Skip to content

althea-net/rita-installer

Repository files navigation

Rita Installer

This repo contains tools for setting up an Rita client/relay/gateway (here on known as a client) as well as an Althea exit server. The client softare is what the Rita firmware packges as a complete system image.

If you are looking for a simple client to spin up in a vm please use The x86 OpenWrt image as it's a much more polished package.

This repo is useful for when you want to build your own client on a non-openwrt platform or when you want to setup your own exit server.


Is this where I get Althea?

Rita runs on home routers that support OpenWRT, not typically on normal computers.

This repository is for technical users who want to setup their own exit or build a special purpose Rita client.

Getting Started

First off you need a Linux machine with Ansible.

On Ubuntu and Debian:

sudo apt install python-pip libsqlite3-dev libssl-dev build-essential

sudo pip install ansible

On Fedora:

sudo dnf install ansible sqllite3-devel openssl-devel gcc

On Centos and RHEL:

sudo yum install ansible sqllite3-devel openssl-devel gcc

All other required software will be installed by the setup playbook

Setting up an Exit server

An Rita Exit server is essentially a WireGuard proxy server setup to terminate traffic from a Rita network

Create a file named hosts and populate it with the ip addreses of your exit server like so.

[exit]
1.1.1.1 description="My Exit Primary!" primary=True  wg_private_key="" wg_public_key=""
2.2.2.2 description="My Exit Secondary!"               wg_private_key="" wg_public_key=""
[exit:vars]
eth_private_key = ""
fee_multiplier = 20
mailer=True
email_address=""
smtp_url=""
smtp_domain=""
smtp_username=""
smtp_password=""
balance_notification_interval=86400
balance_notification_body="Your Althea router has a low balance! Your service will be slow until more funds are added. Visit althea.net/top-up"
database_uri=""
external_nic=""
system_chain="Rinkeby"
full_nodes=["https://rinkeby.infura.io/v3/174d2ebf288a452fab8a8f90eab57be7"]
#system_chain="Ethereum"
#full_nodes=["https://eth.althea.org:443", "https://mainnet.infura.io/v3/
6b080f02d7004a8394444cdf232a7081"]
#system_chain="Xdai"
#full_nodes=["https://dai.althea.org:443"]
exit_mesh_ip="fd00::xxxxx"
wg_exit_public_key=""
wg_exit_private_key=""
allowed_country_codes="[]"
exit_price_wei = 714000
standalone = true
entry_timeout = "86400"
debt_limit = false

There's a lot of data that goes into the hosts file for an exit. This configuration outlines a cluster of two exits with a primary and secondary failover. If you configure your gateway with a url containing multiple DNS entires for each server Althea clients will automatically connect and failover. Sadly the failover process isn't quite perfect and having active failover may somtimes create minor connection disruptions for the users.

If you don't want to run multiple servers simply remove that line.

next are authentication settings, I've included blank SMTP mail auth settings. If you leave mailer True you can fill out those details and have the exit send users emails to authorize. If you turn mailer to False it will disable authentication of new users.

Finally you need to generate another set of keys and uncomment the appropriate blockchain full nodes and settings. You must also select an arbitrary valid ipv6 address out of the fd00::/8 range

I've left 'standalone' on, this should setup a local postgres server for you to use but it's not as well tested as having standalone false and using a postgres database uri.

When setting up a new postgres database you'll need to run the migrations here

# install rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
# install diesel
cargo install diesel_cli
# clone rita
git clone https://github.com/althea-net/rita
# run the migrations
cd rita/exit_db
diesel migration run --database-url=""

Now that everything is finally configured you can run ansible to configure your exit server

ansible-playbook -i [your hosts file] install-exit.yml

To update the exit software simply run the playbook again, there will be a minor disruption for users

Adding your new exit to an Althea client

Currently we ship exits as part of the default config file in the firmware but that's hardly the only way to configure one.

You can manually edit the /etc/rita.toml file on a client and paste in a block like this

[exit_client.exits.test]
registration_port = 4875
description = "The Althea testing exit cluster. Unstable!"
state = "New"
[exit_client.exits.test.id]
mesh_ip = "fd00::1337:1e0f"
eth_address = "0x5aee3dff733f56cfe7e5390b9cc3a46a90ca1cfa"
wg_public_key = "zgAlhyOQy8crB0ewrsWt3ES9SvFguwx5mq9i2KiknmA="

Replace the eth address with the public address of the private key you configured in the exit hosts file and the public key should be the value of the wg_exit_public_key likewise mesh_ip is the value of exit_mesh_ip as configured above. The description is arbitrary so put whatever you like.

You can also use curl to directly insert a new exit

curl -vv -XPOST -H 'Content-Type: application/json' -d
 "test_exit": {
      "id": {
        "mesh_ip": "fd00::1337:e4f",
        "eth_address": "0xe4ad1f9aa23957d294d869b70fc8f28774df896e",
        "wg_public_key": "1kKSpzdhI4kfqeMqch9I1bXqOUXeKN7EQBecVzW60ys=",
      },
      "registration_port": 4875,
      "description": "An arbitrary testing exit",
      "state": "New",
    }
192.168.10.1:4877/exits

Or even direct curl to a remote list of exits over https. This will load a file from the destination and extract a Json formatted list of exits (see the formatting of the previous request as an example).

curl 127.0.0.1:4877/exits/sync -H "Content-Type:application/json" -d '\{"url": "https://somewhere.safe"\}

Setting up an Rita node

A Rita client/relay node will pass traffic for other users on the network as well as provide secure internet acces over the network from a configured lan port. This also includes gateway functionality if you include an external_nic in the profile.

For anything you don't wish to configure (lan, wan, mesh) just provide an empty list.

Create a file named hosts and populate it with the ip addreses of your devices server like so. You can use 'localhost' for your local machine.

[intermediary]
localhost

Profiles are variables files pulled into Ansible for easy customization of what the playbook will do. Edit profiles/example.yml to match your needs. This should mostly just involve setting the correct interfaces for your machine. If you are running against localhost use the -c local option and put 'localhost' in your hosts file.

Once configured run

ansible-playbook -e @profiles/[your profile name or example.yml][-c local if running against localhost] -i [your hosts file or ci-hosts] install-intermediary.yml

To update the Rita version just run again after building a new binary and placing it in the same folder as the playbook

About

Server installation automation for rita and rita-exit

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages