archive/nntpchan
Archived
1
0
Fork 0
Code
This repository has been archived on 2023-08-12. You can view files and clone it, but cannot push or open issues or pull requests.
84626f6f96
nntpchan/doc/feeds.md

3.3 KiB
Raw Blame History

feeds.ini

Peering

In order to actually be distributed, you need another person to sync posts with, otherwise what's the point right?

Peering over the regular internet

Requirements:

  • Each Side's server must have a domain name
  • Each Side must have each other's certificates (.crt files) in the certs folder
  • Each Side's srnd.ini crypto section must have entry tls-hostname = domain.tld where domain.tld is the domain name of the server it is on
  • Each Side's srnd.ini nntp section must have entry require_tls = 1

If Alice owns nntp.alice.net and Bob owns nntp.bob.com and are both using port 1199 the configs for each side are as follows:

# alice's srnd.ini crypto section
...
[crypto]
tls-hostname = nntp.alice.net
tls-trust-dir = certs
tls-keyname = overchan-alice


# alice's feeds.ini
[feed-bob]
host = nntp.bob.com
port = 1199

[bob]
overchan.* = 1
ctl = 1



# bob's srnd.ini crypto section
...
[crypto]
tls-hostname = nntp.bob.com
tls-trust-dir = certs
tls-keyname = overchan-bob



# bob's feeds.ini
[feed-alice]
host = nntp.alice.net
port = 1199

[alice]
overchan.* = 1
ctl = 1

each side's certs directory contains 2 files:

  • overchan-alice-nntp.alice.net.crt (alice's certificate)
  • overchan-bob-nntp.bob.com.crt (bob's certificate)

Alice keeps overchan-alice-nntp.alice.net.key secret and never shares it

Bob keeps overchan-bob-nntp.bob.com.key secret and never shares it

Peering over tor

Install tor

apt-get install tor

Make a tor hidden service point from outside port 119 to port 1199 Add to /etc/tor/torrc:

HiddenServiceDir /var/lib/tor/nntp_feed
HiddenServicePort 119 127.0.0.1:1199

restart/reload tor then

cat /var/lib/tor/nntp_feed/hostname

This is your in feed address

If you use an onion with tls, srnd.ini crypto section should have the entry tls-hostname = youroniongoeshere.onion. If you don't use tls NEVER disclose the onion address to anyone not trusted.

Then to peer with someone over tor add this to you feeds.ini

[feed-ourpeer.onion]
host=PeersOnionAddress.onion
port=119
proxy-type=socks4a
proxy-host=127.0.0.1
proxy-port=9050

[ourpeer.onion]
overchan=1
ctl=1

Options

You need one connection and one settings block for each connection

Here is an example entry in feeds.ini

[feed-them.onion]
host=aabbccddeeff2233.onion
port=119
proxy-type=socks4a
proxy-host=127.0.0.1
proxy-port=9050

[them.onion]
overchan=1
ano.paste=0
ctl=1

But what does it mean?

[feed-them.onion]

Connection settings for a peer

host=aabbccddeeff2233.onion
port=119
proxy-type=socks4a
proxy-host=127.0.0.1
proxy-port=9050

Proxy settings, straight forward. Supported proxy types are socks4a and none

[them.onion]

nntp synchronization settings

overchan=1

Sync all boards, use

overchan.bad=0

to prevent certain boards from syncing with certain peers. It can be used to keep bad boards out or keep exclusive boards in

ano.paste=0

This WILL be the nntpchan pastebin, but it's not implimented yet

ctl=1

Allows you to recieve moderation notifications from other boards, it's also used for decentralized moderation