forked from stackernews/stacker.news
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Reapply "Merge pull request stackernews#1521 from riccardobl/tordev"
This reverts commit 4cc3780.
- Loading branch information
1 parent
4cc3780
commit f2f100d
Showing
20 changed files
with
607 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
#!/bin/bash | ||
|
||
ONION_DOMAIN="" | ||
|
||
if [ -f /home/lnd/.tor/hidden_service/hostname ]; then | ||
ONION_DOMAIN=$(cat /home/lnd/.tor/hidden_service/hostname) | ||
fi | ||
|
||
# expand the cmd arguments | ||
args=$(echo "$@" | sed -e "s/\${ONION_DOMAIN}/$ONION_DOMAIN/g") | ||
|
||
# Execute the original entry point script with the modified command line`` | ||
/entrypoint.sh $args |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
FROM debian:bookworm | ||
|
||
RUN apt-get update -y \ | ||
&& apt-get install -y tor bash openssl netcat-traditional \ | ||
&& apt-get clean \ | ||
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* | ||
|
||
ADD torrc /etc/tor/torrc.template | ||
ADD tor.sh /tor.sh | ||
ADD services.conf /services.conf | ||
RUN mkdir -p /tordata && groupadd -g 1000 tor && useradd -u 1000 -g 1000 -m tor && chown -R tor:tor /tordata | ||
EXPOSE 9050 9051 7050 | ||
VOLUME "/tordata" | ||
USER tor | ||
ENTRYPOINT [ "bash", "/tor.sh" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
HiddenServicePort 10009 stacker_lnd:10009 | ||
HiddenServicePort 3010 stacker_cln:3010 | ||
HiddenServicePort 5000 lnbits:5000 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
#!/bin/bash | ||
|
||
function initialize { | ||
####################### generate and save control password ######################## | ||
cp -f /etc/tor/torrc.template /tordata/torrc | ||
TOR_PASSWORD="" | ||
if [ -f /tordata/.env.torpass ]; then source /tordata/.env.torpass; fi | ||
|
||
if [ -z "$torPassword" ]; then | ||
TOR_PASSWORD=$(openssl rand -hex 32) | ||
echo "TOR_PASSWORD=$TOR_PASSWORD" > /tordata/.env.torpass | ||
fi | ||
|
||
TOR_PASSWORD_HASH=$(tor --hash-password "$TOR_PASSWORD" 2>/dev/null | tail -n 1) | ||
echo "Replacing %HashedControlPassword% with $TOR_PASSWORD_HASH" | ||
sed -i "s|%HashedControlPassword%|$TOR_PASSWORD_HASH|g" /tordata/torrc | ||
################################################################################## | ||
} | ||
|
||
function mergeServices { | ||
cat /services.conf >> /tordata/torrc | ||
} | ||
|
||
# There is a circular dependency between tor and stacker_lnd: | ||
# <-> tor needs stacker_lnd to be running to resolve the hidden service target | ||
# <-> stacker_lnd needs to wait for tor to start and generate the hidden service address | ||
# Afaik there isn't an "official" solution for this issue. | ||
# | ||
# This workaround starts tor the first time without the lnd hidden service | ||
# and then re-start tor with the full configuration after the lnd service is ready. | ||
|
||
|
||
if [ -f /tordata/start.timestamp ]; | ||
then | ||
# Remove leftovers from a previous run | ||
rm /tordata/start.timestamp | ||
fi | ||
|
||
if [ "$1" = "check" ]; | ||
then | ||
if [ ! -f /tordata/start.timestamp ]; then | ||
# if still initializing we just check if the hidden service was generated and use this as a healthcheck | ||
if [ -f /tordata/hidden_service/hostname ]; then exit 0; else exit 1; fi | ||
else | ||
# run the real healthcheck | ||
echo -e 'AUTHENTICATE "'$TOR_PASSWORD'"\nGETINFO status/circuit-established\nQUIT' | nc 127.0.0.1 9051 | grep OK || exit 1 | ||
exit 0 | ||
fi | ||
else | ||
# Step 1: we start tor with a fake hidden service that points to port 8080, | ||
# just to get it to generate the hidden service data, then we kill it immediately after | ||
echo "Initializing..." | ||
initialize | ||
tor -f /tordata/torrc & | ||
pid=$! | ||
sleep 60 | ||
kill $pid | ||
|
||
# debug | ||
ls /tordata/hidden_service/ | ||
|
||
# Step 2: we merge the service configuration and start tor again | ||
echo "Starting tor..." | ||
initialize | ||
mergeServices | ||
date +%s > /tordata/start.timestamp | ||
tor -f /tordata/torrc | ||
fi |
Oops, something went wrong.