How to set up a detached and encrypted ZeroNet seedbox on a Raspberry Pi

published: 2019-11-06

Format a USB stick with LUKS:

sudo apt install gnome-disk-utility cryptsetup

If you're running a different distro on your server, the package name will likely vary: it's usually some form of gnome-disks. cryptsetup is required for LUKS, and for some reason, apt doesn't install it by default.

Once it installs, make sure your USB stick is plugged in, open a terminal, and run sudo gnome-disks.

Hit the gear icon below the partition table and choose Format Partition, then choose LUKS. Enter a strong password (that you'll remember, of course). In the "Volume Label" section, enter "zeronet" just to make this guide a little easier.

Mount the USB stick:

sudo nano -$ /etc/fstab

Put the following line on the bottom:

/dev/disk/by-label/zeronet /mnt/zeronet auto user,nosuid,nodev,nofail,x-gvfs-show 0 0

Reboot your server.

If /mnt/zeronet isn't accessible by non-root users, execute the following command to fix that:

sudo chmod -R 777 /mnt/zeronet

Please note that 777 isn't the safest of permissions; if you know your username and group, a chown instead is safer:

sudo chown -R username:group /mnt/zeronet


				
					Download and install the latest version of ZeroNet:
				
				cd /mnt/zeronet
				git clone https://github.com/HelloZeroNet/ZeroNet
				cd ZeroNet
				sudo -H pip3 install -r requirements.txt
				Enable the UiPassword plugin, and remove the Multiuser plugin to avoid future issues:
				mv plugins/disabled-UiPassword plugins/UiPassword
				rm -rf plugins/disabled-Multiuser
				Then configure it to be accessible over the network:
				nano -$ zeronet.conf
				Paste the following into the text editor:
								[global]
				fileserver_port = 27328
				ui_ip = your.local.ip.here
				ui_password = set_a_password_here
				
				
					Enable Tor access:
				
				sudo apt install tor
				sudo nano -$ /etc/tor/torrc
				Uncomment the lines that say ControlPort 9051 and CookieAuthentication 1.
				Save and exit the file, then restart the Tor service:
				sudo systemctl restart tor
				Then give your user permission to read the Tor cookie you just set up:
				sudo usermod -a -G debian-tor YourUsername
				Login and logout of your user, or just reboot the server.
				
					Make a systemd service:
				
				sudo nano -$ /etc/systemd/system/zeronet.service
				Paste the following:
								[Unit]
				Description=zeronet
				After=syslog.target
				After=network.target

				[Service]
				Type=simple
				User=YourUsername
				WorkingDirectory=/mnt/zeronet/ZeroNet
				ExecStart=/usr/bin/python3 /mnt/zeronet/ZeroNet/zeronet.py
				Environment=USER=YourUsername
				Restart=always
				StandardError=syslog
				CPUQuota=80%

				[Install]
				WantedBy=multi-user.target
				
				Then reload systemd to install the new service:
				sudo systemctl daemon-reload
				
					Start ZeroNet:
				
				sudo systemctl start zeronet


			
			
				CC BY-NC-SA 4.0 © Vane Vander