diff options
| -rw-r--r-- | pcr/i2p/PKGBUILD | 75 | ||||
| -rw-r--r-- | pcr/i2p/i2p.install | 21 | ||||
| -rw-r--r-- | pcr/i2p/i2p.tmpfiles | 5 | ||||
| -rw-r--r-- | pcr/i2p/i2prouter.bash | 12 | ||||
| -rw-r--r-- | pcr/i2p/i2prouter.service | 26 | ||||
| -rw-r--r-- | pcr/i2p/i2prouter.sh | 117 | ||||
| -rw-r--r-- | pcr/i2p/router.config | 4 | ||||
| -rw-r--r-- | pcr/i2p/wrapper.config | 37 |
8 files changed, 162 insertions, 135 deletions
diff --git a/pcr/i2p/PKGBUILD b/pcr/i2p/PKGBUILD index 5d68e0aca..d2ab54743 100644 --- a/pcr/i2p/PKGBUILD +++ b/pcr/i2p/PKGBUILD @@ -1,82 +1,97 @@ # Contributor (AUR): skydrome <skydrome@protonmail.com> # Maintainer (AUR): skydrome <skydrome@protonmail.com> -# Maintainer: Freemor <freemor@fremor.ca> +# Maintainer: Freemor <freemor@freemor.ca> -# Uncomment if you do not want to build all language translations +# uncomment if you do not want to build all language translations #export LG2=en pkgname=i2p -pkgver=0.9.45 +pkgver=0.9.46 pkgrel=1 pkgdesc="A distributed anonymous network" url="https://geti2p.net" license=('GPL2') arch=('any') depends=('java-runtime>=8' 'java-service-wrapper') -makedepends=('java-environment=8' 'apache-ant') -[[ "$LG2" != 'en' ]] && makedepends+=('gettext') +makedepends=('java-environment>=8' 'ant') #optdepends=('gtk2: for rrd graphs') conflicts=('i2p-bin' 'i2p-dev') backup=('opt/i2p/wrapper.config') install='i2p.install' options=(!strip) +# https://geti2p.net/en/get-involved/develop/release-signing-key +# https://geti2p.net/_static/zzz.key.asc +validpgpkeys=('2D3D2D03910C6504C1210C65EE60C0C8EE7256A8') + #_url="https://download.i2p2.de/releases/${pkgver}" _url="https://launchpad.net/i2p/trunk/${pkgver}/+download" source=("${_url}/i2psource_${pkgver}.tar.bz2"{,.sig} - 'i2prouter.service' 'i2prouter.sh' 'wrapper.config' 'router.config') + 'i2prouter.service' 'i2p.tmpfiles' 'wrapper.config' 'router.config' + 'i2prouter.bash' 'i2prouter.sh' +) -sha256sums=('e65c7dbbf464b6bc64afb228306fbfed0f1e67ffec74f96852b82acade53921c' +sha256sums=('ab0eb691b2753277738fe16ddc46349a24fd66b6323deae987f7c927272befd8' 'SKIP' - '9bb899ece87099716da29bac8b7da02916fc325699b68989e73c1fe333a6342f' - 'ea8f97e66461d591b1819eab39bbc40056b89ae12f7729b3dd9fd2ce088e5e53' - 'd32da73b85be527ef0cc3791a2cedab089fed8272c7a70d23bc8edfe49d80b28' - '7a4688db826c3dddb762976cd8c9a5d465255c3577069243d8e5af941a4126e2') - -# https://geti2p.net/en/get-involved/develop/release-signing-key -validpgpkeys=('2D3D2D03910C6504C1210C65EE60C0C8EE7256A8') + '644b771ec7f5db3efab3206bf1f896566cdb00d410a54608fda85bdb4c2ad876' + 'fc30dd32f48fe1c93bf36c8297ca48203a1479e4e221ebe62c57cf3c3c0347d3' + 'ba4bcb8d9aef307045d1d24385a456d096ea45f69d95a474467728ea140188ec' + '90f202e5b66d5a5b425522b409e71fb892d34c534e32ce2d6fe5284015cacf94' + '7a19b9f90c8792460fd58e8b8aa435a065e34d29a942479850472510e9d3078a' + '8d39f080c7a2e49226db3a785f3e18583159ef2f95e1ab467fd9984c4e38c9f5') + +prepare() { + cd "$pkgname-$pkgver" +} build() { cd "$pkgname-$pkgver" + export JAVA_HOME="${JAVA_HOME:-/usr/lib/jvm/default}" - source /etc/ant.conf - export ANT_OPTS="-Dfile.encoding=UTF-8" - ant