nntpchan/doc/feeds.md

feeds.ini

##Peering

In order to actually be distributed, you need another person to sync posts with, otherwise what's the point right?

###Peering over the regular internet with TLS

Requirements:

• Each Side's server must have a domain name
• Each Side must have each other's certificates (.crt files) in the certs folder
• Each Side's srnd.ini crypto section must have entry tls-hostname = domain.tld where domain.tld is the domain name of the server it is on
• Each Side's srnd.ini nntp section must have entry require_tls = 1

If Alice owns nntp.alice.net and Bob owns nntp.bob.com and are both using port 1199 the configs for each side are as follows:

# alice's srnd.ini crypto section
...
[crypto]
tls-hostname = nntp.alice.net
tls-trust-dir = certs
tls-keyname = overchan-alice


# alice's feeds.ini
[feed-bob]
host = nntp.bob.com
port = 1199

[bob]
overchan.* = 1
ctl = 1



# bob's srnd.ini crypto section
...
[crypto]
tls-hostname = nntp.bob.com
tls-trust-dir = certs
tls-keyname = overchan-bob



# bob's feeds.ini
[feed-alice]
host = nntp.alice.net
port = 1199

[alice]
overchan.* = 1
ctl = 1

Each side's certs directory contains 2 files:

• overchan-alice-nntp.alice.net.crt (alice's certificate)
• overchan-bob-nntp.bob.com.crt (bob's certificate)

Alice keeps overchan-alice-nntp.alice.net.key secret and never shares it

Bob keeps overchan-bob-nntp.bob.com.key secret and never shares it

###Peering Authentication with passwords

adding / removing credentials via the command line:

# add an nntp login via command line
srndv2 tool nntp add-login user-name-here pass-word-here

# remove an nntp login via command line
srndv2 tool nntp del-login user-name-here

exmaple feeds.ini:

# section pair in feeds.ini
# connects to nntp.something.tld:1199 and authenticates with a username and password
# sync = 1 makes you download all applicable posts from the remote server on startup

[feed-authenticated]
host = nntp.something.tld
port = 1199
username = user-user-here
password = pass-word-here
sync = 1

[authenticated]
overchan.* = 1
ctl = 1

###Peering over Tor

Install tor

apt-get install tor

Make a tor hidden service point from outside port 119 to port 1199 Add to /etc/tor/torrc:

HiddenServiceDir /var/lib/tor/nntp_feed
HiddenServicePort 119 127.0.0.1:1199

restart/reload tor then

cat /var/lib/tor/nntp_feed/hostname

This is your in feed address

If you use an onion with tls, srnd.ini crypto section should have the entry tls-hostname = youroniongoeshere.onion. If you don't use tls NEVER disclose the onion address to anyone not trusted.

Then to peer with someone over tor add this to you feeds.ini

[feed-ourpeer.onion]
host=PeersOnionAddress.onion
port=119
proxy-type=socks4a
proxy-host=127.0.0.1
proxy-port=9050

[ourpeer.onion]
overchan=1
ctl=1

##Options

####You need one connection and one settings block for each connection

Here is an example entry in feeds.ini

[feed-them.onion]
host=aabbccddeeff2233.onion
port=119
proxy-type=socks4a
proxy-host=127.0.0.1
proxy-port=9050
username=somerandomusername
password=somerandompassword

[them.onion]
overchan=1
ano.paste=0
ctl=1

But what does it mean?

[feed-them.onion]

Connection settings for a peer

host=aabbccddeeff2233.onion
port=119
proxy-type=socks4a
proxy-host=127.0.0.1
proxy-port=9050

Proxy settings, straight forward. Supported proxy types are socks4a and none

[them.onion]

NNTP synchronization settings

overchan=1

Sync all boards, use

overchan.bad=0

to prevent certain boards from syncing with certain peers. It can be used to keep bad boards out or keep exclusive boards in

ano.paste=0

This WILL be the nntpchan pastebin, but it's not implimented yet

ctl=1

Allows you to recieve moderation notifications from other boards, it's also used for decentralized moderation