Installation Guide
Everything you need to install and deploy RedundaNet — from a one-line CLI install to a full multi-arch Docker stack on a Raspberry Pi.
Prerequisites
Before installing RedundaNet, make sure you have:
- Python 3.11+ (for the CLI and development)
- Docker & Docker Compose (for containerized deployment)
- GPG (for node authentication)
- Git (for manifest synchronization)
Installation methods
1. PyPI (recommended)
The simplest way to install the RedundaNet CLI:
pip install redundanet
# Verify
redundanet --version2. Poetry (for development)
Clone the repository and install with Poetry:
git clone https://github.com/adefilippo83/redundanet.git
cd redundanet
# Install Poetry if you don't have it
curl -sSL https://install.python-poetry.org | python3 -
poetry install
poetry shell
redundanet --version3. Docker deployment (for running services)
Clone the repository and start the services from the docker/ directory:
git clone https://github.com/adefilippo83/redundanet.git
cd redundanet/docker
# As a storage node
docker compose --profile storage up -d
# As a client
docker compose --profile client up -dghcr.io/adefilippo83/redundanet-*) — no local build, so it works on low-powered hardware like a Raspberry Pi. The images are multi-arch (linux/amd64, linux/arm64, linux/arm/v7), so the right architecture is selected automatically.
To explicitly refresh to the latest published images:
docker compose pull
docker compose up -dChoosing the image source and version
Two environment variables override which images are used:
| Variable | Default | Purpose |
|---|---|---|
REGISTRY_OWNER |
adefilippo83 |
GHCR namespace to pull from |
VERSION |
latest |
Image tag (e.g. a release like 2.3.0) |
# Pin to a released version
VERSION=2.3.0 docker compose --profile storage up -dBuilding the images from source
To build locally instead of pulling (for development, an unsupported architecture, or air-gapped hosts), overlay docker-compose.build.yml:
docker compose -f docker-compose.yml -f docker-compose.build.yml build
docker compose -f docker-compose.yml -f docker-compose.build.yml --profile storage up -dThe locally built images are tagged with the same names as the pulled ones, so a later docker compose up -d (without the overlay) reuses them. For live-reload development, use docker-compose.dev.yml instead.
4. Raspberry Pi image
On first boot the Pi pulls the prebuilt container images for its architecture (arm64 for 64-bit Raspberry Pi OS, arm/v7 for 32-bit) straight from GHCR, so it never has to compile anything locally.
- Download the pre-built image from GitHub Releases.
- Flash it to an SD card with Raspberry Pi Imager.
- Boot the Pi and SSH in:
ssh redundanet@redundanet.local(password:redundanet). - Change the password immediately:
passwd. - Configure the node:
redundanet init.
System requirements
Minimum
| Resource | Requirement |
|---|---|
| CPU | 1 core |
| RAM | 1 GB |
| Storage | 10 GB (+ contributed storage) |
| Network | 1 Mbps |
Recommended
| Resource | Requirement |
|---|---|
| CPU | 2+ cores |
| RAM | 2+ GB |
| Storage | 50+ GB SSD |
| Network | 10+ Mbps |
Platform support
Linux (primary)
Fully supported on Ubuntu 20.04+, Debian 11+, Raspberry Pi OS, CentOS 8+, Fedora 35+, and Arch Linux.
macOS
Supported for development and CLI usage. Docker Desktop is required for containerized deployment.
Windows
Supported via WSL2. Native Windows support is experimental.
Container image architectures
The published images (ghcr.io/adefilippo83/redundanet-*) are multi-arch, so docker compose pull selects the correct one automatically:
| Architecture | Platform | Typical hardware |
|---|---|---|
linux/amd64 | x86-64 | Most servers, desktops, cloud VMs |
linux/arm64 | ARM 64-bit | Raspberry Pi 3/4/5 (64-bit OS), Apple Silicon |
linux/arm/v7 | ARM 32-bit | Raspberry Pi 2 / 32-bit Raspberry Pi OS |
For any other architecture, build the images from source with the docker-compose.build.yml overlay (see above).
Network requirements
Ports
| Port | Protocol | Purpose |
|---|---|---|
| 655 | TCP/UDP | Tinc VPN |
| 3456 | TCP | Tahoe-LAFS Client |
| 3457 | TCP | Tahoe-LAFS Storage |
| 3458 | TCP | Tahoe-LAFS Introducer |
Firewall configuration
For publicly accessible nodes, open port 655:
# UFW (Ubuntu)
sudo ufw allow 655/tcp
sudo ufw allow 655/udp
# firewalld (CentOS/Fedora)
sudo firewall-cmd --permanent --add-port=655/tcp
sudo firewall-cmd --permanent --add-port=655/udp
sudo firewall-cmd --reloadGPG key setup
GPG keys authenticate nodes and must be published to a public keyserver. The key must be RSA — it doubles as the node's Tinc transport key.
Using the RedundaNet CLI (recommended)
# Generate a new GPG key
redundanet node keys generate --name my-node --email you@example.com
# List your keys to get the key ID
redundanet node keys list
# Publish to keyservers
redundanet node keys publish --key-id YOUR_KEY_IDUsing standard GPG commands
# Generate a new key — choose RSA and RSA, 4096 bits
gpg --full-generate-key
# List keys to get your key ID
gpg --list-keys --keyid-format long
# Export to a keyserver
gpg --keyserver keys.openpgp.org --send-keys YOUR_KEY_IDVerification
After installation, confirm everything works:
# Check the CLI
redundanet --version
# Check GPG keys
redundanet node keys list
# Check Docker (run from the docker/ directory)
docker compose config
# Check node status
redundanet status