- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Thought I would share my simple docker/podman setup for torrenting over I2P. It’s just 2 files, a compose file and a config file, along with an in-depth explanation, available at my repo https://codeberg.org/xabadak/podman-i2p-qbittorrent. And it comes with a built-in “kill-switch” to prevent traffic leaking out to the clearnet. But for the uninitiated, some may be wondering:
What is I2P and why should I care?
For a p2p system like bittorrent, for two peers to connect to each other, at least one side needs to have their ports open. If one side uses a VPN, their provider needs to support “port forwarding” in order for them to have their ports open (assuming everything else is configured properly). If you have ever tried to download a torrent with seeders available, yet failed to connect to any of them, your ports are probably not open. And with regulators cracking down on VPNs and forcing providers like Mullvad to shut down port forwarding, torrenting over the clearnet is becoming more and more difficult.
The I2P network doesn’t have these issues. The I2P is an alternative internet network where all users are anonymous by default. So you don’t need a VPN to hide your activity from your ISP. You don’t need port-forwarding either, all peers can reach each other. And if you do happen to run a VPN on your PC, that’s fine too - I2P will work just the same. So if you’re turning your VPN on and off all the time, you can keep I2P running throughout, and continue downloading/uploading.
I2P eliminates all the complications and worries about seeding, making it easy for beginners to contribute to the network. I2P also makes downloading easier, since all peers are always reachable. And it’s more decentralized too, since users don’t need to rely on VPN providers. And of course, it’s free and open source!
A fair warning though, I2P is restricted in some countries. And in terms of torrenting specifically, torrents have to explicitly support I2P. You can’t just take any clearnet torrent and expect it to work on I2P. And the speeds are generally lower since there are less seeders, and the built-in anonymity has a cost as well. However I’ve been surprised at the amount of content on the I2P network, and I’ve been able to reach 1 MB/s download speeds. It’s more than good enough for me, and it will only get better the more people join, so I hope this repo is enough for people to get started.
You must log in or register to comment.
Thank you! I just randomly found your guide in another Lemmy post and this kind of setup has been in my to-do list after I became “pro” with gluetun and qbitorrent (inside Docker) and thought the same could be done for i2pd but haven’t had the time.
I have some questions
-
I have been very happy about qbitorrent finally opening to i2p but recently found out that because it is using libtorrent it doesn’t support DHT for i2p (while the official i2psnark client does). Don’t you think is better at this point to still use i2psnark (and you would have the commodity to also have the browser included?) despite being in Java…
-
For some reason, I would still feel insecure in using i2p without a VPN. It is said there is no need, ok, but what if I still want to use it. I guess it shouldn’t harm? Like affecting speed or other factors? I would like to remove as much as possible any chance of my ISP sniffing on my connections.
PS: I have an improvement for your guide 😁You could add an extra container with Mullvad-Browser (still from linuxserver) to access Postman.
-
Interesting, I’ve been looking for a easier i2p torrent application. Gonna try it out this summer.
I probably should have mentioned this in the post, but don’t forget you can run this on desktop too! All Fedora-based distros (Kinoite, Bazzite, etc) have Podman pre-installed. You just need to install podman-compose/docker-compose. If you’re on an atomic distro you’ll have to layer, or use a distrobox (either install podman-compose and use host podman or just install both podman and podman-compose inside a distrobox), or convert the compose file into individual Podman commands like
podman network create --internal ...andpodman run ..., but it’s definitely doable in an hour or so.
I really want to build an i2p router, and have started a couple times, but the lack of control of what goes through my hardware stops me every time. It’s a cool project and, sadly, looking more necessary every year.
It’s weird I don’t have these hang ups for other systems. Running a meshcore node doesn’t give me the willies. Just for i2p I worry how much csam is going through my router.
It’s true, you never really know what will be going through your router. I guess I just got over it after a few years of struggling with VPNs and port-forwarding. Just felt like the noose was getting tighter, especially after Mullvad stopped providing the feature. My stance is that if I ever knew that such content was going through my PC I would block it, but if it’s all encrypted then what can I do? Same reason why I support encrypted messaging apps - they can be used for harm but is that the fault of the tool? Though I recognize it’s a complex issue.
Agreed. I’ll get over myself one day and build one. For now Airvpn supports port forwarding at an affordable (to me) price, so I let them deal with the moral dilemma.
It’s coming though, i2p is where my server is headed, even if I keep a VPN up too.
It’s weird that all the tier 1 ISPs have no such worries though.
It’s not weird at all. They’re share holder corpos, anti-morality is par for course. Corporations are not our friends.
A fair warning though, I2P is restricted in some countries.
And that list is almost identical with Naughty-no-gift-from-Santa list.
looks easy enough, will try, thank you.
tbh, looked at the thing some while back and noped out when I saw “java” in there; absolutely irrational, I know - just can’t stand the thing. cool that there’s an alternative.
It’s not just the router. The officially recommended I2P torrent client, called I2PSnark, is also in Java and its a pain to get working in Docker. It’s not a bad torrent client, just feels like the official I2P tools still don’t have great support for modern Linux devops. Now that qBittorrent supports I2P the whole stack feels much more at home.
And in terms of torrenting specifically, torrents have to explicitly support I2P. You can’t just take any clearnet torrent and expect it to work on I2P.
are you sure about that? for public torrents you just add the postman tracker and done. if libtorrent gets support for DHT over I2P, even that won’t be needed
You’re right I was thinking about it incorrectly. But I2P peers can only reach other I2P peers though right?
hmm I’m not sure I understand you. qbittorrent allows you to set whether you want to also use I2P or only that, globally for all torrents. but I2P peers who are in mixed mode, they can work as a bridge, getting the pieces from internet peers and redistributing it on the I2P network
Is there a way I can do this without docker? I just run Qbit on my regular windows computer and don’t wanna delve into Docker. Would Love to share the 5k+ torrents I have on the I2p network.
You could just install the i2pd windows client, and then configure it to enable “SAM”. You could use the
i2pd.conffile in my repo as a reference, just make sure to use 127.0.0.1 instead of 0.0.0.0 so that only applications running on your computer would be able to access i2pd (0.0.0.0 is only needed for docker). Then you would configure your browser and qbittorrent the same way detailed in my repo, except make sure to enable “mixed” mode so that your torrents are seeding over both clearnet and I2P. Lastly, even though you’ll be seeding your torrents over I2P, nobody will be able to find them unless you post them to an I2P tracker like Postman. I don’t know how to submit torrents to Postman so you’re on your own for that one
deleted by creator
I remember reading about I2P back in the day. I am old school. If my old memory serves me correctly, I think there are some vulnerabilities with using I2P instead of say a VPN? (Now, I am going to have to go down that rabbit hole again to refresh my memory.)
Edit to add; The list below describes some of I2P’s main disadvantages.
-
Complex configuration process: It necessitates a drawn-out installation procedure and specific browser settings.
-
Must-have logging: The I2P user interface must be logged in for users to access their material.
-
Severe vulnerabilities: Over 30,000 users were made vulnerable by a zero-day vulnerability that I2P experienced in 2014. Later, a 2017 study found that several more I2P flaws may also be exploited.
-
A much tiner user base than TOR: As a result, I2P has fewer network nodes and servers and is more open to intrusions.
-
Less anonymity when browsing indexed sites: I2P does not ensure that users’ browsing of indexed sites is completely anonymous. The use of VPN services may be able to address this issue.
There was an exploit last May, however, if one is not able to fork over money for a VPN, I2P is a good alternative for a free option.
Thanks for the info, I would not claim to be an expert about I2P so some of this is definitely new to me. Though I think the situation has improved quite a bit.
Complex configuration process: It necessitates a drawn-out installation procedure and specific browser settings.
If you just want I2P without the torrenting, you can use the official I2P router, which is just an HTTP proxy that runs on your PC, just like Tor. The 3rd-party router used in my guide, i2pd, has a Flatpak as well. So as far as installing the router goes, it’s a few clicks. You are correct that it does require configuring the browser though, you are correct. This is explained in my guide and also on the official website. Not as easy as clicking an “Install” button, but only takes around 5 minutes. I wish there were an official I2P browser like the Tor browser though.
Must-have logging: The I2P user interface must be logged in for users to access their material.
Not sure what you mean by this. I’ve never had to log into anything to set up I2P.
Severe vulnerabilities
I have no doubt. But Tor has had many vulnerabilities too. Both have gotten much better over time.
A much tiner user base than TOR: As a result, I2P has fewer network nodes and servers and is more open to intrusions.
Definitely true. In fact it makes me suspicious how fast TOR is despite how many users there are, and how the relatively high requirements to be a relay (not to mention an exit node). AFAIK TOR is heavily reliant on rich and generous patrons, which makes me wonder about the motives of these patrons. I believe I2P has the potential to be much more decentralized, since every user is expected to also be a router, and Techlore has also raised this point (though I don’t have the video on me right now).
Less anonymity when browsing indexed sites: I2P does not ensure that users’ browsing of indexed sites is completely anonymous. The use of VPN services may be able to address this issue.
I didn’t know this. What are indexed sites?
Good info here. You will have to read the author’s article to answer your questions, I marked as ‘source’ above. I did read on a more recent article that I2P can be a little slower than a VPN because, I guess it is decentralized, all those node paths the info has to travel?? Believe me, if something happens to the company that hosts my “lifetime” VPN purchase, I will most likely switch to I2P.
It’s also slower simply because it’s basically a bunch of VPNs running on consumer hardware. Actual VPN providers can provide big powerful servers. This is why I think torrenting is a great fit for the slower speeds of I2P - waiting a little longer for a download is bearable, as opposed to waiting for a webpage to load.
-
