{% extends "common/base.j2" %} {% block body_content %}

{{ _("Tutorial: GNUnet on Debian 9") }}

{{ _("Introduction") }}

Welcome to the hopefully painless GNUnet tutorial for Debian 9! It provides very concrete instructions on how to compile, install and configure a current version of GNUnet. The goal is to support newcomers, either end users or developers, who want to get in touch with GNUnet for the first time. After installing GNUnet we will make sure that out new GNUnet installation is working correctly.

Attention: If you came across the official gnunet package for Debian 9, ignore it! It is ancient and not compatible with current GNUnet installations.

Now let's start!

{{ _("Requirements") }}

First let's install the following Debian 9 packages to use GNUnet painlessly. Optional dependencies are listed in Appendix A. They are required for some experimental GNUnet features.

$ sudo apt install git libtool autoconf autopoint \
build-essential libgcrypt-dev libidn11-dev zlib1g-dev \
libunistring-dev libglpk-dev miniupnpc libextractor-dev \
libjansson-dev libcurl4-gnutls-dev gnutls-bin libsqlite3-dev \
openssl libnss3-tools libopus-dev libpulse-dev libogg-dev

{{ _("Make an installation directory") }}

Next we create a directory in our home directory where we store the source code later. We should keep this directory after installation because it contains Makefiles that can be used for uninstalling GNUnet again (see chapter *Uninstall GNUnet and its dependencies*).

$ mkdir ~/gnunet_installation

{{ _("Get the source code") }}

We download the GNUnet source code using git. On Debian 9 we need the sources of another library (libmicrohttpd).

Attention: The official libmicrohttpd package for Debian 9 is too old, we need at least version 0.9.52.

$ cd ~/gnunet_installation
$ git clone --depth 1 https://gnunet.org/git/gnunet.git
$ git clone --depth 1 https://gnunet.org/git/gnunet-gtk.git
$ git clone --depth 1 https://gnunet.org/git/libmicrohttpd.git

{{ _("Compile and Install") }}

Before we can compile GNUnet on Debian 9, we compile and install libmicrohttpd.

$ cd ~/gnunet_installation/libmicrohttpd
$ autoreconf -fi
$ sudo apt install libgnutls28-dev
$ ./configure --disable-doc --prefix=/opt/libmicrohttpd
$ make -j$(nproc || echo -n 1)
$ sudo make install

Installing GNUnet is not hard. We have two options: installing a *production version* and installing a *development version*. If you want to start writing GNUnet applications or join the GNUnet development choose the development version (it will print more debug output and contains debug symbols that can be displayed with a debugger). Otherwise choose the production version.

{{ _("Option 1: GNUnet for production / usage") }}

$ cd ~/gnunet_installation/gnunet
$ ./bootstrap
$ ./configure --prefix=$GNUNET_PREFIX --disable-documentation --with-microhttpd=/opt/libmicrohttpd
$ sudo addgroup gnunetdns
$ sudo adduser --system --group --disabled-login --home /var/lib/gnunet gnunet
$ make -j$(nproc || echo -n 1)
$ sudo make install

{{ _("Option 2: GNUnet for development") }}

$ cd ~/gnunet_installation/gnunet
$ ./bootstrap
$ export CFLAGS="-g -Wall -O0"
$ ./configure --prefix=$GNUNET_PREFIX --disable-documentation --enable-logging=verbose --with-microhttpd=/opt/libmicrohttpd
$ make -j$(nproc || echo -n 1)
$ sudo make install

{{ _("Option 3: gnunet-gtk") }}

Installing the Gtk+-based graphical user interface can be done on top of either the production or development installation.

$ sudo apt install libgtk-3-dev libgladeui-dev libunique-dev libqrencode-dev $ cd ~/gnunet_installation/gnunet-gtk
$ ./bootstrap
$ export CFLAGS="-g -Wall -O0"
$ ./configure --prefix=$GNUNET_PREFIX --with-gnunet=$GNUNET_PREFIX
$ make -j$(nproc || echo -n 1)
$ sudo make install

{{ _("Configuration") }}

Congratulations! GNUnet is now installed! Before we start it we need to create a configuration file. By default GNUnet looks in our home directory for the file `~/.config/gnunet.conf`. We can start with an empty file for now:

$ touch ~/.config/gnunet.conf

It's reccomended that you increase your bandwidth restrictions from the acutely low defaults. The example below sets the WAN and LAN limits to the value "unlimited".

$ gnunet-config -s ats -o WAN_QUOTA_IN -V unlimited
$ gnunet-config -s ats -o WAN_QUOTA_OUT -V unlimited
$ gnunet-config -s ats -o LAN_QUOTA_IN -V unlimited
$ gnunet-config -s ats -o LAN_QUOTA_OUT -V unlimited

Now we can start it with the command line tool `gnunet-arm` (Automatic Restart Manager).

$ gnunet-arm -s

It starts the default GNUnet services. We can list them with the `-I` option:

$ gnunet-arm -I
Running services:
ats (gnunet-service-ats)
revocation (gnunet-service-revocation)
set (gnunet-service-set)
nat (gnunet-service-nat)
transport (gnunet-service-transport)
peerstore (gnunet-service-peerstore)
hostlist (gnunet-daemon-hostlist)
identity (gnunet-service-identity)
namecache (gnunet-service-namecache)
peerinfo (gnunet-service-peerinfo)
datastore (gnunet-service-datastore)
zonemaster (gnunet-service-zonemaster)
zonemaster-monitor (gnunet-service-zonemaster-monitor)
nse (gnunet-service-nse)
cadet (gnunet-service-cadet)
dht (gnunet-service-dht)
core (gnunet-service-core)
gns (gnunet-service-gns)
statistics (gnunet-service-statistics)
topology (gnunet-daemon-topology)
fs (gnunet-service-fs)
namestore (gnunet-service-namestore)
vpn (gnunet-service-vpn)

For stopping GNUnet again we can use the `-e` option.

$ gnunet-arm -e

{{ _("Use GNUnet!") }}

Please head over here: Use!

{{ _("Uninstall GNUnet and its dependencies") }}

$ cd ~/gnunet_installation/gnunet
$ sudo make uninstall
$ cd ~/gnunet_installation/libmicrohttpd
$ sudo make uninstall
$ sudo apt remove git libtool autoconf autopoint build-essential libgcrypt-dev libidn11-dev zlib1g-dev libunistring-dev libglpk-dev miniupnpc libextractor-dev libjansson-dev libcurl4-gnutls-dev libsqlite3-dev
$ sudo apt autoremove
$ sudo userdel -r gnunet
$ sudo groupdel gnunet
$ sudo groupdel gnunetdns
$ sudo mv /etc/nsswitch.conf.original /etc/nsswitch.conf
$ sudo rm /lib/$(uname -m)-linux-gnu/libnss_gns.so.2

{{ _("Troubleshooting") }}

{{ _("You can't reach other people's nodes") }}

Should our computer not have reached the open GNUnet network automatically, we can manually instruct our node how to reach the nodes of our friends. This works by exchanging HELLO strings. This is how we get a hello string for our computer.

$ gnunet-peerinfo -gn

We can now pass this string to our friends "out of band" (using whatever existing chat or messaging technology). If the string contains some private IP networks we don't want to share, we can carefully edit them out.

Once we receive such strings from our friends, we can add them like this:

gnunet-peerinfo -p

Now our GNUnet nodes can attempt reaching each other directly. This may still fail due to NAT traversal issues.

{% endblock body_content %}