Install I2P on Raspberry Pi

From WickyWiki


Install i2p on Raspberry Pi

See also

Assumptions

  • In this manual, the IP address of the Raspberry PI machine within the local network is assumed to be '192.168.1.2'.
  • The installation was done as user 'pi'
  • After configuring to start automatically, I2P will run as user 'i2psvc'
  • The assumed port for I2P is 25001. Don't use this value.

Install

Pre-install packages: 

sudo apt update
sudo apt install -y apt-transport-https lsb-release curl

Add repository, add the key and install. This will ensure you will also receive updates: 

#Add repository to sources
echo "deb https://deb.i2p.net/ $(lsb_release -sc) main" | sudo tee /etc/apt/sources.list.d/i2p.list

#Download key to 'i2p-archive-keyring.gpg '
curl -o i2p-archive-keyring.gpg https://geti2p.net/_static/i2p-archive-keyring.gpg

#Display the key
gpg --keyid-format long --import --import-options show-only --with-fingerprint i2p-archive-keyring.gpg

#Verify the  key:
#7840 E761 0F28 B904 7535  49D7 67EC E560 5BCF 1346

#Copy the keyring to the keyrings directory: 
sudo cp i2p-archive-keyring.gpg /usr/share/keyrings

#Create symlink to the key
sudo ln -sf /usr/share/keyrings/i2p-archive-keyring.gpg /etc/apt/trusted.gpg.d/i2p-archive-keyring.gpg

#Update
sudo apt update

#Upgrade (if applicable)
sudo apt upgrade

#Install
sudo apt install -y i2p i2p-keyring

If you want to start and test as current user: 

i2prouter start
i2prouter status

Note:

  • This way the I2P router will start and run as current user, settings and files are stored here /home/pi/.i2p/clients.config
  • i2prouter should NOT never be started with sudo
  • See below to read how to start i2p automatically and run as user 'i2psvc'

Test

Install terminal based browser and check if the config page is working: 

sudo apt install w3m
w3m http://127.0.0.1:7657/confignet

Upgrade

After upgrading I2P, the service needs to be restarted. Go to the console and click restart. 

sudo apt update
sudo apt upgrade i2p i2p-keyring

Start I2P automatically

Note: i2prouter should be started as a regular pi user. Do NOT start the router with sudo. If you use below configuration script the default user is 'i2psvc'. 

sudo dpkg-reconfigure i2p

Default answers will be fine. 

sudo service i2p start

Config folder: 

sudo nano /var/lib/i2p/i2p-config/clients.config

Access config from another machine

Add the system's IP (192.168.1.2) to allow access from other machines: 

#local run
sudo nano /home/pi/.i2p/clients.config

#service run
sudo nano +3 /var/lib/i2p/i2p-config/clients.config

Edit line to be: 

 ...
 clientApp.0.args=7657 ::1,127.0.0.1,192.168.1.2 ./webapps/
 ...

After the first time initialization the configuration is moved to directory /var/lib/i2p/i2p-config/clients.config.d/ and the file clients.config is renamed to clients.config.bak. The configuration has now multiple files that can be modified. Edit the these files (multiple) to work with 192.168.1.2: 

sudo -i
nano /var/lib/i2p/i2p-config/clients.config.d/*-clients.config

For de addressbook: 

sudo nano +11 /var/lib/i2p/i2p-config/addressbook/config.txt

Edit line to be: 

 ...
 proxy_host=192.168.1.2
 ...

Optionally add and require a username and password:

Firewall/router settings

Note: this port is a random number, keep it private, it could be used to find your real IP adres.

Network > Port 25001

Use the documentation for your router, login to your router's Administrator page 

WAN Port Forwarding
From port 25001 
To port 25001
To IP 192.168.1.2	
Protocol: TCP & UDP

My I2P settings

Disable [-] Enable [+]

Clients:

  • [+] Application tunnels
  • [-] BOB application bridge
  • [+] I2P Router Console
  • [-] I2P webserver (eepsite)
  • [-] Open Router Console in web browser at startup
  • [-] SAM application bridge

Hidden Services Manager - go into the service and configure it to start automatically or not. To change the IP address from 127.0.0.1 to 192.168.1.2:

  1. Stop the service
  2. Select the IP address
  3. Save
  4. Start the service

I2P Hidden Services:

  • [-] I2P webserver

I2P Client Tunnels:

  • [+] I2P HTTP Proxy
  • [-] I2P HTTPS Proxy
  • [-] Irc2P
  • [-] mtn.i2p-projekt.i2p
  • [-] pop3.postman.i2p
  • [-] smtp.postman.i2p

Web Apps:

  • [+] Torrents
  • [+] Hidden Services Manager
  • [-] Identification Image Generator
  • [+] I2P Router Console
  • [+] Addressbook
  • [-] Email

Bandwidth (example):

  • 800 In
  • 300 Out
  • 10% share

Other settings:

  • Changed the I2P HTTP Proxy interface from '127.0.0.1' to '192.168.1.2'. Combined with the 'http://192.168.1.2/proxy.pac' and settings in Firefox we can now access '.i2p' websites with this browser from an other machine.

