Самое полное руководство по работе с TweetDeck :: (12) Oleg Michman 25% �� 146% ☢️ ☣️⚠️ (@CASBT_UA) / Твіттер

 

How and why to run a web server in the Yggdrasil mesh network

By aquaratixc 

lhs-blog.info

12 min

October 17, 2021

View Original

In this article, we will tell you a little about the interesting network protocol Yggdrasil , which can help you implement your network ideas. We will cover the topic of why this is needed and what you can get from it, as well as touch on the topic of setting up Yggdrasil on your server and its possible prospects. Also at the end of the article, we will offer you some ideas for projects and developments that you can implement on your own if you wish.

This is one of the articles that only partly deals with the topic of the blog (namely, the D programming language), but we publish it here both as a preparatory article for one of the subsequent series of articles, and as simply information that cannot be shared.

What is Yggdrasil?

Yggdrasil is a relatively new networking protocol (as well as its implementation) that can be used to create a mesh network that can run on top of the Internet or any other existing network. The Yggdrasil-based network is private and decentralized (which is what the mesh network means), and its implementations involve zero configuration with absolute scalability.

The Yggdrasil protocol implies operation in a certain range of IPv6 addresses, and therefore, if an application supports operation through the IP version 6 protocol, then it will work without problems through Yggdrasil without any intermediate configuration steps.

Regarding the zero setting of Yggdrasil itself, it is not entirely correct to speak, since installation and some minimal configuration are expected, but as a rule, it is quite simple and well described in the documentation of Yggdrasil itself.

Realizing that after reading these lines, you had the thought “Why all this?”, And even with the setting, even if it is minimal, we will try to answer this question further.

Why is it necessary?

Indeed, why? The existing infrastructure is quite simple and contains a large number of solutions, as well as guidelines for their implementation, why do we need something else?

Now there are quite a lot of enthusiasts, including among non-programmers, who have at their disposal devices on which you can run your server. Also, most providers actively promote the development of self-hosted resources, and static addresses are also usually available to individuals.

But, as always, there is a "but" ...

What if for some reason you can't afford a static IP address? Or let's say your provider does not provide such a service, but switches to another provider at a rather costly rate?

In this case, Yggdrasil can help you. With Yggdrasil installed, you do not need to have a static IP address and a powerful server, because when you install Yggdrasil, you are automatically assigned an address from an unused segment 0200::/7and it is assigned to your device. The received IP address becomes available to all external devices (unless otherwise configured) that also have Yggdrasil installed, and this works even if your Internet is via a mobile operator!

Here is my personal example. All the Internet in my house goes through a 4G modem of one well-known operator, and I very often need remote access to the resources of my computer. And not just access from a computer, and sometimes even from a phone. The provider, to my request for a static IP address, could only answer that such a service is provided for legal entities. And thus, I had a problem: you need to have access, and this requires a static IP address. You can install some proprietary software for organizing a remote desktop for such purposes, but you didn’t want to trust your computer with such programs. At the same time, it took a number of people to see the computer resource through something like a web shell ... And here, I found a solution: I installed Yggdrasil, picked up clients for a computer and a smartphone, and set up a web server for static files on D - and all this works despite a 4G modem (quite successful bypassing NAT). I also tried it on a mobile device as well. Also works.

In addition, Yggdrasil can also help in case of restrictions and blockages, since it works on top of the main network and possible access problems do not directly concern Yggdrasil. This circumstance can be used in the presence of NAT or firewalls (a controversial statement, but we have seen cases where this worked).

Also, the fact that, in essence, Yggdrasil forms its own special decentralized (i.e. without central nodes and DNS) network may also be of interest, since it contributes to the emergence of independent resources with its own separate community and its own separate sphere of influence. All this leads to the fact that typical situations and rules for working on the Internet and other similar networks may not be applicable inside Yggdrasil.

Remote access and website hosting is by no means the only thing Yggdrasil can be used for. This protocol can give new life to plain old technologies that fell victim to their own popularity in the old days, or were deemed obsolete due to their security. The extremely low requirements for the implementation of the Yggdrasil protocol to work, as well as the ease of assembly from source code, allows Yggdrasil to be installed even on some routers.

