Building sbuild environment for cross-building raspbian packages on amd64/i386 machines

Updated: reworked style and text, add fix for supported filesystems workaround - aufs works only on jessie or earlier

Used documents and topics:

  • https://wiki.debian.org/mk-sbuild
  • https://log.cyconet.org/2013/11/25/crossbuilding-debian-packages-with-sbuild-for-raspbian/
  • https://gist.github.com/waja/7639011

Install requirements, add user, set distribution, etc. to build chroot and package

Install required packages

$ apt-get install sudo gnupg dirmngr curl sbuild ubuntu-dev-tools qemu-user-static binfmt-support

Recommended to work under user with full sudo access without password prompting.

sudo needed to install packages and mount chroot, requrement of mk-sbuild. You can ignore second line if want every time write password when it asked.

$ sudo useradd -m -s /bin/bash -G sudo,sbuild builder
$ sudo bash -c 'echo "builder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers'

Login as builder user and set release variable which we will build chroot for

$ sudo su - builder
$ export RELEASE="stretch"

Next 4 steps (till 8th) can …

Read more ...

i2pd 2.18.0 static arm build

my unofficial static arm build for i2pd 2.18.0 is up here.

make sure to check the signature or verify the hash

b2sum:

8f5fb682725273685370a0c839b75413914974f9e3030d112f44dfb1490fe1fcd623b911ede7148595d3d4a9de28309290b8623b1197489d71fdc75b17dca439  i2pd

sha256sum:

535197a7e06af4a6fc56bc1c6944c2571116c4575927fc060bc86e7213098326  i2pd

i2pd 2.18 released

i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client.

I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers).

I2P allows people from all around the world to communicate and share information without restrictions.

i2pd is licensed under the 3-clause BSD license, binary packages are available for Debian, Ubuntu, OS X, FreeBSD, Android and Windows.

View release on GitHub

Changelog for i2pd version 2.18:

Added

  • Show tunnel nicknames for I2CP destination in WebUI
  • Re-create HTTP and SOCKS proxy by tunnel reload
  • Graceful shutdown as soon as no more transit tunnels

Changed

  • Regenerate shared local destination by tunnel reload
  • Use …

Read more ...

i2pd 2.17 released

i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client.

I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers).

I2P allows people from all around the world to communicate and share information without restrictions.

i2pd is licensed under the 3-clause BSD license, binary packages are available for Debian, Ubuntu, OS X, FreeBSD, Android and Windows.

View release on GitHub

Changelog for i2pd version 2.17:

Added

  • Reseed through HTTP and SOCKS proxy
  • Show status of client services through web console
  • Change log level through web connsole
  • transient keys for tunnels
  • i2p.streaming.initialAckDelay parameter
  • CRYPTO_TYPE for SAM destination
  • signature and …

Read more ...

hosting an outproxy for i2p (part 1)

This quick blog was requested by someone on IRC and it details how to set up an outproxy on i2p.

If this is too quick a guide or you feel like you don't know what you're doing then I'd suggest against running an outproxy.

Software used:

  • debian stable

  • i2pd

  • tinyproxy

The setup process goes as follows:

  • install i2pd and tinyproxy

  • edit tinyproxy.conf to have sane defaults

  • have tinyproxy deny access to loopback

  • create an i2p server tunnel pointing to 127.0.0.1:8888

  • publish destination of outproxy

/etc/tinyproxy/tinyproxy.conf

User tinyproxy
Group tinyproxy
Port 8888
Listen 127.0.0.1
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
MaxClients 100
LogLevel Warning
PidFile "/run/tinyproxy/tinyproxy.pid"
MinSpareServers 5
MaxSpareServers 20
StartServers 10
MaxRequestsPerChild 0
Allow 127.0.0.1/8
ViaProxyName "tinyproxy"
Filter "/etc/tinyproxy/filter"
FilterExtended On
ConnectPort 443

/etc/tinyproxy/filters

^127\.
^10 …

Read more ...

Syncthing over I2P

In which I show you how to use Syncthing over I2P for secure, self-hosted, file synchronization.

What is Syncthing?

