file is availble on" >> USAGE.md - @grep 'and on' eephttpd.log | sed 's|and on||g' | tr -d '\t' >> USAGE.md + @echo '```' >> USAGE.md + cat etc/sam-forwarder/tunnels.ini >> USAGE.md + @echo '```' >> USAGE.md @echo "" >> USAGE.md - @cat USAGE.md + docker-build: docker build --no-cache \ @@ -152,36 +155,6 @@ follow: docker: docker-build docker-volume docker-run -docker-cmd: - @echo "### build in docker" >> USAGE.md - @echo "" >> USAGE.md - @echo '```' >> USAGE.md - @echo "docker build --build-arg user=$(eephttpd) --build-arg path=example/www -f Dockerfile -t eyedeekay/$(eephttpd) ." >> USAGE.md - @echo '```' >> USAGE.md - @echo "" >> USAGE.md - @echo "### Run in docker" >> USAGE.md - @echo "" >> USAGE.md - @echo '```' >> USAGE.md - @echo "docker run -i -t -d \\" >> USAGE.md - @echo " --name $(eephttpd)-volume \\" >> USAGE.md - @echo " --volume $(eephttpd):/home/$(eephttpd)/ \\" >> USAGE.md - @echo " eyedeekay/$(eephttpd)" >> USAGE.md - @echo '```' >> USAGE.md - @echo "" >> USAGE.md - @echo '```' >> USAGE.md - @echo "docker run -i -t -d \\" >> USAGE.md - @echo " --network $(network) \\" >> USAGE.md - @echo " --env samhost=$(samhost) \\" >> USAGE.md - @echo " --env samport=$(samport) \\" >> USAGE.md - @echo " --env args=$(args) # Additional arguments to pass to eephttpd\\" >> USAGE.md - @echo " --network-alias $(eephttpd) \\" >> USAGE.md - @echo " --hostname $(eephttpd) \\" >> USAGE.md - @echo " --name $(eephttpd) \\" >> USAGE.md - @echo " --restart always \\" >> USAGE.md - @echo " --volumes-from $(eephttpd)-volume \\" >> USAGE.md - @echo " eyedeekay/$(eephttpd)" >> USAGE.md - @echo '```' >> USAGE.md - index: pandoc USAGE.md -o example/www/index.html diff --git a/README.md b/README.md index 4e51794..0d114f0 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,13 @@ So, to serve an eepSite version of a local service on port 8080 - For more information, [look here](USAGE.md) +## binaries + +Two binaries are produced by this repo. The first, ephsite, is only capable +of running one tunnel at a time. The second, samcatd, is more advanced. It can +start multiple tunnels with their own settings, or be used to start tunnels on +the fly like ephsite by passing the -start option. + ## ini-like configuration I made it parse INI-like configuration files, optionally, which allows it to diff --git a/README.md.asc b/README.md.asc index c700ea3..bd298f1 100644 --- a/README.md.asc +++ b/README.md.asc @@ -27,6 +27,13 @@ So, to serve an eepSite version of a local service on port 8080 - For more information, [look here](USAGE.md) +## binaries + +Two binaries are produced by this repo. The first, ephsite, is only capable +of running one tunnel at a time. The second, samcatd, is more advanced. It can +start multiple tunnels with their own settings, or be used to start tunnels on +the fly like ephsite by passing the -start option. + ## ini-like configuration I made it parse INI-like configuration files, optionally, which allows it to @@ -170,12 +177,12 @@ figure I give it a web interface to configure stuff with. TLS configuration is experimental. -----BEGIN PGP SIGNATURE----- -iQEzBAEBCAAdFiEEcNIGBzi++AUjrK/311wDs5teFOEFAluZ1cMACgkQ11wDs5te -FOFE7wf/T4XDGkjgYm2Ad+1+wvUZRDyDAN+fKWkSCaFGCxHu8uVeFHiRrUyB0leP -IIQDkrjvMo7P/jO7PKmbXIHuSCeZC5FoYnzaYn1qj5fufaGwHPgB3ahksVvs0h1W -3BNE6bQk1f4QoQZiWpXXuLgoPNOB09fdapdUsEytjVKl6AQyTXvXGdgZsnSqTY6I -9l1azIo651sxLqQ+EZQlBQRbOEX5mjTWEXCMQlwSa3Cb/ZJWlrQg7HPK0nCNSMAH -q16esuXTwJ44+U1hXG+8Fttb7eOiddnUTMYhYAUP78WelNRRY1k+6ICiHgseqHJ2 -w6EDbu7L82ST6RSMBhkCA7YIQ1KhBA== -=ddaU +iQEzBAEBCAAdFiEEcNIGBzi++AUjrK/311wDs5teFOEFAluZ4F4ACgkQ11wDs5te +FOF3Dwf/S778UJLn92LpLFCzu+2mR5w6QRm+z/XYk4fjm4Vrln79BB5ubgc9l/L1 +WVyM7c2vaSgif0S9Wx4TLnPAit448nT7bzQGadeOHWBW+cvL/xNWRDjormDl2/XI +bsaBKshwMETNRS8pliILVbTFJRHGOTePWtauzbcNG6LiIqxoNRlP+N/JZVCjnRAq +FeQ7TweEqJ0UQJy9mFApX8u72Yyvy2lbj45B5/8V0AGGFNbkZvVOe0L9UE/HLu/v +5S5ghS41jjr3qXJb01B/UB1MIoplAuqgQ/+27h4IvG5dLaGvVmdJLjjtSAieDWlD +L0FWkASGxn5RWCjHTtZLTsWkXStX3g== +=CVmn -----END PGP SIGNATURE----- diff --git a/USAGE.md b/USAGE.md index d5d88b8..5b50f6d 100644 --- a/USAGE.md +++ b/USAGE.md @@ -78,99 +78,154 @@ Usage of ./bin/ephsite: Allow zero-hop, non-anonymous tunnels out(true or false) ``` -eephttpd - Static file server automatically forwarded to i2p -============================================================ +samcatd - Router-independent tunnel management for i2p +========================================================= + +samcatd is a daemon which runs a group of forwarding proxies to +provide services over i2p independent of the router. It also serves +as a generalized i2p networking utility for power-users. usage: ------ -eephttpd is a static http server which automatically runs on i2p with -the help of the SAM bridge. By default it will only be available from -the localhost and it's i2p tunnel. It can be masked from the localhost -using a container. - ``` -Usage of ./bin/eephttpd: - -a string - hostname to serve on (default "127.0.0.1") - -c Use an encrypted leaseset(true or false) - -d string - the directory of static files to host(default ./www) (default "./www") - -f string - Use an ini file for configuration (default "none") - -g Uze gzip(true or false) (default true) - -i save i2p keys(and thus destinations) across reboots (default true) - -ib int - Set inbound tunnel backup quantity(0 to 5) (default 4) - -il int - Set inbound tunnel length(0 to 7) (default 3) - -iq int - Set inbound tunnel quantity(0 to 15) (default 8) - -iv int - Set inbound tunnel length variance(-7 to 7) - -l string +Usage of ./bin/samcatd: + -access string Type of access list to use, can be "whitelist" "blacklist" or "none". (default "none") - -m string - Certificate name to use (default "cert") - -n string - name to give the tunnel(default static-eepSite) (default "static-eepSite") - -ob int - Set outbound tunnel backup quantity(0 to 5) (default 4) - -ol int - Set outbound tunnel length(0 to 7) (default 3) - -oq int - Set outbound tunnel quantity(0 to 15) (default 8) - -ov int - Set outbound tunnel length variance(-7 to 7) - -p string - port to serve locally on (default "7880") - -r Reduce tunnel quantity when idle(true or false) - -rc int - Reduce idle tunnel quantity to X (0 to 5) (default 3) - -rt int + -accesslist value + Specify an access list member(can be used multiple times) + -client + Client proxy mode(true or false) + -close + Close tunnel idle(true or false) + -closetime int Reduce tunnel quantity after X (milliseconds) (default 600000) - -s string - the directory to save the keys in(default ./) (default ".") - -sh string - sam host to connect to (default "127.0.0.1") - -sp string - sam port to connect to (default "7656") - -t Generate or use an existing TLS certificate - -x Inject X-I2P-DEST headers (default true) - -z Allow zero-hop, non-anonymous tunnels(true or false) + -dest string + Destination for client tunnels. Ignored for service tunnels. (default "none") + -dir string + Directory to save tunnel configuration file in. + -encryptlease + Use an encrypted leaseset(true or false) (default true) + -gzip + Uze gzip(true or false) + -headers + Inject X-I2P-DEST headers + -host string + Target host(Host of service to forward to i2p) (default "127.0.0.1") + -inback int + Set inbound tunnel backup quantity(0 to 5) (default 4) + -incount int + Set inbound tunnel quantity(0 to 15) (default 6) + -ini string + Use an ini file for configuration(config file options override passed arguments for now.) (default "none") + -inlen int + Set inbound tunnel length(0 to 7) (default 3) + -invar int + Set inbound tunnel length variance(-7 to 7) + -lsk string + path to saved encrypted leaseset keys (default "none") + -name string + Tunnel name, this must be unique but can be anything. (default "forwarder") + -outback int + Set outbound tunnel backup quantity(0 to 5) (default 4) + -outcount int + Set outbound tunnel quantity(0 to 15) (default 6) + -outlen int + Set outbound tunnel length(0 to 7) (default 3) + -outvar int + Set outbound tunnel length variance(-7 to 7) + -port string + Target port(Port of service to forward to i2p) (default "8081") + -reduce + Reduce tunnel quantity when idle(true or false) + -reducecount int + Reduce idle tunnel quantity to X (0 to 5) (default 3) + -reducetime int + Reduce tunnel quantity after X (milliseconds) (default 600000) + -samhost string + SAM host (default "127.0.0.1") + -samport string + SAM port (default "7656") + -save + Use saved file and persist tunnel(If false, tunnel will not persist after program is stopped. + -start + Start a tunnel with the passed parameters(Otherwise, they will be treated as default values.) + -tlsport string + (Currently inoperative. Target TLS port(HTTPS Port of service to forward to i2p) + -udp + UDP mode(true or false) + -zeroin + Allow zero-hop, non-anonymous tunnels in(true or false) + -zeroout + Allow zero-hop, non-anonymous tunnels out(true or false) ``` -### build in docker +example config - valid for both ephsite and samcat +================================================== + +(ephsite will only use top-level options) ``` -docker build --build-arg user=eephttpd --build-arg path=example/www -f Dockerfile -t eyedeekay/eephttpd . + +## Defaults, these are only invoked with the -start option or if labeled tunnels +## are not present(samcatd instructions) + +inbound.length = 3 +outbound.length = 6 +inbound.lengthVariance = 0 +outbound.lengthVariance = 0 +inbound.backupQuantity = 3 +outbound.backupQuantity = 3 +inbound.quantity = 5 +outbound.quantity = 5 +inbound.allowZeroHop = false +outbound.allowZeroHop = false +i2cp.encryptLeaseSet = false +gzip = true +i2cp.reduceOnIdle = true +i2cp.reduceIdleTime = 3000000 +i2cp.reduceQuantity = 2 +i2cp.enableWhiteList = false +i2cp.enableBlackList = false + +[sam-forwarder] +type = server +host = 127.0.0.1 +port = 8081 +inbound.length = 3 +outbound.length = 6 +keys = forwarder + +[sam-forwarder-two] +type = client +host = 127.0.0.1 +port = 8082 +inbound.length = 6 +outbound.length = 3 +keys = forwarder-two + +[sam-forwarder-three] +type = udpclient +host = 127.0.0.1 +port = 8083 +inbound.length = 3 +outbound.length = 6 +keys = forwarder-three + +[sam-forwarder-four] +type = udpserver +host = 127.0.0.1 +port = 8084 +inbound.length = 6 +outbound.length = 3 +keys = forwarder-four + +[sam-forwarder-five] +type = http +host = 127.0.0.1 +port = 8085 +inbound.length = 3 +outbound.length = 6 +keys = forwarder-five ``` -### Run in docker - -``` -docker run -i -t -d \ - --name eephttpd-volume \ - --volume eephttpd:/home/eephttpd/ \ - eyedeekay/eephttpd -``` - -``` -docker run -i -t -d \ - --network si \ - --env samhost=sam-host \ - --env samport=7656 \ - --env args=-r # Additional arguments to pass to eephttpd\ - --network-alias eephttpd \ - --hostname eephttpd \ - --name eephttpd \ - --restart always \ - --volumes-from eephttpd-volume \ - eyedeekay/eephttpd -``` - -instance --------- - -a running instance of eephttpd with the example index file is availble on -