Home Explore Help
Sign In
iikb
/
tails
Watch 2
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f60564b7a8
Branches Tags
tails
/
config
/
chroot_local-hooks
/
16-i2p_config

16-i2p_config 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 
  1. #!/bin/sh
    2. 

  2. 

  3. set -e
    4. 

  4. 

  5. echo "Configuring I2P"
    6. 

  6. 

  7. I2P="/usr/share/i2p"
    8. 

  8. I2PROUTER="/usr/bin/i2prouter"
    9. 

  9. WRAPPER="/etc/i2p/wrapper.config"
    10. 

  10. 

  11. # This must be set in order for the i2p init script to work
    12. 

  12. sed -i 's/^RUN_DAEMON=.*$/RUN_DAEMON="true"/' /etc/default/i2p
    13. 

  13. 

  14. # Remove the "i2prouter" script, its man page, and its apparmor profile
    15. 

  15. # since these are not used by Tails:
    16. 

  16. rm /etc/apparmor.d/usr.bin.i2prouter /usr/share/man/man1/i2prouter.1.gz
    17. 

  17. 

  18. # Install custom i2prouter stub scripts
    19. 

  19. for script in ${I2PROUTER} ${I2PROUTER}-nowrapper; do
    20. 

  20.     echo "Removing $script"
    21. 

  21.     dpkg-divert --rename --add "${script}"
    22. 

  22.     cat > "$script" << EOF
    23. 

  23. #!/bin/sh
    24. 

  24. echo "This script is not used by Tails."
    25. 

  25. echo "See https://tails.boum.org/doc/anonymous_internet/i2p/ for more information."
    26. 

  26. exit 0
    27. 

  27. EOF
    28. 

  28.     chmod 755 "$script"
    29. 

  29. done
    30. 

  30. 

  31. # Remove the outproxy from the tunnel on port 4444
    32. 

  32. # This will remove the following lines:
    33. 

  33. #      tunnel.0.proxyList=false.i2p
    34. 

  34. #      tunnel.0.option.i2ptunnel.httpclient.SSLOutproxies=false.i2p
    35. 

  35. # The SSLOutproxies option was first set in I2P 0.9.15
    36. 

  36. sed -i '/^.*tunnel\.0\.\(proxyList\|option\.i2ptunnel\.httpclient\.SSLOutproxies\)/d' "$I2P/i2ptunnel.config"
    37. 

  37. 

  38. # Disable the https outproxy (port 4445)
    39. 

  39. sed -i 's|^.*\(tunnel\.6\.startOnLoad\).*|\1=false|' "$I2P/i2ptunnel.config"
    40. 

  40. 

  41. # Don't serve the router console on IPv6
    42. 

  42. sed -i 's|^clientApp\.0\.args=7657\s\+::1,127\.0\.0\.1|clientApp.0.args=7657 127.0.0.1|' "$I2P/clients.config"
    43. 

  43. 

  44. # Disable IPv6 in the wrapper
    45. 

  45. sed -i 's|^.*\(wrapper\.java\.additional\.5=-Djava\.net\.preferIPv4Stack=\).*|\1true|' "$WRAPPER"
    46. 

  46. sed -i 's|^.*\(wrapper\.java\.additional\.6=-Djava\.net\.preferIPv6Addresses=\).*|\1false|' "$WRAPPER"
    47. 

  47. 

  48. # Tails specific router configs:
    49. 

  49. # * i2cp: allows java clients to communicate with I2P outside of the JVM. Disabled.
    50. 

  50. # * IPv6: Disabled
    51. 

  51. # * HiddenMode: Enabled
    52. 

  52. # * In-I2P Network Updates: Disabled
    53. 

  53. # * Inbound connections: Disabled (setting is "i2cp.ntcp.autoip")
    54. 

  54. # * Disable I2P plugins
    55. 

  55. # * Disable NTP
    56. 

  56. cat > "$I2P/router.config" << EOF
    57. 

  57. # NOTE: This I2P config file must use UTF-8 encoding
    58. 

  58. i2cp.disableInterface=true
    59. 

  59. i2np.ntcp.ipv6=false
    60. 

  60. i2np.ntcp.autoip=false
    61. 

  61. i2np.udp.ipv6=false
    62. 

  62. router.isHidden=true
    63. 

  63. router.updateDisabled=true
    64. 

  64. router.enablePlugins=false
    65. 

  65. time.disabled=true
    66. 

  66. EOF
    67. 

  67. 

  68. cat > "$I2P/susimail.config" << EOF
    69. 

  69. susimail.pop3.leave.on.server=true
    70. 

  70. EOF
    71. 

  71. 

  72. # enforce apparmor
    73. 

  73. echo Setting the I2P apparmor profile to enforce mode
    74. 

  74. sed  -i -re 's|flags=\(complain\)||' /etc/apparmor.d/system_i2p
    75. 

  75.