Syncthing is an open source, self-hosted file synchronization tool. Instead of trusting a third party (e.g. Dropbox) to host your files, and synchronize files between your machines, you can use an open source alternative.

By default, syncthing is not truly decentralized, and relies on third party relay servers and discovery servers. While I am sure the syncthing protocol is safe enough, and the people hosting these services have good intentions, wouldn't it be nice if we don't have to trust either?

What is I2P?

I2P is a decentralized, peer to peer, anonymous network layer. By relaying your computer traffic by a volunteer ran network spread around the world, following the path of traffic becomes nearly impossible.

I2P has the added benefit that you can bypass limitations on hosting imposed by …

Read more ...

Kovri and the curious case of code rot (part 1)

I'd like to preface this going in as being clear that I like monero project and think they make a damn fine coin. Yes, they have a rather elitist community but such comes with the territory. I have interfaced with the kovri codebase in the past and I can say that the project left me rather disapointed. To really get a good grasp of the sitatuon I need to go back to 2014 (?).

i2pcpp and i2pd 0.x.x

In the begininning there was i2pcpp, a decent partially working i2p router written in C++ 11 for FreeBSD by a guy with the nym orion. Orion was originally funded by the monero community but discontinued i2pcpp after i2p's protocols left a sour taste in his mouth. My only role in i2pcpp was trying to compile it on Linux as at the time my C++ was pretty much non existent. Orion is …

Read more ...

nntpchan 0.5.0 released

After over a year I am proud to release nntpchan version 0.5.0.

The daemon has gone through a lot as well as the build system, we have many many new things added.

  • smart varnish caching
  • ed25519-blake2b signatures
  • no longer use cgo, libsodium not used at all, we are 100% pure go now.
  • no more noticable gc leaks
  • use 1 repo for everything, don't split backend and frontend repo for ease of building

Many features were also gutted:

  • filesystem markup cache
  • redis support (all of it)

I think this covers everything, so much changed I probably forgot something or a few other things ...

Download on github here and join us on IRC to peer into the main network.

We're on the following networks:

rizon: irc.rizon.net #nntpchan

freenode: irc.freenode.org #nntpchan

irc2p: irc.dg.i2p #overchan

Exploring snappy package manager. Why it is awesome and how to get started.

For those who don't already know, Snappy is a distribution agnostic package manager for Linux developed by Canonical.

Snap packages are self-contained archives with all required dependencies included. Applications run in a secure sandbox environment isolated from the main system, using such technology as Linux namespaces, seccomp and AppArmor.

I've recently created snap package for i2pd, and very excited to share my experience.

Awesome features

Security

Snaps are sandboxed and isolated from your main system. Applications can only have access to system resources allowed by package developer.

For example, those are system resources allowed to i2pd package:

plugs: [network,network-bind]

i2pd can only access network, bind ports and use it's own virtual filesystem, everything else will be denied by kernel.

In theory, one could even run untrusted proprietary code safely.

Snap store

Snaps are simple archives, which can be downloaded and installed by hand as regular deb/rpm ones. To …

Read more ...

i2pd 2.15 released

i2pd (I2P Daemon) is a full-featured C++ implementation of I2P client.

I2P (Invisible Internet Protocol) is a universal anonymous network layer. All communications over I2P are anonymous and end-to-end encrypted, participants don't reveal their real IP addresses.

I2P client is a software used for building and using anonymous I2P networks. Such networks are commonly used for anonymous peer-to-peer applications (filesharing, cryptocurrencies) and anonymous client-server applications (websites, instant messengers, chat-servers).

I2P allows people from all around the world to communicate and share information without restrictions.

i2pd is licensed under the 3-clause BSD license, binary packages are available for Debian, Ubuntu, OS X, FreeBSD, Android and Windows.

View release on GitHub

Changelog for i2pd version 2.15:

Added

  • QT GUI
  • Ability to add and remove I2P tunnels without restart
  • Ability to disable SOCKS outproxy option

Changed

  • Strip-out Accept-* headers in HTTP proxy
  • Don't run peer test if nat=false
  • Separate output of …

Read more ...