preppkg-linux-only + ant -Dfile.encoding=UTF-8 \ + -Djavac.compilerargs=-Xlint:-options \ + -Dbuild.reproducible=true \ + -Djavac.version=8 \ + preppkg-linux-only } package() { cd "$pkgdir" install -dm755 "usr/bin" - install -dm755 "opt/i2p/.tmp" + install -dm755 "opt/i2p" cp -r "$srcdir/$pkgname-$pkgver"/pkg-temp/* "opt/i2p" + install -Dm644 "$srcdir/i2prouter.service" "usr/lib/systemd/system/i2prouter.service" + install -Dm644 "$srcdir/i2p.tmpfiles" "usr/lib/tmpfiles.d/i2p.conf" + echo 'u i2p - "I2P Router" /opt/i2p /bin/sh' | + install -Dm644 /dev/stdin "usr/lib/sysusers.d/i2p.conf" + install -Dm644 "$srcdir/router.config" "opt/i2p/router.config" install -Dm644 "$srcdir/wrapper.config" "opt/i2p/wrapper.config" - install -Dm755 "$srcdir/i2prouter.sh" "opt/i2p/i2prouter" - install -Dm644 "$srcdir/i2prouter.service" "usr/lib/systemd/system/i2prouter.service" + install -Dm754 "$srcdir/i2prouter.sh" "opt/i2p/i2prouter" + + install -Dm644 "$srcdir/i2prouter.bash" "usr/share/bash-completion/completions/i2prouter" + install -Dm644 "$srcdir/$pkgname-$pkgver/installer/resources/bash-completion/eepget" \ + "usr/share/bash-completion/completions/eepget" + install -Dm644 "opt/i2p/man/eepget.1" "usr/share/man/man1/eepget.1" install -Dm644 "opt/i2p/LICENSE.txt" "usr/share/licenses/i2p/LICENSE" mv opt/i2p/licenses/* "usr/share/licenses/i2p/" ln -s /opt/i2p/{eepget,i2prouter} "usr/bin/" - chmod +x opt/i2p/{eepget,i2prouter} - - chmod -x opt/i2p/*.config - chmod 755 opt/i2p - chown -R 985:985 opt/i2p - - echo 'u i2p 985 "I2P Router" /opt/i2p /bin/sh' | - install -Dm644 /dev/stdin "usr/lib/sysusers.d/i2p.conf" - echo 'd /run/i2p 0700 i2p i2p' | - install -Dm644 /dev/stdin "usr/lib/tmpfiles.d/i2p.conf" + chmod +x opt/i2p/eepget sed -i opt/i2p/eepget \ -e 's:%INSTALL_PATH:/opt/i2p:g' + + # dont automatically start the webserver(3) or open a webbrowser(4) sed -i opt/i2p/clients.config \ -e "s:clientApp.3.startOnLoad=.*:clientApp.3.startOnLoad=false:" \ -e "s:clientApp.4.startOnLoad=.*:clientApp.4.startOnLoad=false:" + rm -r opt/i2p/{osid,postinstall.sh,runplain.sh,INSTALL-headless.txt,LICENSE.txt,licenses,man,lib/wrapper*} + } diff --git a/pcr/i2p/i2p.install b/pcr/i2p/i2p.install index 68c5726b2..8bf945fbf 100644 --- a/pcr/i2p/i2p.install +++ b/pcr/i2p/i2p.install @@ -1,24 +1,9 @@ post_install() { - echo "==> " - echo "==> I2P Router settings can be adjusted at" + echo "==> I2P Router webui can be accessed at" echo "==> http://127.0.0.1:7657/config.jsp" - echo "==> " -} - -## arg 1: the new package version -## arg 2: the old package version -post_upgrade() { - if (( $(vercmp $2 0.9.39) < 0 )); then - [[ $(id -g i2p) = '985' ]] || { - echo -n ">>> Updating i2p user..." - groupmod --gid 985 i2p - usermod --uid 985 -s /bin/sh i2p - chown -R 985:985 /opt/i2p - echo " done" - } - fi } post_remove() { - rm -f /opt/i2p/lib*.so* + rm -rf /opt/i2p/{lib*.so*,.tmp,.cache} + echo "==> Router configuration is saved in /opt/i2p/.i2p" } diff --git a/pcr/i2p/i2p.tmpfiles b/pcr/i2p/i2p.tmpfiles new file mode 100644 index 000000000..3e0d79853 --- /dev/null +++ b/pcr/i2p/i2p.tmpfiles @@ -0,0 +1,5 @@ +d /run/i2p 0700 i2p i2p +d /opt/i2p 0755 i2p i2p +d /opt/i2p/.i2p 0700 i2p i2p +d /opt/i2p/.tmp 0700 i2p i2p +f /opt/i2p/i2prouter 0754 root i2p diff --git a/pcr/i2p/i2prouter.bash b/pcr/i2p/i2prouter.bash new file mode 100644 index 000000000..d95158603 --- /dev/null +++ b/pcr/i2p/i2prouter.bash @@ -0,0 +1,12 @@ +_i2prouter() +{ + local cur prev opts + _init_completion || return + + COMPREPLY=() + cur="${COMP_WORDS[COMP_CWORD]}" + prev="${COMP_WORDS[COMP_CWORD-1]}" + opts="console start stop graceful restart dump" + COMPREPLY=( $(compgen -W "${opts}" -- ${cur}) ) +} +complete -F _i2prouter i2prouter diff --git a/pcr/i2p/i2prouter.service b/pcr/i2p/i2prouter.service index 7c278c833..5a80c870e 100644 --- a/pcr/i2p/i2prouter.service +++ b/pcr/i2p/i2prouter.service @@ -1,18 +1,32 @@ +# It's not recommended to modify this file because it will be +# overwritten during package upgrades. If you want to make changes, the +# best way is to create a file "/etc/systemd/system/i2prouter.service.d/foo.conf" +# and make your changes there. This file will be parsed after the file +# i2p.service itself is parsed. + [Unit] Description=Invisible Internet Project -After=network.target +After=network.target time-sync.target [Service] Type=forking User=i2p PIDFile=/run/i2p/i2p.pid -Environment=WRAPPER_CONF=/opt/i2p/wrapper.config -ExecStart=/usr/bin/java-service-wrapper ${WRAPPER_CONF} \ - wrapper.name=i2prouter wrapper.syslog.ident=i2prouter \ - wrapper.daemonize=TRUE -SendSIGKILL=no + +NoNewPrivileges=yes +PrivateTmp=yes +PrivateDevices=yes +DeviceAllow=/dev/null rw +DeviceAllow=/dev/urandom r +LimitNOFILE=4096 + +ExecStart=/usr/bin/java-service-wrapper /opt/i2p/wrapper.config \ + wrapper.name=i2prouter \ + wrapper.syslog.ident=i2prouter \ + wrapper.daemonize=TRUE TZ=UTC ExecReload=/bin/kill -USR1 $MAINPID ExecStop=/bin/kill -TERM $MAINPID +SendSIGKILL=no SuccessExitStatus=0 2 3 [Install] diff --git a/pcr/i2p/i2prouter.sh b/pcr/i2p/i2prouter.sh index 1af0a35b4..3ab76a88a 100644 --- a/pcr/i2p/i2prouter.sh +++ b/pcr/i2p/i2prouter.sh @@ -1,12 +1,11 @@ -#!/bin/bash +#!/usr/bin/env bash #----------------------------------------------------------------------------- I2P_USER="i2p" WRAPPER_CMD="/usr/bin/java-service-wrapper" WRAPPER_CONF="/opt/i2p/wrapper.config" -PIDDIR="/run/i2p" -PIDFILE="$PIDDIR/i2p.pid" -TIMEOUT=30 +PIDFILE="/run/i2p/i2p.pid" +TIMEOUT=30 #seconds #----------------------------------------------------------------------------- fail() { @@ -20,26 +19,20 @@ debug() { check_user() { if [[ "$(id -un)" != "$I2P_USER" ]]; then #debug "current user: $(id -un) dropping to user: $I2P_USER" - if [[ ! -d "$PIDDIR" ]]; then - mkdir -p "$PIDDIR" - chown ${I2P_USER}:${I2P_USER} "$PIDDIR" - fi - SCRIPT_PATH="$(cd $(dirname $0) && pwd)/$(basename $0)" + SCRIPT_PATH="$(cd "$(dirname $0)" && pwd)/$(basename $0)" su - "$I2P_USER" -c "${SCRIPT_PATH} $@" exit $? fi } init_vars() { + [[ "$EUID" -eq 0 ]] && + fail "Attempting to start as root! You should never see this message, please report it" [[ ! -r "$WRAPPER_CONF" ]] && fail "Unable to read \$WRAPPER_CONF: ${WRAPPER_CONF}" [[ ! -x "$WRAPPER_CMD" ]] && fail "Unable to find or execute \$WRAPPER_CMD: ${WRAPPER_CMD}" - [[ ! $(grep -E ^I2P_USER $0) && "$EUID" = "0" ]] && - fail "Attempting to start as root! Please edit $(basename $0) and set the variable \$I2P_USER" - [[ "$(id -un "$I2P_USER")" != "$I2P_USER" ]] && - fail "\$I2P_USER does not exist: $I2P_USER" - COMMAND_LINE="\"$WRAPPER_CMD\" \"$WRAPPER_CONF\" wrapper.syslog.ident=\"i2prouter\" wrapper.name=\"i2prouter\"" + COMMAND_LINE="\"$WRAPPER_CMD\" \"$WRAPPER_CONF\" wrapper.syslog.ident=\"i2prouter\" wrapper.name=\"i2prouter\" TZ=UTC" } get_wrapper_pid() { @@ -62,7 +55,7 @@ check_if_running() { rm -f "$PIDFILE" fi else - [[ "$pid" != "$(get_pid)" ]] && + [[ "$pid" -ne "$(get_pid)" ]] && fail "\$PIDFILE $PIDFILE differs from what is actually running!" fi else @@ -74,91 +67,97 @@ check_if_running() { _console() { if [[ ! "$pid" ]]; then trap '' INT QUIT - eval $COMMAND_LINE - [[ $? != 0 ]] && fail "Failed to launch the wrapper!" + eval "$COMMAND_LINE" || fail "Failed to launch the wrapper!" else - echo "I2P Service is already running" + echo "I2P Router is already running! (pid: $pid)" fi } _start() { if [[ ! "$pid" ]]; then - echo -n "Starting I2P Service" + echo -n "Starting I2P Router" COMMAND_LINE+=" wrapper.daemonize=TRUE" - eval $COMMAND_LINE - [[ $? != 0 ]] && fail "Failed to launch the wrapper!" + eval "$COMMAND_LINE" || fail "Failed to launch the wrapper!" i=0 - while [[ ! "$pid" || $i < $TIMEOUT ]]; do + while [[ ! "$pid" || $i -lt $TIMEOUT ]]; do echo -n "." sleep 1 check_if_running ((i++)) done [[ $(get_pid) ]] && - echo " done (pid $pid)" || fail "timeout: Failed to start wrapper!" + echo " done" || fail "timeout: Failed to start wrapper!" else - echo "I2P Service is already running" + echo "I2P Router is already running! (pid: $pid)" fi } _restart() { [[ "$pid" ]] && - kill -USR1 $(get_wrapper_pid) || echo "I2P Service is not running" + kill -USR1 "$(get_wrapper_pid)" || echo "I2P Router is not running" } _stop() { if [[ "$pid" ]]; then - echo -n "Stopping I2P Service" - kill -TERM "$pid" - [[ $? != 0 ]] && fail "Unable to stop I2P Service: kill -TERM $pid" + echo -n "Hard shutdown initiated" + kill -TERM "$pid" || fail "Unable to stop I2P Router: kill -TERM $pid" i=0 - while [[ "$pid" || $i > $TIMEOUT ]]; do + while [[ "$pid" || $i -gt $TIMEOUT ]]; do echo -n "." sleep 1 [[ ! $(get_pid) ]] && unset pid ((i++)) done - if [[ "$pid" ]]; then - fail "timeout: Failed to stop wrapper! (pid: $pid)" - else - echo " done" - [[ "$1" = 'start' ]] && _start - fi + [[ "$pid" ]] && + fail "timeout: Failed to stop wrapper! (pid: $pid)" || echo " done" else - echo "I2P Service is not running." + echo "I2P Router is not running." fi } _graceful() { if [[ "$pid" ]]; then - echo "Stopping I2P Service gracefully..." - kill -HUP "$pid" - [[ $? != 0 ]] && fail "Unable to stop I2P Service." + echo -n "Graceful shutdown initiated" + kill -HUP "$pid" || fail "Unable to stop I2P Router." + i=0 + while [[ "$pid" || $i -gt 660 ]]; do + echo -n "." + sleep 1 + [[ ! $(get_pid) ]] && unset pid + ((i++)) + done + [[ "$pid" ]] && + fail "timeout: Took longer than 10m to stop. (pid: $pid)" || echo " done" else - echo "I2P Service is not running." + echo "I2P Router is not running." fi } -_status() { - [[ "$pid" ]] && - echo "I2P Service is running: PID:$pid" || echo "I2P Service is not running." -} - _dump() { if [[ "$pid" ]]; then - echo "Dumping threads..." - kill -QUIT "$pid" - [[ $? != 0 ]] && - fail "Failed to dump threads" || echo "Thread Dump is available in wrapper.log" + kill -QUIT "$pid" || fail "Failed to dump threads" + echo "Thread Dump is available in wrapper.log" else - echo "I2P Service is not running." + echo "I2P Router is not running." fi } #----------------------------------------------------------------------------- +[[ "$1" != @(console|start|stop|graceful|restart|dump) ]] && { + echo "Usage: $(basename $0) <command>" + echo "Commands:" + echo " console Launch in the current console" + echo " start Start in the background as a daemon process" + echo " stop Stop if running as a daemon or in another console" + echo " graceful Stop gracefully, may take up to 11 minutes for all tunnels to close" + echo " restart Restart the JVM" + echo " dump Request a Java thread dump" + exit +} + check_user "$@" -init_vars check_if_running +init_vars case "$1" in 'console') _console @@ -171,22 +170,6 @@ case "$1" in ;; 'restart') _restart ;; - 'status') _status - ;; 'dump') _dump ;; - - *) echo "Usage: $(basename $0) [command]" - echo - echo "Commands:" - echo " console Launch in the current console" - echo " start Start in the background as a daemon process" - echo " stop Stop if running as a daemon or in another console" - echo " graceful Stop gracefully, may take up to 11 minutes for all tunnels to close" - echo " restart Restart the JVM" - echo " status Query the current status" - echo " dump Request a Java thread dump if running" - echo - ;; esac -exit 0 diff --git a/pcr/i2p/router.config b/pcr/i2p/router.config index 473519cdb..4f8deb336 100644 --- a/pcr/i2p/router.config +++ b/pcr/i2p/router.config @@ -6,4 +6,6 @@ i2np.udp.addressSources=hidden router.updateDisabled=true routerconsole.advanced=true i2np.upnp.enable=false -routerconsole.theme=light
\ No newline at end of file +routerconsole.theme=light +routerconsole.universal.theme=true +routerconsole.embedApps=true diff --git a/pcr/i2p/wrapper.config b/pcr/i2p/wrapper.config index 30271d537..1474aa02c 100644 --- a/pcr/i2p/wrapper.config +++ b/pcr/i2p/wrapper.config @@ -4,17 +4,15 @@ # # WARNING - for any changes to take effect, you must completely # stop the router and the wrapper. Clicking 'Restart' on your -# router console will NOT reread this file! You must -# click "Shutdown", wait 11 minutes, then start i2p. +# router console will NOT reload this file! You must +# click "Shutdown", wait 10 minutes, then start i2p. # #******************************************************************** # Java Application wrapper.java.command=/usr/lib/jvm/default/bin/java # Java Main class. This class must implement the WrapperListener interface -# or guarantee that the WrapperManager class is initialized. Helper -# classes are provided to do this for you. See the Integration section -# of the documentation for details. +# or guarantee that the WrapperManager class is initialized. wrapper.java.mainclass=org.tanukisoftware.wrapper.WrapperSimpleApp # Java Classpath (include wrapper.jar) Add class path elements as @@ -51,10 +49,11 @@ wrapper.java.additional.4.stripquotes=TRUE wrapper.java.additional.7=-Djava.io.tmpdir=/opt/i2p/.tmp # Initial Java Heap Size (in MB) +# Until jdk15, should be set same as maxmemory for best performance # If a non-zero value is specified for this property then an appropriate -Xms # parameter will be added. The initial memory must be less than or equal to # the value set for the maxmemory property -#wrapper.java.initmemory=4 +wrapper.java.initmemory=128 # Maximum Java Heap Size (in MB) # The JVM's default is 64MB, and I2P can work fine in that, but to handle @@ -75,6 +74,7 @@ wrapper.app.parameter.1=net.i2p.router.Router wrapper.console.format=PM # Log Level for console output. (See docs for log levels) +# https://wrapper.tanukisoftware.com/doc/english/prop-console-loglevel.html wrapper.console.loglevel=INFO # Log file to use for wrapper output logging. @@ -129,16 +129,12 @@ wrapper.jvm_exit.timeout=60 # give the OS 60s to clear all the old sockets / etc before restarting # Let's change the default from 60 to 10 seconds and see if anyone moans.. wrapper.restart.delay=5 +wrapper.restart.reload_configuration=TRUE -wrapper.ping.interval=300 # The ping timeout must be at least 5 seconds longer than the value of wrapper.ping.interval. # Extend this if you are getting 'JVM appears hung' shutdowns. wrapper.ping.timeout=320 - -# use the wrapper's internal timer thread. otherwise this would -# force a restart of the router during daylight savings time as well -# as any time that the OS clock changes -wrapper.use_system_time=false +wrapper.ping.interval=300 # pid file for the JVM # If you plan to have multiple wrappers running on the same machine, @@ -155,7 +151,7 @@ wrapper.java.pidfile=/run/i2p/i2p.pid wrapper.ignore_sequence_gaps=TRUE # Title to use when running as a console -wrapper.console.title=I2P Service +wrapper.console.title=I2P Router Service # Set permissions used when creating files # See http://wrapper.tanukisoftware.com/doc/english/prop-umask.html @@ -163,3 +159,18 @@ wrapper.console.title=I2P Service wrapper.umask=0022 wrapper.java.umask=0022 wrapper.logfile.umask=077 + +#******************************************************************** +# Wrapper JVM Checks +#******************************************************************** +# Out Of Memory detection. +wrapper.filter.trigger.1=java.lang.OutOfMemoryError +wrapper.filter.action.1=RESTART +wrapper.filter.message.1=The JVM has run out of memory. + +#******************************************************************** +# Advanced Options +#******************************************************************** +# Enable the Shenandoah Gargabe Collector +#wrapper.java.additional.100=-XX:+UnlockExperimentalVMOptions +#wrapper.java.additional.101=-XX:+UseShenandoahGC |