i2p deployment script

deploy/i2p

@@ -0,0 +1,391 @@
+#!/bin/bash
+
+if [[ "$1" == 'remove' ]]; then
+    echo 'Removing Epicyon i2p instance'
+    systemctl stop i2pd
+    if [ -f /var/lib/i2pd/tunnels.d/epicyon ]; then
+	rm /var/lib/i2pd/tunnels.d/epicyon
+    fi
+    if [ -f /etc/i2pd/tunnels.conf.d/epicyon ]; then
+	rm /etc/i2pd/tunnels.conf.d/epicyon
+    fi
+    rm /var/lib/i2pd/epicyon.dat
+    systemctl restart i2pd
+
+    systemctl stop epicyon
+    systemctl disable epicyon
+    rm /etc/nginx/sites-enabled/epicyon
+    rm /etc/nginx/sites-availale/epicyon
+    rm -rf /opt/epicyon
+    if [ -d /var/www/cache ]; then
+	rm -rf /var/www/cache
+    fi
+    if [ -d /srv/http/cache ]; then
+	rm -rf /srv/http/cache
+    fi
+    echo 'Epicyon i2p instance removed'
+    exit 0
+fi
+
+if [[ "$1" == 'removei2p' ]]; then
+    if [ -f /usr/bin/pacman ]; then
+	pacman -R --noconfirm i2pd
+    else
+	apt-get -y remove --purge i2pd
+    fi
+    rm -rf /etc/i2pd
+    rm -rf /var/lib/i2pd
+    if [ -f /var/log/i2pd/i2pd.log ]; then
+	rm /var/log/i2pd/i2pd.log
+    fi
+fi
+
+clear
+echo 'Installing Epicyon on an i2p domain'
+
+username='epicyon'
+NGINX_PORT=9552
+EPICYON_PORT=7156
+tunnels_dir=/var/lib/i2pd/tunnels.d
+
+echo 'Adding Epicyon dependencies'
+if [ -f /usr/bin/pacman ]; then
+    pacman -Syy
+    pacman -S --noconfirm python-pip python-pysocks python-pycryptodome \
+           imagemagick python-pillow python-requests \
+	   perl-image-exiftool python-numpy python-dateutil \
+	   certbot flake8 git i2pd
+    pip3 install pyLD
+else
+    apt-get update
+    apt-get -y install imagemagick python3-crypto python3-cryptodome \
+	    python3-dateutil python3-idna python3-requests \
+	    python3-numpy python3-pil.imagetk python3-pip \
+	    python3-setuptools python3-socks python3-idna \
+	    libimage-exiftool-perl python3-flake8 python3-pyld \
+	    nginx git i2pd
+fi
+
+echo 'Cloning the epicyon repo'
+if [ ! -d /opt/epicyon ]; then
+    git clone https://gitlab.com/bashrc2/epicyon /opt/epicyon
+
+    if [ ! -d /opt/epicyon ]; then
+	echo 'Epicyon repo failed to clone'
+	exit 3
+    fi
+fi
+
+echo 'Adding an epicyon system user account'
+if [ -f /usr/bin/pacman ]; then
+    groupadd epicyon
+    useradd --system -g epicyon --home-dir=/opt/epicyon $username
+    groupadd www-data
+    useradd --system -g www-data --home-dir=/srv/http www-data
+else
+    adduser --system --home=/opt/epicyon --group $username
+fi
+
+chown -R epicyon:epicyon /opt/epicyon
+
+echo 'Creating a command script to obtain i2p domain names from dat files'
+{ echo '#!/usr/bin/env python3';
+  echo 'import base64, hashlib, sys';
+  echo "with open(sys.argv[1], 'rb') as f:";
+  echo '    isRead=False';
+  echo '    try:';
+  echo "        print(base64.b32encode(hashlib.sha256(base64.b64decode(f.read(), '-~')).digest()).decode().strip('=').lower()+\".b32.i2p\")";
+  echo '        isRead=True';
+  echo '    except:';
+  echo '        pass';
+  echo '    if not isRead:';
+  echo "        print(base64.b32encode(hashlib.sha256(base64.b64decode(f.read(516), '-~')).digest()).decode().strip('=').lower()+\".b32.i2p\")"; } > /usr/bin/i2pdomain
+chmod +x /usr/bin/i2pdomain
+
+echo 'Creating Epicyon i2p tunnel file'
+if [ ! -d "$tunnels_dir" ]; then
+    ln -s /etc/i2pd/tunnels.conf.d /var/lib/i2pd/tunnels.d
+fi
+
+if ! grep -q 'epicyon.dat' /var/lib/i2pd/tunnels.conf; then
+    { echo '';
+      echo '[epicyon]';
+      echo 'type = http';
+      echo 'host = 127.0.0.1';
+      echo 'inport = 80';
+      echo "port = ${NGINX_PORT}";
+      echo 'destination = epicyon.i2p';
+      echo 'inbound.length = 1';
+      echo 'inbound.quantity = 5';
+      echo 'outbound.length = 1';
+      echo 'outbound.quantity = 5';
+      echo "keys = epicyon.dat"; } >> /var/lib/i2pd/tunnels.conf
+fi
+rm "$tunnels_dir"/*~
+
+echo 'Setting i2p tunnels directory'
+sed -i 's|#tunnelsdir =|tunnelsdir =|g' /etc/i2pd/i2pd.conf
+sed -i 's|# tunnelsdir =|tunnelsdir =|g' /etc/i2pd/i2pd.conf
+sed -i "s|tunnelsdir =.*|tunnelsdir = $tunnels_dir|g" /etc/i2pd/i2pd.conf
+
+echo 'Enabling ipv6'
+if [ -f /etc/sysctl.conf ]; then
+    if grep -q 'net.ipv6.conf.all.disable_ipv6' /etc/sysctl.conf; then
+	sed -i 's|net.ipv6.conf.all.disable_ipv6.*|net.ipv6.conf.all.disable_ipv6 = 0|g' /etc/sysctl.conf
+	/sbin/sysctl -p -q
+    fi
+fi
+sed -i 's|#ipv6 =|ipv6 =|g' /etc/i2pd/i2pd.conf
+sed -i 's|# ipv6 =|ipv6 =|g' /etc/i2pd/i2pd.conf
+sed -i 's|ipv6 =.*|ipv6 = false|g' /etc/i2pd/i2pd.conf
+
+echo 'Disabling i2p logging'
+#sed -i 's|#logfile =|logfile =|g' /etc/i2pd/i2pd.conf
+#sed -i 's|# logfile =|logfile =|g' /etc/i2pd/i2pd.conf
+#sed -i 's|logfile =.*|logfile = /dev/null|g' /etc/i2pd/i2pd.conf
+
+echo 'Enabling i2p NAT traversal'
+sed -i 's|#nat =|nat =|g' /etc/i2pd/i2pd.conf
+sed -i 's|# nat =|nat =|g' /etc/i2pd/i2pd.conf
+sed -i 's|nat =.*|nat = true|g' /etc/i2pd/i2pd.conf
+
+if [ ! -d /run/i2pd ]; then
+    mkdir /run/i2pd    
+fi
+chown -R i2pd:i2pd /run/i2pd
+
+#if [ -f /usr/bin/pacman ]; then
+#    sed -i 's|ExecStart=.*|ExecStart=/usr/sbin/i2pd --conf=/etc/i2pd/i2pd.conf --tunconf=/etc/i2pd/tunnels.conf --tunnelsdir=/etc/i2pd/tunnels.conf.d --service|g' /lib/systemd/system/i2pd.service
+#    sed -i 's|Type=.*|Type=simple|g' /lib/systemd/system/i2pd.service
+#fi
+
+echo 'Setting file permissions'
+chown -R i2pd:i2pd "$tunnels_dir"
+chmod 644 "$tunnels_dir"/*
+chmod 755 "$tunnels_dir"
+# chown -R i2pd:i2pd /etc/i2pd
+systemctl daemon-reload
+systemctl enable i2pd
+systemctl restart i2pd
+
+echo 'Waiting for i2p daemon restart'
+sleep 5
+if [ ! -f /var/lib/i2pd/epicyon.dat ]; then
+    echo 'Waiting for i2p daemon restart...'
+    sleep 5
+fi
+
+if [ ! -f /var/lib/i2pd/epicyon.dat ]; then
+    echo '/var/lib/i2pd/epicyon.dat not created'
+    exit 6
+fi
+
+echo '/var/lib/i2pd/epicyon.dat file was created'
+
+I2P_DOMAIN=$(i2pdomain /var/lib/i2pd/epicyon.dat)
+if [[ "$I2P_DOMAIN" != *'.i2p' ]]; then
+    echo 'Epicyon i2p domain not created'
+    echo "$I2P_DOMAIN"
+    exit 1
+fi
+
+echo "i2p domain: http://${I2P_DOMAIN}"
+
+echo 'Creating Epicyon daemon'
+{ echo '[Unit]';
+  echo "Description=$username";
+  echo 'After=syslog.target';
+  echo 'After=network.target';
+  echo '';
+  echo '[Service]';
+  echo 'Type=simple';
+  echo "User=$username";
+  echo "Group=$username";
+  echo 'WorkingDirectory=/opt/epicyon';
+  echo "ExecStart=/usr/bin/python3 /opt/epicyon/epicyon.py --http --i2p --port 80 --proxy ${EPICYON_PORT} --domain ${I2P_DOMAIN} --registration open";
+  echo "Environment=USER=$username";
+  echo 'Environment=PYTHONUNBUFFERED=true';
+  echo 'Restart=always';
+  echo 'StandardError=syslog';
+  echo '';
+  echo '[Install]';
+  echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/epicyon.service
+
+systemctl daemon-reload
+systemctl enable epicyon
+systemctl restart epicyon
+
+echo 'Creating nginx configuration'
+if [ ! -f /etc/nginx/nginx.conf ]; then
+    { echo 'user www-data;';
+      echo 'pid /run/nginx.pid;';
+      echo '';
+      echo 'events {';
+      echo '        worker_connections 50;';
+      echo '        # multi_accept on;';
+      echo '}';
+      echo '';
+      echo 'http {';
+      echo '        # limit the number of connections per single IP';
+      echo "        limit_conn_zone \$binary_remote_addr zone=conn_limit_per_ip:10m;";
+      echo '';
+      echo '        # limit the number of requests for a given session';
+      echo "        limit_req_zone \$binary_remote_addr zone=req_limit_per_ip:10m rate=140r/s;";
+      echo '';
+      echo '        # if the request body size is more than the buffer size, then the entire (or partial) request body is written into a temporary file';
+      echo '        client_body_buffer_size  128k;';
+      echo '';
+      echo '        # headerbuffer size for the request header from client, its set for testing purpose';
+      echo '        client_header_buffer_size 3m;';
+      echo '';
+      echo '        # maximum number and size of buffers for large headers to read from client request';
+      echo '        large_client_header_buffers 4 256k;';
+      echo '';
+      echo '        # read timeout for the request body from client, its set for testing purpose';
+      echo '        client_body_timeout   3m;';
+      echo '';
+      echo '        # how long to wait for the client to send a request header, its set for testing purpose';
+      echo '        client_header_timeout 3m;';
+      echo '';
+      echo '        sendfile on;';
+      echo '        tcp_nopush on;';
+      echo '        tcp_nodelay on;';
+      echo '        keepalive_timeout 65;';
+      echo '        types_hash_max_size 2048;';
+      echo '        server_tokens off;';
+      echo '';
+      echo '        include /etc/nginx/mime.types;';
+      echo '        default_type application/octet-stream;';
+      echo '';
+      echo '        access_log /dev/null;';
+      echo '        error_log /dev/null;';
+      echo '';
+      echo '        gzip on;';
+      echo '        gzip_disable "msie6";';
+      echo '';
+      echo '        include /etc/nginx/conf.d/*.conf;';
+      echo '        include /etc/nginx/sites-enabled/*;';
+      echo '}'; } > /etc/nginx/nginx.conf
+else
+    if ! grep -q 'include /etc/nginx/sites-enabled' /etc/nginx/nginx.conf; then
+	echo 'include /etc/nginx/sites-enabled/*.conf;' >> /etc/nginx/nginx.conf
+    fi
+fi
+if [ ! -d /etc/nginx/conf.d ]; then
+    mkdir /etc/nginx/conf.d
+fi
+if [ ! -d /etc/nginx/sites-available ]; then
+    mkdir /etc/nginx/sites-available
+fi
+if [ ! -d /etc/nginx/sites-enabled ]; then
+    mkdir /etc/nginx/sites-enabled
+fi
+
+if [ -f /usr/bin/pacman ]; then
+    if [ ! -f /lib/systemd/system/nginx.service ]; then
+	echo 'Creating nginx daemon'
+	{ echo '[Unit]';
+	  echo 'Description=A high performance web server and a reverse proxy server';
+	  echo 'Documentation=man:nginx(8)';
+	  echo 'After=network.target nss-lookup.target';
+	  echo ''
+	  echo '[Service]';
+	  echo 'Type=forking';
+	  echo 'PIDFile=/run/nginx.pid';
+	  echo "ExecStartPre=$(which nginx) -t -q -g 'daemon on; master_process on;'";
+	  echo "ExecStart=$(which nginx) -g 'daemon on; master_process on;'";
+	  echo "ExecReload=$(which nginx) -g 'daemon on; master_process on;' -s reload";
+	  echo 'ExecStop=-/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid';
+	  echo 'TimeoutStopSec=5';
+	  echo 'KillMode=mixed';
+	  echo '';
+	  echo '[Install]';
+	  echo 'WantedBy=multi-user.target'; } > /etc/systemd/system/nginx.service
+	systemctl enable nginx
+    fi
+fi
+
+web_dir=/var/www
+if [ -f /usr/bin/pacman ]; then
+    web_dir=/srv/http
+fi
+if [ ! -d ${web_dir}/cache ]; then
+    mkdir ${web_dir}/cache
+fi
+
+echo "Creating nginx virtual host for http://${I2P_DOMAIN}"
+{ echo "proxy_cache_path ${web_dir}/cache levels=1:2 keys_zone=my_cache:10m max_size=10g";
+  echo '                 inactive=60m use_temp_path=off;'
+  echo '';
+  echo 'server {';
+  echo "    listen 127.0.0.1:${NGINX_PORT} default_server;";
+  echo "    server_name ${I2P_DOMAIN};"
+  echo '';
+  echo '    gzip            on;';
+  echo '    gzip_min_length 1000;';
+  echo '    gzip_proxied    expired no-cache no-store private auth;';
+  echo '    gzip_types      text/plain application/xml;';
+  echo '';
+  echo '    add_header X-Content-Type-Options nosniff;';
+  echo '    add_header X-XSS-Protection "1; mode=block";';
+  echo '    add_header X-Download-Options noopen;';
+  echo '    add_header X-Permitted-Cross-Domain-Policies none;';
+  echo '';
+  echo '    access_log /dev/null;';
+  echo '    error_log /dev/null;';
+  echo '';
+  echo '    index index.html;';
+  echo '    location / {';
+  echo '        proxy_http_version 1.1;';
+  echo '        client_max_body_size 31M;';
+  echo "        proxy_set_header Upgrade \$http_upgrade;";
+  echo '        proxy_set_header Connection "upgrade";';
+  echo "        proxy_set_header Host \$http_host;";
+  echo "        proxy_set_header X-Real-IP \$remote_addr;";
+  echo "        proxy_set_header X-Forward-For \$proxy_add_x_forwarded_for;";
+  echo '        proxy_set_header X-Forward-Proto http;';
+  echo '        proxy_set_header X-Nginx-Proxy true;';
+  echo '        expires epoch;';
+  echo '        proxy_no_cache 1;';
+  echo '        proxy_temp_file_write_size 64k;';
+  echo '        proxy_connect_timeout 10080s;';
+  echo '        proxy_send_timeout 10080;';
+  echo '        proxy_read_timeout 10080;';
+  echo '        proxy_buffer_size 64k;';
+  echo '        proxy_buffers 16 32k;';
+  echo '        proxy_busy_buffers_size 64k;';
+  echo '        proxy_redirect off;';
+  echo '        proxy_request_buffering off;';
+  echo '        proxy_buffering on;';
+  echo '        proxy_cache my_cache;';
+  echo '        proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;';
+  echo "        location ~ ^/(icons|images|media|emoji)/(.*)/(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '            expires 7d;';
+  echo "            proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '        }';
+  echo "        location ~ ^/icons/(.*)/(like|repeat|calendar)(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '            expires epoch;';
+  echo '            proxy_no_cache 1;';
+  echo "            proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '        }';
+  echo "        location ~ ^/icons/(like|repeat|calendar)(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '            expires epoch;';
+  echo '            proxy_no_cache 1;';
+  echo "            proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '        }';
+  echo "        location ~ ^/users/(.*)/(image|banner).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '            expires epoch;';
+  echo '            proxy_no_cache 1;';
+  echo "            proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '        }';
+  echo "        proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '    }';
+  echo '}'; } > /etc/nginx/sites-available/epicyon
+
+ln -s /etc/nginx/sites-available/epicyon /etc/nginx/sites-enabled/
+systemctl restart nginx
+
+echo "Your Epicyon i2p instance is now installed."
+echo 'In Firefox see preferences/network settings, manual proxy and uncheck DNS over HTTPS'
+echo "In a browser proxied through 127.0.0.1 port 4444 with socks5 proxy on 127.0.0.1 port 4447 navigate to http://${I2P_DOMAIN} and register an account"
+exit 0

deploy/onion

@@ -29,6 +29,7 @@ username='epicyon'
 NGINX_PORT=9552
 EPICYON_PORT=7156
 
+echo 'Adding Epicyon dependencies'
 if [ -f /usr/bin/pacman ]; then
     pacman -Syy
     pacman -S --noconfirm tor python-pip python-pysocks python-pycryptodome \
@@ -46,6 +47,7 @@ else
 	    tor nginx git
 fi
 
+echo 'Cloning the epicyon repo'
 if [ ! -d /opt/epicyon ]; then
     git clone https://gitlab.com/bashrc2/epicyon /opt/epicyon
 
@@ -55,6 +57,7 @@ if [ ! -d /opt/epicyon ]; then
     fi
 fi
 
+echo 'Adding an epicyon system user account'
 if [ -f /usr/bin/pacman ]; then
     groupadd epicyon
     useradd --system -g epicyon --home-dir=/opt/epicyon $username
@@ -66,6 +69,7 @@ fi
 
 chown -R epicyon:epicyon /opt/epicyon
 
+echo 'Creating onion site configuration'
 if [ ! -d /etc/torrc.d ]; then
     mkdir /etc/torrc.d
 fi
@@ -81,9 +85,12 @@ fi
 
 systemctl restart tor
 
+echo 'Waiting for tor daemon to restart'
+
 sleep 5
 
 if [ ! -f /var/lib/tor/hidden_service_epicyon/hostname ]; then
+    echo 'Waiting for tor daemon to restart...'
     sleep 5
 fi
 
@@ -95,7 +102,9 @@ if [ ! "$ONION_DOMAIN" ]; then
     echo 'No onion domain at /var/lib/tor/hidden_service_epicyon/hostname'
     exit 1
 fi
+echo "Onion domain created: $ONION_DOMAIN"
 
+echo 'Creating Epicyon daemon'
 { echo '[Unit]';
   echo "Description=$username";
   echo 'After=syslog.target';
@@ -119,6 +128,7 @@ systemctl daemon-reload
 systemctl enable epicyon
 systemctl restart epicyon
 
+echo 'Creating nginx configuration'
 if [ ! -f /etc/nginx/nginx.conf ]; then
     { echo 'user www-data;';
       echo 'pid /run/nginx.pid;';
@@ -186,6 +196,7 @@ fi
 
 if [ -f /usr/bin/pacman ]; then
     if [ ! -f /lib/systemd/system/nginx.service ]; then
+	echo 'Creating nginx daemon'
 	{ echo '[Unit]';
 	  echo 'Description=A high performance web server and a reverse proxy server';
 	  echo 'Documentation=man:nginx(8)';
@@ -215,6 +226,7 @@ if [ ! -d ${web_dir}/cache ]; then
     mkdir ${web_dir}/cache
 fi
 
+echo "Creating nginx virtual host for ${ONION_DOMAIN}"
 { echo "proxy_cache_path ${web_dir}/cache levels=1:2 keys_zone=my_cache:10m max_size=10g";
   echo '                 inactive=60m use_temp_path=off;'
   echo '';
@@ -235,52 +247,52 @@ fi
   echo '    access_log /dev/null;';
   echo '    error_log /dev/null;';
   echo '';
-  echo '  index index.html;';
-  echo '  location / {';
-  echo '    proxy_http_version 1.1;';
-  echo '    client_max_body_size 31M;';
-  echo "    proxy_set_header Upgrade \$http_upgrade;";
-  echo '    proxy_set_header Connection "upgrade";';
-  echo "    proxy_set_header Host \$http_host;";
-  echo "    proxy_set_header X-Real-IP \$remote_addr;";
-  echo "    proxy_set_header X-Forward-For \$proxy_add_x_forwarded_for;";
-  echo '    proxy_set_header X-Forward-Proto http;';
-  echo '    proxy_set_header X-Nginx-Proxy true;';
-  echo '    expires epoch;';
-  echo '    proxy_no_cache 1;';
-  echo '    proxy_temp_file_write_size 64k;';
-  echo '    proxy_connect_timeout 10080s;';
-  echo '    proxy_send_timeout 10080;';
-  echo '    proxy_read_timeout 10080;';
-  echo '    proxy_buffer_size 64k;';
-  echo '    proxy_buffers 16 32k;';
-  echo '    proxy_busy_buffers_size 64k;';
-  echo '    proxy_redirect off;';
-  echo '    proxy_request_buffering off;';
-  echo '    proxy_buffering on;';
-  echo '    proxy_cache my_cache;';
-  echo '    proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;';
-  echo "    location ~ ^/(icons|images|media|emoji)/(.*)/(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
-  echo '        expires 7d;';
-  echo "        proxy_pass http://localhost:${EPICYON_PORT};";
-  echo '    }';
-  echo "    location ~ ^/icons/(.*)/(like|repeat|calendar)(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '    index index.html;';
+  echo '    location / {';
+  echo '        proxy_http_version 1.1;';
+  echo '        client_max_body_size 31M;';
+  echo "        proxy_set_header Upgrade \$http_upgrade;";
+  echo '        proxy_set_header Connection "upgrade";';
+  echo "        proxy_set_header Host \$http_host;";
+  echo "        proxy_set_header X-Real-IP \$remote_addr;";
+  echo "        proxy_set_header X-Forward-For \$proxy_add_x_forwarded_for;";
+  echo '        proxy_set_header X-Forward-Proto http;';
+  echo '        proxy_set_header X-Nginx-Proxy true;';
   echo '        expires epoch;';
   echo '        proxy_no_cache 1;';
+  echo '        proxy_temp_file_write_size 64k;';
+  echo '        proxy_connect_timeout 10080s;';
+  echo '        proxy_send_timeout 10080;';
+  echo '        proxy_read_timeout 10080;';
+  echo '        proxy_buffer_size 64k;';
+  echo '        proxy_buffers 16 32k;';
+  echo '        proxy_busy_buffers_size 64k;';
+  echo '        proxy_redirect off;';
+  echo '        proxy_request_buffering off;';
+  echo '        proxy_buffering on;';
+  echo '        proxy_cache my_cache;';
+  echo '        proxy_cache_use_stale error timeout http_500 http_502 http_503 http_504;';
+  echo "        location ~ ^/(icons|images|media|emoji)/(.*)/(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '            expires 7d;';
+  echo "            proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '        }';
+  echo "        location ~ ^/icons/(.*)/(like|repeat|calendar)(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '            expires epoch;';
+  echo '            proxy_no_cache 1;';
+  echo "            proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '        }';
+  echo "        location ~ ^/icons/(like|repeat|calendar)(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '            expires epoch;';
+  echo '            proxy_no_cache 1;';
+  echo "            proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '        }';
+  echo "        location ~ ^/users/(.*)/(image|banner).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
+  echo '            expires epoch;';
+  echo '            proxy_no_cache 1;';
+  echo "            proxy_pass http://localhost:${EPICYON_PORT};";
+  echo '        }';
   echo "        proxy_pass http://localhost:${EPICYON_PORT};";
   echo '    }';
-  echo "    location ~ ^/icons/(like|repeat|calendar)(.*).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
-  echo '        expires epoch;';
-  echo '        proxy_no_cache 1;';
-  echo "        proxy_pass http://localhost:${EPICYON_PORT};";
-  echo '    }';
-  echo "    location ~ ^/users/(.*)/(image|banner).(png|jpg|gif|webp|mp3|ogv|ogg|mp4) {";
-  echo '        expires epoch;';
-  echo '        proxy_no_cache 1;';
-  echo "        proxy_pass http://localhost:${EPICYON_PORT};";
-  echo '    }';
-  echo "    proxy_pass http://localhost:${EPICYON_PORT};";
-  echo '  }';
   echo '}'; } > /etc/nginx/sites-available/epicyon
 
 ln -s /etc/nginx/sites-available/epicyon /etc/nginx/sites-enabled/

session.py

@@ -29,8 +29,8 @@ def createSession(proxyType: str):
         session.proxies['https'] = 'socks5h://localhost:9050'
     elif proxyType == 'i2p':
         session.proxies = {}
-        session.proxies['http'] = 'socks5h://localhost:4447'
-        session.proxies['https'] = 'socks5h://localhost:4447'
+        session.proxies['http'] = 'socks5h://localhost:4444'
+        session.proxies['https'] = 'socks5h://localhost:4444'
     elif proxyType == 'gnunet':
         session.proxies = {}
         session.proxies['http'] = 'socks5h://localhost:7777'