diff options
Diffstat (limited to 'template/install-on-debian9.html.j2')
-rw-r--r-- | template/install-on-debian9.html.j2 | 256 |
1 files changed, 6 insertions, 250 deletions
diff --git a/template/install-on-debian9.html.j2 b/template/install-on-debian9.html.j2 index 74bf7f57..beffdcf6 100644 --- a/template/install-on-debian9.html.j2 +++ b/template/install-on-debian9.html.j2 | |||
@@ -116,7 +116,6 @@ | |||
116 | <code> | 116 | <code> |
117 | $ cd ~/gnunet_installation/gnunet<br> | 117 | $ cd ~/gnunet_installation/gnunet<br> |
118 | $ ./bootstrap<br> | 118 | $ ./bootstrap<br> |
119 | $ export GNUNET_PREFIX=/usr<br> | ||
120 | $ export CFLAGS="-g -Wall -O0"<br> | 119 | $ export CFLAGS="-g -Wall -O0"<br> |
121 | $ ./configure --prefix=$GNUNET_PREFIX --disable-documentation --enable-logging=verbose --with-microhttpd=/opt/libmicrohttpd<br> | 120 | $ ./configure --prefix=$GNUNET_PREFIX --disable-documentation --enable-logging=verbose --with-microhttpd=/opt/libmicrohttpd<br> |
122 | $ make -j$(nproc || echo -n 1)<br> | 121 | $ make -j$(nproc || echo -n 1)<br> |
@@ -132,7 +131,6 @@ | |||
132 | $ sudo apt install libgtk-3-dev libgladeui-dev libunique-dev libqrencode-dev | 131 | $ sudo apt install libgtk-3-dev libgladeui-dev libunique-dev libqrencode-dev |
133 | $ cd ~/gnunet_installation/gnunet-gtk<br> | 132 | $ cd ~/gnunet_installation/gnunet-gtk<br> |
134 | $ ./bootstrap<br> | 133 | $ ./bootstrap<br> |
135 | $ export GNUNET_PREFIX=/usr<br> | ||
136 | $ export CFLAGS="-g -Wall -O0"<br> | 134 | $ export CFLAGS="-g -Wall -O0"<br> |
137 | $ ./configure --prefix=$GNUNET_PREFIX --with-gnunet=$GNUNET_PREFIX<br> | 135 | $ ./configure --prefix=$GNUNET_PREFIX --with-gnunet=$GNUNET_PREFIX<br> |
138 | $ make -j$(nproc || echo -n 1)<br> | 136 | $ make -j$(nproc || echo -n 1)<br> |
@@ -270,247 +268,12 @@ | |||
270 | $ gnunet-arm -e | 268 | $ gnunet-arm -e |
271 | </code> | 269 | </code> |
272 | 270 | ||
273 | 271 | <section> | |
274 | <h3>{{ _("Make sure it works") }}</h3> | 272 | <h3>{{ _("Use GNUnet!") }}</h3> |
275 | 273 | <p> | |
276 | <p> | 274 | Please head over here: <a href="https://gnunet.org/en/use.html">Use!</a> |
277 | Let's try out some of GNUnet's use cases. Some should be done | 275 | <p> |
278 | before others: | 276 | </section> |
279 | </p> | ||
280 | |||
281 | <ul> | ||
282 | <li>filesharing</li> | ||
283 | <li>A simple chat using CADET</li> | ||
284 | <li>Name resolution using GNS on the command line</li> | ||
285 | <li>Name resolution using GNS with a browser (do it on the command line first)</li> | ||
286 | <li>Serving a website using VPN (do name resolution with a browser first)</li> | ||
287 | </ul> | ||
288 | |||
289 | <h4>{{ _("filesharing") }}</h4> | ||
290 | |||
291 | <p> | ||
292 | Let's publish a file in the GNUnet filesharing network. We use the keywords | ||
293 | ("commons" and "state") so other people will be able to search for the file. | ||
294 | </p> | ||
295 | |||
296 | <p> | ||
297 | We can choose any file and describe it with meaningful keywords (using the | ||
298 | `-k` command line option). | ||
299 | </p> | ||
300 | |||
301 | <code> | ||
302 | $ gnunet-publish -k commons -k state ostrom.pdf<br> | ||
303 | Publishing `/home/myself/ostrom.pdf' done.<br> | ||
304 | URI is `gnunet://fs/chk/M57SXDJ72EWS25CT6307KKJ8K0GCNSPTAZ649NA1NS10MJB4A1GZ9EN4Y02KST9VA5BHE8B335RPXQVBWVZ587Y83WQ7J3DHMBX30Q8.DHNGBN4CB2DBX1QRZ1R0B1Q18WTEAK4R94S9D57C9JMJJ3H7SSQDCV4D1218C4S2VP085AMQQSMG18FCP6NQMZQZJ91XR5NBX7YF0V0.42197237'. | ||
305 | </code> | ||
306 | |||
307 | |||
308 | <p>Finding the file by keyword works with `gnunet-search`.</p> | ||
309 | |||
310 | <code> | ||
311 | $ gnunet-search commons<br> | ||
312 | #1:<br> | ||
313 | gnunet-download -o "ostrom.pdf" gnunet://fs/chk/M57SXDJ72EWS25CT6307KKJ8K0GCNSPTAZ649NA1NS10MJB4A1GZ9EN4Y02KST9VA5BHE8B335RPXQVBWVZ587Y83WQ7J3DHMBX30Q8.DHNGBN4CB2DBX1QRZ1R0B1Q18WTEAK4R94S9D57C9JMJJ3H7SSQDCV4D1218C4S2VP085AMQQSMG18FCP6NQMZQZJ91XR5NBX7YF0V0.42197237 | ||
314 | </code> | ||
315 | |||
316 | <p> | ||
317 | It gives us the command line call to download the file (and store it as | ||
318 | ostrom.pdf)! | ||
319 | </p> | ||
320 | |||
321 | <h4>{{ _("CADET (and Chat)") }}</h4> | ||
322 | |||
323 | <p> | ||
324 | We can use the `gnunet-cadet` command line tool to open a port and from | ||
325 | another machine connect to this port and chat or transfer data. First we need | ||
326 | our *peer ID* of the GNUnet peer opening the port. | ||
327 | </p> | ||
328 | |||
329 | <code> | ||
330 | $ gnunet-peerinfo -s<br> | ||
331 | I am peer `P4T5GHS1PCZ06R82D3KW8Z8J1113BQZWAWGYHTZ8G1ZXMWXQGAVG'. | ||
332 | </code> | ||
333 | |||
334 | |||
335 | <p> | ||
336 | Now we open the port (it can be any string!): | ||
337 | </p> | ||
338 | |||
339 | <code> | ||
340 | $ gnunet-cadet -o my-secret-port | ||
341 | </code> | ||
342 | |||
343 | <p> | ||
344 | On the other machine we can connect using the peer ID and the port | ||
345 | and start chatting! | ||
346 | </p> | ||
347 | |||
348 | <code> | ||
349 | $ gnunet-cadet P4T5GHS1PCZ06R82D3KW8Z8J1113BQZWAWGYHTZ8G1ZXMWXQGAVG my-secret-port | ||
350 | </code> | ||
351 | |||
352 | <h4>{{ _("Name resolution using GNS on the command line") }}</h4> | ||
353 | |||
354 | <p> | ||
355 | GNS is the GNU name service, a fully decentralized alternatice to | ||
356 | DNS. We'll publish an IP address in a GNS record try to resolve it | ||
357 | on the command line. First we need an identity which is the | ||
358 | equivalent to a zone in DNS. We'll call it "myself" and create it | ||
359 | using the `gnunet-identity` command line tool. Instead of "myself" | ||
360 | you can surely use your nick or any other name. | ||
361 | </p> | ||
362 | |||
363 | <code> | ||
364 | $ gnunet-identity -C myself | ||
365 | </code> | ||
366 | |||
367 | <p> | ||
368 | We can check if it worked using the same tool. We expect the name | ||
369 | of our identity and the corresponding public key to be | ||
370 | displayed. | ||
371 | </p> | ||
372 | |||
373 | <code> | ||
374 | $ gnunet-identity -d<br> | ||
375 | myself - HWTYD3P5D77JVFNVMZ1M5T10V4SZYNMY3PCGQCSVENKD6ZCRKPMG | ||
376 | </code> | ||
377 | |||
378 | <p> | ||
379 | Now we add a public `A` record to our zone. It has the name "ccc", a value | ||
380 | of "195.54.164.39" and it expires after one day. | ||
381 | </p> | ||
382 | |||
383 | <code> | ||
384 | $ gnunet-namestore -z myself -a -e "1 d" -p -t A -n ccc -V 195.54.164.39 | ||
385 | </code> | ||
386 | |||
387 | <p> | ||
388 | Now we can query that record using the command line tool `gnunet-gns`. | ||
389 | </p> | ||
390 | |||
391 | <code> | ||
392 | $ gnunet-gns -t A -u ccc.myself<br> | ||
393 | ccc.myself:<br> | ||
394 | Got `A' record: 195.54.164.39 | ||
395 | </code> | ||
396 | |||
397 | <p> | ||
398 | So it worked! But only resolving our own records is boring. So we | ||
399 | can give our identity (the public key of it to be precise) to | ||
400 | someone else so they can try to resolve our records, too. The | ||
401 | other person (Bob) has to add it to his namestore like this: | ||
402 | <p> | ||
403 | |||
404 | <code> | ||
405 | $ gnunet-namestore -z myself -a -e never -p -t PKEY -n alice -V HWTYD3P5D77JVFNVMZ1M5T10V4SZYNMY3PCGQCSVENKD6ZCRKPMG | ||
406 | </code> | ||
407 | |||
408 | <p> | ||
409 | Our identity in Bobs namestore is a public record (-p) and never | ||
410 | expires (-e never). Now Bob (let's assume he has called his identity | ||
411 | myself, too) should be able to resolve our "ccc" record, too! | ||
412 | </p> | ||
413 | |||
414 | <code> | ||
415 | $ gnunet-gns -t A -u ccc.alice.myself<br> | ||
416 | ccc.alice.myself:<br> | ||
417 | Got `A' record: 195.54.164.39 | ||
418 | </code> | ||
419 | |||
420 | <p> | ||
421 | It can continue like this. A friend of Bob would be able to | ||
422 | resolve our records too because Bob published our identity in a | ||
423 | public record. Bobs friend would simply use "ccc.alice.bob.myself" | ||
424 | to resolve our "ccc" record. | ||
425 | </p> | ||
426 | |||
427 | |||
428 | <h4>{{ _("Name resolution using GNS with a browser") }}</h4> | ||
429 | |||
430 | <p> | ||
431 | In the previous use case "Name resolution using GNS on the | ||
432 | command line" we got an idea about what GNS is about, but now | ||
433 | let's use it with a browser, to make it actually useful. Currently | ||
434 | Firefox and Chromium are known to work. | ||
435 | </p> | ||
436 | |||
437 | <p> | ||
438 | Many websites enforce HTTPS and thus provide certificates for | ||
439 | their hostnames (and not our GNS names). Browsers don't like wrong | ||
440 | hostnames in certificates and will present error messages. So | ||
441 | GNUnet has to trick them by generating own certificates for our | ||
442 | GNS names. This means we need to create our own certificate | ||
443 | authority and tell our browser about it. Luckily there's a script | ||
444 | for it: | ||
445 | </p> | ||
446 | |||
447 | <code> | ||
448 | $ gnunet-gns-proxy-setup-ca | ||
449 | </code> | ||
450 | |||
451 | <p> | ||
452 | After executing this script the Browser has to be restarted. | ||
453 | </p> | ||
454 | |||
455 | <p> | ||
456 | GNUnet provides a proxy service (gnunet-gns-proxy) that the | ||
457 | browser can send DNS and HTTP traffic to. It will try to resolve | ||
458 | names with GNS first and forward the rest of the DNS traffic to | ||
459 | the system's DNS resolver. It will also take care of the HTTP | ||
460 | traffic, so the browser gets valid certificates and the web server | ||
461 | will not be confused by our GNS hostnames. Our GNS namestore | ||
462 | doesn't know about any DNS hostnames yet, so we have to store | ||
463 | them, too. For our "ccc" A record, we have to store a LEHO (legacy | ||
464 | hostname) record, too. It must contain the website's original DNS | ||
465 | hostname: | ||
466 | </p> | ||
467 | |||
468 | <code> | ||
469 | $ gnunet-namestore -z myself -a -e "1 d" -p -t LEHO -n ccc -V www.ccc.de | ||
470 | </code> | ||
471 | |||
472 | <p> | ||
473 | Now let's start gnunet-gns-proxy. | ||
474 | </p> | ||
475 | |||
476 | <code> | ||
477 | $ /usr/lib/gnunet/libexec/gnunet-gns-proxy | ||
478 | </code> | ||
479 | |||
480 | <p> | ||
481 | Our browser has to be configured so it uses our proxy. In Firefox | ||
482 | we have to set these options under "about:config": | ||
483 | </p> | ||
484 | |||
485 | <code> | ||
486 | network.proxy.socks: localhost<br> | ||
487 | network.proxy.socks_port: 7777<br> | ||
488 | network.proxy.socks_remote_dns true<br> | ||
489 | network.proxy.type: 1 | ||
490 | </code> | ||
491 | |||
492 | <p> | ||
493 | To tell Chromium to use the proxy, it has to be started with the | ||
494 | "--proxy-server" command line option: | ||
495 | </p> | ||
496 | |||
497 | <code> | ||
498 | $ chromium --proxy-server="socks5://127.0.0.1:7777" | ||
499 | </code> | ||
500 | |||
501 | <p> | ||
502 | Now we should be able to resolve our GNS names in the browser! We | ||
503 | just have to type "https://ccc.myself" into the address bar. If | ||
504 | our friend Bob prepared his system, too, he can resolve our record | ||
505 | by typing "ccc.alice.myself". | ||
506 | </p> | ||
507 | |||
508 | |||
509 | <h4>{{ _("VPN") }}</h4> | ||
510 | |||
511 | <p> | ||
512 | TBD | ||
513 | </p> | ||
514 | 277 | ||
515 | <h3>{{ _("Uninstall GNUnet and its dependencies") }}</h3> | 278 | <h3>{{ _("Uninstall GNUnet and its dependencies") }}</h3> |
516 | 279 | ||
@@ -528,12 +291,6 @@ | |||
528 | $ sudo rm /lib/$(uname -m)-linux-gnu/libnss_gns.so.2 | 291 | $ sudo rm /lib/$(uname -m)-linux-gnu/libnss_gns.so.2 |
529 | </code> | 292 | </code> |
530 | 293 | ||
531 | <h3>{{ _("Appendix A: Optional GNUnet features") }}</h3> | ||
532 | |||
533 | <p> | ||
534 | TBD | ||
535 | </p> | ||
536 | |||
537 | <h3>{{ _("Troubleshooting") }}</h3> | 294 | <h3>{{ _("Troubleshooting") }}</h3> |
538 | 295 | ||
539 | <h4>{{ _("You can't reach other people's nodes") }}</h4> | 296 | <h4>{{ _("You can't reach other people's nodes") }}</h4> |
@@ -565,7 +322,6 @@ | |||
565 | gnunet-peerinfo -p <string> | 322 | gnunet-peerinfo -p <string> |
566 | </code> | 323 | </code> |
567 | 324 | ||
568 | |||
569 | <p> | 325 | <p> |
570 | Now our GNUnet nodes can attempt reaching each other directly. This may | 326 | Now our GNUnet nodes can attempt reaching each other directly. This may |
571 | still fail due to NAT traversal issues. | 327 | still fail due to NAT traversal issues. |