{% extends "common/base.j2" %} {% block body_content %}
Welcome to the hopefully painless GNUnet tutorial for Debian 9! It provides very concrete instructions on how to compile, install and configure a current version of GNUnet. The goal is to support newcomers, either end users or developers, who want to get in touch with GNUnet for the first time. After installing GNUnet we will make sure that out new GNUnet installation is working correctly.
Attention: If you came across the official gnunet package for Debian 9, ignore it! It is ancient and not compatible with current GNUnet installations.
Now let's start!
First let's install the following Debian 9 packages to use GNUnet painlessly. Optional dependencies are listed in Appendix A. They are required for some experimental GNUnet features.
$ sudo apt install git libtool autoconf autopoint \
build-essential libgcrypt-dev libidn11-dev zlib1g-dev \
libunistring-dev libglpk-dev miniupnpc libextractor-dev \
libjansson-dev libcurl4-gnutls-dev gnutls-bin libsqlite3-dev \
openssl libnss3-tools libopus-dev libpulse-dev libogg-dev
Next we create a directory in our home directory where we store the source code later. We should keep this directory after installation because it contains Makefiles that can be used for uninstalling GNUnet again (see chapter *Uninstall GNUnet and its dependencies*).
$ mkdir ~/gnunet_installation
We download the GNUnet source code using git. On Debian 9 we need the sources of another library (libmicrohttpd).
Attention: The official libmicrohttpd package for Debian 9 is too old, we need at least version 0.9.52.
$ cd ~/gnunet_installation
$ git clone --depth 1 https://gnunet.org/git/gnunet.git
$ git clone --depth 1 https://gnunet.org/git/gnunet-gtk.git
$ git clone --depth 1 https://gnunet.org/git/libmicrohttpd.git
Before we can compile GNUnet on Debian 9, we compile and install libmicrohttpd.
$ cd ~/gnunet_installation/libmicrohttpd
$ autoreconf -fi
$ sudo apt install libgnutls28-dev
$ ./configure --disable-doc --prefix=/opt/libmicrohttpd
$ make -j$(nproc || echo -n 1)
$ sudo make install
Installing GNUnet is not hard. We have two options: installing a *production version* and installing a *development version*. If you want to start writing GNUnet applications or join the GNUnet development choose the development version (it will print more debug output and contains debug symbols that can be displayed with a debugger). Otherwise choose the production version.
$ cd ~/gnunet_installation/gnunet
$ ./bootstrap
$ ./configure --prefix=$GNUNET_PREFIX --disable-documentation --with-microhttpd=/opt/libmicrohttpd
$ sudo addgroup gnunetdns
$ sudo adduser --system --group --disabled-login --home /var/lib/gnunet gnunet
$ make -j$(nproc || echo -n 1)
$ sudo make install
$ cd ~/gnunet_installation/gnunet
$ ./bootstrap
$ export CFLAGS="-g -Wall -O0"
$ ./configure --prefix=$GNUNET_PREFIX --disable-documentation --enable-logging=verbose --with-microhttpd=/opt/libmicrohttpd
$ make -j$(nproc || echo -n 1)
$ sudo make install
Installing the Gtk+-based graphical user interface can be done on top of either the production or development installation.
$ sudo apt install libgtk-3-dev libgladeui-dev libunique-dev libqrencode-dev
$ cd ~/gnunet_installation/gnunet-gtk
$ ./bootstrap
$ export CFLAGS="-g -Wall -O0"
$ ./configure --prefix=$GNUNET_PREFIX --with-gnunet=$GNUNET_PREFIX
$ make -j$(nproc || echo -n 1)
$ sudo make install
Congratulations! GNUnet is now installed! Before we start it we need to create a configuration file. By default GNUnet looks in our home directory for the file `~/.config/gnunet.conf`. We can start with an empty file for now:
$ touch ~/.config/gnunet.conf
It's reccomended that you increase your bandwidth restrictions from the acutely low defaults. The example below sets the WAN and LAN limits to the value "unlimited".
$ gnunet-config -s ats -o WAN_QUOTA_IN -V unlimited
$ gnunet-config -s ats -o WAN_QUOTA_OUT -V unlimited
$ gnunet-config -s ats -o LAN_QUOTA_IN -V unlimited
$ gnunet-config -s ats -o LAN_QUOTA_OUT -V unlimited
Now we can start it with the command line tool `gnunet-arm` (Automatic Restart Manager).
$ gnunet-arm -s
It starts the default GNUnet services. We can list them with the `-I` option:
$ gnunet-arm -I
Running services:
ats (gnunet-service-ats)
revocation (gnunet-service-revocation)
set (gnunet-service-set)
nat (gnunet-service-nat)
transport (gnunet-service-transport)
peerstore (gnunet-service-peerstore)
hostlist (gnunet-daemon-hostlist)
identity (gnunet-service-identity)
namecache (gnunet-service-namecache)
peerinfo (gnunet-service-peerinfo)
datastore (gnunet-service-datastore)
zonemaster (gnunet-service-zonemaster)
zonemaster-monitor (gnunet-service-zonemaster-monitor)
nse (gnunet-service-nse)
cadet (gnunet-service-cadet)
dht (gnunet-service-dht)
core (gnunet-service-core)
gns (gnunet-service-gns)
statistics (gnunet-service-statistics)
topology (gnunet-daemon-topology)
fs (gnunet-service-fs)
namestore (gnunet-service-namestore)
vpn (gnunet-service-vpn)
For stopping GNUnet again we can use the `-e` option.
$ gnunet-arm -e
Please head over here: Use!
$ cd ~/gnunet_installation/gnunet
$ sudo make uninstall
$ cd ~/gnunet_installation/libmicrohttpd
$ sudo make uninstall
$ sudo apt remove git libtool autoconf autopoint build-essential libgcrypt-dev libidn11-dev zlib1g-dev libunistring-dev libglpk-dev miniupnpc libextractor-dev libjansson-dev libcurl4-gnutls-dev libsqlite3-dev
$ sudo apt autoremove
$ sudo userdel -r gnunet
$ sudo groupdel gnunet
$ sudo groupdel gnunetdns
$ sudo mv /etc/nsswitch.conf.original /etc/nsswitch.conf
$ sudo rm /lib/$(uname -m)-linux-gnu/libnss_gns.so.2
Should our computer not have reached the open GNUnet network automatically, we can manually instruct our node how to reach the nodes of our friends. This works by exchanging HELLO strings. This is how we get a hello string for our computer.
$ gnunet-peerinfo -gn
We can now pass this string to our friends "out of band" (using whatever existing chat or messaging technology). If the string contains some private IP networks we don't want to share, we can carefully edit them out.
Once we receive such strings from our friends, we can add them like this:
gnunet-peerinfo -p
Now our GNUnet nodes can attempt reaching each other directly. This may still fail due to NAT traversal issues.