Accessing SNApps is as simple as installing Lokinet, opening your browser of choice, and entering the SNApp's .loki address in the address bar!
Jump into a browser such as Chrome or Firefox and enter the following SNApp address:
This should take you to the Lokinet Wiki, hosted within Lokinet. If this SNApp works, you have full Lokinet access!
It is possible to configure your SNApp so that others can get service information when looking it up. For example, you may want to tell the user you are hosting an xmpp server at a specific port, or even at a different .loki address, or perhaps even load-balance a service across multiple .loki addresses.
To start open the Lokinet config file, If you have built Lokinet from Deb packages, you can open your lokinet.ini
file in the nano
text editor with the following command:
Otherwise, if you have built Lokinet from source, your lokinet.ini
file will be in the folder ~/.lokinet/lokinet.ini
, and can be opened in nano
with the following command:
Under the section heading [network]
add one or more entries with the following format:
An example:
This would be an entry for the XMPP protocol, pointing to mylokiaddress.loki
at port 1234.
Another example:
This would be an entry for Mumble, pointing to the SNApp you are configuring at port 64738.
The target in this entry MUST be one of the following:
empty, which means "just use the .loki for this SNApp"
a single dot (.
), which means "this SNApp does NOT have that service available"
any valid name in the .loki TLD.
For more information on SRV records and what you can do with them, visit the Wikipedia article.
Depending on the nature of the application or service which you want to make accessible over Lokinet, you may want to only run a temporary SNApp, or a SNApp that continues to persistently use the same .loki pubkey.
A temporary SNApp is a service accessible over Lokinet that does not have a permanent address. This means that the address you supply to others will not work once the server hosting the SNApp is restarted.
If you want users to be able to access your application or service over an extended period of time, a temporary SNApp is not recommended.
If you only want to host a temporary SNApp, jump to Step 2.
Note: This guide assumes you are running a standard Debian or Ubuntu Linux distribution on the machine on which you'll be hosting the SNApp and that you have Lokinet installed and running on this machine, if not please follow the guide here to get Lokinet running. This guide also assumes you are relatively familiar with using the command line.
Start by opening your lokinet.ini
file and adding a path to where your SNApp key files will be stored.
If you have installed Lokinet from Deb packages, you can open your lokinet.ini
file in the nano
text editor with the following command:
Otherwise, if you have built Lokinet from source, your lokinet.ini
file will be in the folder ~/.lokinet/lokinet.ini
, and can be opened in nano
with the following command:
With lokinet.ini
open in the text editor, scroll down to your [network]
section and add the following line:
Alternatively, you can set the filepath to wherever you want your SNApp private key to be stored.
Now, when you restart Lokinet, it will generate your snappkey.private
file in the directory you have set.
You can find your SNApp's current address using a host lookup tool:
You can also use the host
command (the .loki address to query is the same, but the resolver uses the address 127.3.2.1
as to not conflict with other resolvers you may have installed):
Install a proper web server:
If you want your SNApp to be accessible only via Lokinet and not via your IP address or domain name then you will need to configure nginx
to run only on the lokinet interface.
First we will need to set the Lokinet interface IP range, we can do this by accessing our Lokinet config file as we did in Step 1 and adding this line in the [network]
section:
this can go underneath your existing network config changes, after this change is made restart Lokinet using:
Once Lokinet is restarted run the following command to open your nginx default configuration file, we are going to make a few changes here.
change any listen
directives to use the lokinet IP 10.67.0.1
remove any IPV6 listen
directives and replace the .loki address after server_name
with the Lokinet address you discovered in Step 2
This should leave your default file in sites available looking something like this:
save the changes and exit the file. Once this step is complete you can reload nginx with the following command:
Proceed to Step 6
Setup a clearnet and Lokinet accessible SNApp
If you want your SNApp to be accessible via Lokinet and your clearnet IP/Domain name then fewer changes are required. First open /etc/nginx/sites-enabled/default
using:
Then add your .loki address (which you discovered in Step 2) as a server_name
, after the changes your nginx default file should look something like this:
Proceed to Step 6
TIP: By default, you can drop files into /var/www/html
to serve them as a SNApp. Make sure they are accessible via the www-data
user (or whichever user nginx
runs as.
TIP: You can make nginx
generate a directory listing of files by adding autoindex on;
on a new line into the location
block in the nginx config file.
Make sure no services bind to all interfaces.
Suggested UFW firewall settings when using nginx:
Congratulations! Your SNApp should now be accessible over Lokinet. Use the Lokinet address you discovered in Step 2, to access your SNApp
Lokinet SNApps allow users to interact with applications or services entirely within Lokinet, similar to Tor's hidden services. SNApps provide an even higher degree of anonymity than can be achieved when accessing externally hosted content through exit nodes. SNApps allow for users to set up and host marketplaces, forums, whistle-blowing websites, social media sites, and other web-based applications on their own servers while maintaining full server- and client-side anonymity. SNApps greatly expand what's possible with Lokinet, and allow users to build meaningful communities entirely within Lokinet itself.
SNApp operators use the traditional server-client model, with the key difference being that Oxen Service Nodes act as intermediaries in a user's connection to the SNApp server. When a SNApp wishes to register on the network, it must update the DHT with its descriptor. This descriptor contains various introducers, which are specific Oxen Service Nodes that users can contact to form a path to the SNApp. When these paths are set up, users can connect to the SNApp without either party knowing where the other is located in the network.
Guide
Description
How to access SNApps.
Hosting your own SNApp (making a web service available over Lokinet).
How to give your SNApp a human readable address
How to add and configure SRV records for your SNApp
By default Lokinet uses 52 character non human readable strings as addresses in the network, for example:
http://dw68y1xhptqbhcm5s8aaaip6dbopykagig5q5u1za4c7pzxto77y.loki
These default addresses can be hard to remember and communicate to users.
ONS (Oxen Name Service) allows SNApp operators to map a human readable name to any default .loki address, as an example
http://probably.loki
Which is an ONS record mapping the human readable name probably
and the Lokinet address dw68y1xhptqbhcm5s8aaaip6dbopykagig5q5u1za4c7pzxto77y
ONS records are registered as transactions the Oxen blockchain and can be resolved by Lokinet clients, which with the Service Node network. They work in a similar manner to other blockchain naming services like ENS
Registering a .loki ONS mapping requires the user to create an Oxen wallet and deposit at least 7 Oxen (plus transactions fees), visit the Oxen website to find out where Oxen can be bought
You can register a ONS record by opening the "Oxen Name Service" tab in the Oxen GUI wallet
Once the "Oxen Name Service" tab is open, select the drop down menu underneath "ONS Record Type", and choose how long you would like to register your Lokinet name for.
Add your preferred human readable name, and your existing .loki address, an Oxen address may also be specified if you want to delegate ownership to a wallet separate from the wallet currently in use. Backup owners can be specified and have the same rights as the owner.
Once the relevant fields have been populated press "purchase" and confirm the transaction, transactions can take up to 20 minutes to confirm, once confirmed, you record will be registered and resolution between the human readable name and the default loki address should be complete.