This is really not a joke. Yggdrasil itself is written in Go, and I had an extremely interesting experience installing it from source codes, on an architecture that is not spelled out in the Yggdrasil documentation, namely on Onion Omega 2. Imagine a MIPS processor and 16 MB of memory in general for everything - and however, even here you can run Ygddrasil and it will work.

Old technology doesn't just mean old hardware that can be given new life by making it run like a low-powered server; this refers to a number of things and concepts that worked during the formation of the WWW and which have lost their relevance now, or a number of protocols that are not heard now, but were once very popular (for example, IRC). With Yggdrasil, you can use this for your needs, practically without changing the software used for this.

After we have covered a number of possible use cases (far from the only ones, by the way, there are many other successful cases), we will move on to the question of how to start.

How to install Yggdrasil?

In this part of the article, we will show how to set up Yggdrasil to work on Raspberry Pi . We will partially repeat the words from the official documentation describing the installation process, but what will be described below is applicable not only for Raspberry Pi OS , but also for other debian-based distributions. Also, we will describe not only the installation, but also part of the configuration, adding a step to it that will allow you to make all the settings a little faster. Installation on other Linux distributions is similar (only the package manager commands change), we will not touch on the installation for Windows in this article, since it is well covered in this article.

It is assumed that you have already prepared an SD card with the operating system and already installed the latest version of Raspberry Pi OS on it. It also assumes an internet connection and basic command line skills.

First, install the dirmngr package with the following command:

sudo apt-get install dirmngr

After that, we import the public keys of the Yggdrasil third-party repository (repository from the developers) and export them to apt with the following sequence of commands:

Now add the repository to apt sources and update the package lists in all current repositories:

Install with the following command:

sudo apt-get install yggdrasil

After installing Yggdrasil, its configuration file is automatically generated, which is located in /etc/yggdrasil.conf, the official instruction advises to restart the yggdrasil service in systemd after that, but we recommend doing a number of preparatory steps before that ...

Open the yggdrasil.conf file with superuser rights in the nano console editor:

sudo nano /etc/yggdrasil.conf

After the file has opened, look for a line with the inscription Peers: [] and put a list of peers (network nodes) inside square brackets, where each element of the list contains a comma after itself, and the address for the peer itself is placed in quotes. You can find the list of nodes here and choose your own, or you can use our version: replace Peers: [] in your file with a similar element from this file , which we compiled ourselves before preparing this article.

Now we enable the Yggdrasil service in systemd and restart it with the following command sequence:

sudo systemctl enable yggdrasil
sudo systemctl restart yggdrasil

This completes the configuration of everything necessary for the server. In order to have access to Yggdrasil from the client side, you also need to install Yggdrasil on the client workstation according to the same (or similar, but for your operating system) instructions. This is necessary because the client and server parts in this case are represented by the same program, and if the required minimum is not set on the client workstation, the client will be able to interact with Yggdrasil only through the appropriate proxy service.

You can find out about other installation options here , below are a number of possible options:

To check the functionality, you can type the following command, which will display a list of all peers to which you are connected:

sudo yggdrasilctl getPeers

If the installation is for a client that will use your resource that is planned to be made available from Yggdrasil, then as a check on the performance of the installation, it is recommended to visit (via a browser) the following network services inside Yggdrasil:

For example, the author of this article, after setting up Yggdrasil, the network map looks like this:

We start the server on D in Yggdrasil .

In principle, there is nothing special about running a server on D for Yggdrasil, since there are libraries for D that support working with IPv6. And the presence of IPv6 support is the only condition for the application to work through Yggdrasil (except for having Yggdrasil installed, of course).

As a tutorial, we will use the same code as used in the article about generating static pages for git repositories , only we will make a number of changes: we need to correct the address that will be served by the server and the port (if necessary). In general, no other changes are required:

#!/usr/bin/env dub
/+ dub.sdl:
    name "yggtest"
    dependency "vibe-d" version="~>0.8.2"
+/
import std.stdio;

import vibe.vibe;
import vibe.http.fileserver;
import vibe.http.router;
import vibe.http.server;

void index(HTTPServerRequest req, HTTPServerResponse res)
{
    static import std.file;
    auto result = cast(string) std.file.read(`index.html`);
    res.writeBody(result, "text/html; charset=UTF-8");
}

void main()
{
    auto router = new URLRouter;
    router.get("/", &index);
    router.get("*", serveStaticFiles(""));

    auto settings = new HTTPServerSettings;
    settings.port = <your port number>;
    settings.bindAddresses = ["<Ваш адрес Yggdrasil>", "127.0.0.1"];

    listenHTTP(settings, router);
    runApplication();
}

The address of your device running Yggdrasil can be found using the command:

sudo yggdrasilctl getPeers

Following the instructions from the already mentioned article and changing the address / port, we get the following picture (this is already on another computer, even connected to another provider):

In summary, Yggdrasil is a very convenient and simple mesh network, which, despite its youth, is actively developing and allows you to easily (at ease and in an informal manner) create and promote your own resources without the need for organizations providing IP addresses and corporations hosting a variety of user-generated content. At the same time, creating and hosting your resource is so simple that you only need to install the yggdrasil application and its minimal configuration. Such advantages make content accessible and reduce the cost of the necessary infrastructure, but one should not think that Yggdrasil is a panacea and does not have disadvantages.

Among the shortcomings, one can note the lack of DNS (although there are attempts to create something similar), unusual and long addresses, not very high network speed, etc. However, some of these shortcomings can be eliminated in the future, and some part may even be an advantage of the network itself.

In general, it is up to you to decide whether Yggdrasil deserves attention and only time will put everything in its place ...

What's next?

A long time ago, in a distant Galaxy... Yes, we did not forget that we promised to share a number of our speculative ideas regarding the application of the Yggdrasil protocol and its implementation. Imagine, when the Internet was relatively small and free, and HTTP was not yet widely used, there were a number of interesting and simple protocols through which users could interact with information. It is clear that many of them are now recognized as obsolete and practically dead, but some old developments are still alive.

We are talking here about the Gopher protocol , which allowed using a simple text interface through port 70 to access various content. The most interesting feature of the protocol is its hierarchical organization, which allows you to create a convenient order for files and links, somewhat reminiscent of FTP. Of course, Gopher is now more of a story, but its servers are still active due to their simplicity and undemanding hardware, for example, here is one of them , which shows the uptimes of Gopher servers.

But, even if this is not the case, and we are not suggesting that you create a Gopher server (although nothing stops you from implementing it), we want to introduce you to a very interesting idea - the Gemini protocol .

Gemini is a kind of improved Gopher, as well as what the Web could once be. The creators of Gemini did not want to replace the Web we are used to, but only wanted to offer another option that could coexist with the current solution, but at the same time be simpler, lighter and more organized.

Here is what the authors themselves say:

Gemini is a new, application layer Internet protocol for distributing arbitrary files, with some preference for transferring a lightweight hypertext format that allows files to easily link to each other. You can think of Gemini as "the web back to its original essence" or as "Gopher improved and modernized" depending on your perspective (the second view is more accurate, though)

The bottom line is that Gemini is a clean and simple way to serve a variety of content, free from unnecessary “designer garbage”, scripts (with possible tracking and malicious functionality) and focused on privacy. Yes, Gemini is somewhat similar to Gopher - its specification is also quite light (you can keep it entirely in your head) and it is also undemanding to the resources on which information will be placed, but Gemini is more modern and better protected.

This is how the client for Gemini called Lagrange and the “sites” themselves in Gemini look like:

What purity and beauty! No superfluous decoration, only the essence.

Now Yggdrasil is somewhat reminiscent of the early Internet, and Gemini, in our opinion, would fit well into this network: many have single-board computers, some even have some old PCs - and they could expand the “hemisphere” on them (Gemispace is the English name for the common space of all gemini resources, which, by the way, are not called sites, but capsules - “capsules”), thereby giving users their own information under control.

And, we, the authors of this blog, would like to contribute to the filling of Gemini-space (or even Gopher-space) with new material, and would like to provide you with an interesting tool to implement this idea.

Also, for those who are interested, we leave some layer of information on Gemini and related topics:

And a small set of links on Yggdrasil:

Просмотры: