I want to access i2p on my vps without a always connected ssh tunnel. to tried to configure the client.config according to this: https://geti2p.net/en/faq "Configuring your console to be available on a Public IP address with a username & password

Open ~/.i2p/clients.config and replace

                clientApp.0.args=7657 ::1,127.0.0.1 ./webapps/
          

with

                clientApp.0.args=7657 ::1,127.0.0.1,(System_IP) ./webapps/
          

where you replace (System_IP) with your system's public IP address
Go to http://localhost:7657/configui and add a console username and password if desired - Adding a username & password is highly recommended to secure your I2P console from tampering, which could lead to de-anonymization.
Go to http://localhost:7657/index and hit "Graceful restart", which restarts the JVM and reloads the client applications

After that fires up, you should now be able to reach your console remotely. Load the router console at http://(System_IP):7657 and you will be prompted for the username and password you specified in step 2 above if your browser supports the authentication popup. NOTE: You can specify 0.0.0.0 in the above configuration. This specifies an interface, not a network or netmask. 0.0.0.0 means “bind to all interfaces”, so it can be reachable on 127.0.0.1:7657 as well as any LAN/WAN IP. Be careful when using this option as the console will be available on ALL addresses configured on your system." Is this possible or do i missunderstood something? i want to use yunohost with redirect to redirect fom 127.0.0.1:7657 to my domainexample routersubdomain.mydomain.com. Is this even possible? Setting clientApp.0.args=7657 ::1,127.0.0.1,(System_IP) ./webapps/ wont work for me. I guess its a chain of misstakes i do :S

  • 12510198@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    3
    ·
    4 days ago

    It should definitely be possible to setup NGINX & HTTPS to have your i2p router accessable at that domain, but id recommend just using the ssh tunnel with key-based authentication only, it adds an extra layer of authentication and encryption that cant be bruteforced or guessed.

    But I strongly advise against having your I2P router bind to a public ip address with just plaintext HTTP