I2P router Snark settings

  • Configuration
    • Data directory (example):
      • /media/data/i2psnark

You will need some storage, see below option.

Firefox browsing I2P websites

Note: I2P HTTP Proxy interface needs to changed from '127.0.0.1' to '192.168.1.2'.

A PAC file is used to redirect websites with a '.I2P' extension. You may make this file available via a webserver, for example http://192.168.1.2/proxy.pac. 

sudo nano /var/www/html/proxy.pac
	function FindProxyForURL(url, host) {
	 // i2p via proxy or DIRECT if unavailable
	 if (shExpMatch(host, "*.i2p")) {
	  return "PROXY 192.168.1.2:4444; DIRECT";
	 }
	 // All other requests DIRECT:
	 return "DIRECT";
	}

To configure your Firefox webbrowser:

  • go to > Preferences > Advanced > Network > Connection Settings
  • Check the 'Automatic proxy configuration URL':
  • Enter: http://192.168.1.2/proxy.pac

Format a DATA partition as exFAT, allowing larger than 4Gb files

Install packages: 

sudo apt install exfat-utils

List devices: 

sudo lsblk

In my case:

  • device /dev/mmcblk0
    • Partition 1 is the RPi boot partition
    • Partition 2 is the RPi root partition
    • Partition 3 will be the DATA partition - ALL DATA WILL BE ERASED

Remove mount: 

sudo umount /media/data

Edit the partition tables, accept defaults mostly - ALL DATA WILL BE ERASED: 

sudo fdisk /dev/mmcblk0
'p' - print partitions
'd' - delete partition - 3
'n' - new partition - 3
't' - change partition type - 3
	7 (HPFS/NTFS/exFAT)
'w' - write and quit

Format - ALL DATA WILL BE ERASED, mount: 

#Format
sudo mkfs.exfat  -n Data /dev/mmcblk0p3

#Mount
sudo mount /dev/mmcblk0p3 /media/data

#i2psnark data directory
mkdir /media/data/i2psnark

To mount automatically at boot it needs to be added to fstab: 

sudo nano /etc/fstab
#Device	 Mountpoint  FilesystemType  MountOptions  BackupDump(0)  FsckOrder(2)
/dev/mmcblk0p3  /media/data exfat-fuse defaults,noatime 0 2

Permissions

Write permissions for i2pSnark. Note that de exFat system itself does not support setting permissions for files and folders.

Use the Id command to find the id's: 

id

Specifically: 

id i2psvc

   uid=108(i2psvc) gid=113(i2psvc) groups=113(i2psvc)	

sudo umount /media/data
sudo nano /ets/fstab

   /dev/mmcblk0p3 /media/data  exfat  defaults,uid=108,gid=113,noatime  0  2

#reload fstab
sudo systemctl daemon-reload

#set immutable as a folder, so it can only be written if it is a mountpoint
sudo chattr +i /media/data

#mount, using fstab
sudo mount /media/data

#allow others to write:
sudo adduser user1 i2psvc

Troubleshooting

Network problem after reboot

After a reboot the configuration would show a network error and continue to do so until the service was restarted.

To give is some more time a delay was added in the service definition. 

sudo nano /lib/systemd/system/i2p.service

	[Service]
	...
	ExecStartPre=-/bin/sleep 20
	...

sudo systemctl daemon-reload

Upgrade: deb uses unknown compression (zst)

i2p upgrade

  ...
  dpkg-deb: error: archive '/var/cache/apt/archives/i2p-keyring_2023.10.01_all.deb' uses unknown compression for member 'control.tar.zst', giving up
  ...

Problem: compression zst is not yet supported by Debian deb. Fix: recreate deb with supported compression 

# install zst compression tool
sudo apt install zstd

#The original file:
cd
cp /var/cache/apt/archives/i2p-keyring_2023.10.01_all.deb .

# extract files 'control.tar.zst' and 'data.tar.zst' from deb:
ar x i2p-keyring_2023.10.01_all.deb

# compress and rename with 'xz'
zstd -d < control.tar.zst| xz > control.tar.xz 
zstd -d < data.tar.zst| xz > data.tar.xz 

# recreate deb
ar -m -c -a sdsd i2p-keyring_2023.10.01_all_repacked.deb debian-binary control.tar.xz data.tar.xz

# cleanup files
rm debian-binary control.tar.xz data.tar.xz control.tar.zst data.tar.zst 

# resulting files
ls
	i2p-keyring_2023.10.01_all.deb
	i2p-keyring_2023.10.01_all_repacked.deb

# install the deb and try upgrade again
sudo dpkg -i --force-overwrite i2p-keyring_2023.10.01_all_repacked.deb
sudo apt upgrade
Retrieved from "https://wjv.duckdns.org/mediawiki/index.php?title=Install_I2P_on_Raspberry_Pi&oldid=3840"