From a0c4b951d3b95d4232c393c5d7f1f70f88032fb7 Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 13:39:21 +0100 Subject: [PATCH 1/9] Run multiple Tor daemons --- docker-compose.yml | 10 ++++++++++ scripts/configure | 8 +++++++- scripts/update/.updateinclude | 1 + templates/.env-sample | 1 + templates/torrc-sample | 26 -------------------------- templates/torrc-umbrel-sample | 25 +++++++++++++++++++++++++ 6 files changed, 44 insertions(+), 27 deletions(-) create mode 100644 templates/torrc-umbrel-sample diff --git a/docker-compose.yml b/docker-compose.yml index 8b20a18b9..1a2e238e7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,6 +1,16 @@ version: '3.7' services: + umbrel_tor: + image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c + user: toruser + restart: on-failure + volumes: + - ${PWD}/tor/torrc-umbrel:/etc/tor/torrc + - ${PWD}/tor/data:/var/lib/tor/ + networks: + default: + ipv4_address: $UMBREL_TOR_IP tor: container_name: tor image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c diff --git a/scripts/configure b/scripts/configure index e20f99f9f..f713e9ff7 100755 --- a/scripts/configure +++ b/scripts/configure @@ -72,6 +72,7 @@ NGINX_CONF_FILE="./templates/nginx.conf" BITCOIN_CONF_FILE="./templates/bitcoin.conf" LND_CONF_FILE="./templates/lnd.conf" TOR_CONF_FILE="./templates/torrc" +UMBREL_TOR_CONF_FILE="./templates/torrc-umbrel" ELECTRS_CONF_FILE="./templates/electrs.toml" ENV_FILE="./templates/.env" @@ -81,6 +82,7 @@ ENV_FILE="./templates/.env" [[ -f "$BITCOIN_CONF_FILE" ]] && rm -f "$BITCOIN_CONF_FILE" [[ -f "$LND_CONF_FILE" ]] && rm -f "$LND_CONF_FILE" [[ -f "$TOR_CONF_FILE" ]] && rm -f "$TOR_CONF_FILE" +[[ -f "$UMBREL_TOR_CONF_FILE" ]] && rm -f "$UMBREL_TOR_CONF_FILE" [[ -f "$ELECTRS_CONF_FILE" ]] && rm -f "$ELECTRS_CONF_FILE" [[ -f "$ENV_FILE" ]] && rm -f "$ENV_FILE" @@ -89,6 +91,7 @@ ENV_FILE="./templates/.env" [[ -f "./templates/bitcoin-sample.conf" ]] && cp "./templates/bitcoin-sample.conf" "$BITCOIN_CONF_FILE" [[ -f "./templates/lnd-sample.conf" ]] && cp "./templates/lnd-sample.conf" "$LND_CONF_FILE" [[ -f "./templates/torrc-sample" ]] && cp "./templates/torrc-sample" "$TOR_CONF_FILE" +[[ -f "./templates/torrc-umbrel-sample" ]] && cp "./templates/torrc-umbrel-sample" "$UMBREL_TOR_CONF_FILE" [[ -f "./templates/electrs-sample.toml" ]] && cp "./templates/electrs-sample.toml" "$ELECTRS_CONF_FILE" [[ -f "./templates/.env-sample" ]] && cp "./templates/.env-sample" "$ENV_FILE" @@ -122,6 +125,7 @@ LND_REST_PORT="8080" ELECTRUM_IP="10.21.21.10" ELECTRUM_PORT="50001" TOR_PROXY_IP="10.21.21.11" +UMBREL_TOR_IP="10.21.21.47" TOR_PROXY_PORT="9050" # Apps @@ -292,7 +296,7 @@ if [[ "$BITCOIN_NETWORK" == "mainnet" ]] && [[ ! -f "${STATUS_DIR}/node-status-b fi # TODO: Update all the above code to use this simpler logic -for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "${TOR_CONF_FILE}" "${ELECTRS_CONF_FILE}" "${ENV_FILE}"; do +for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "${TOR_CONF_FILE}" "${UMBREL_TOR_CONF_FILE}" "${ELECTRS_CONF_FILE}" "${ENV_FILE}"; do # Umbrel sed -i "s//${NETWORK_IP}/g" "${template}" sed -i "s//${GATEWAY_IP}/g" "${template}" @@ -310,6 +314,7 @@ for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" " sed -i "s//${ELECTRUM_PORT}/g" "${template}" sed -i "s//${TOR_PROXY_IP}/g" "${template}" sed -i "s//${TOR_PROXY_PORT}/g" "${template}" + sed -i "s//${UMBREL_TOR_IP}/g" "${template}" sed -i "s//${BITCOIN_ZMQ_RAWBLOCK_PORT}/g;" "${template}" sed -i "s//${BITCOIN_ZMQ_RAWTX_PORT}/g;" "${template}" sed -i "s//${BITCOIN_ZMQ_HASHBLOCK_PORT}/g;" "${template}" @@ -384,6 +389,7 @@ done mv -f "$NGINX_CONF_FILE" "./nginx/nginx.conf" mv -f "$BITCOIN_CONF_FILE" "./bitcoin/bitcoin.conf" mv -f "$TOR_CONF_FILE" "./tor/torrc" +mv -f "$UMBREL_TOR_CONF_FILE" "./tor/torrc-umbrel" mv -f "$ELECTRS_CONF_FILE" "./electrs/electrs.toml" mv -f "$ENV_FILE" "./.env" diff --git a/scripts/update/.updateinclude b/scripts/update/.updateinclude index 70981eb8b..148d9c39a 100644 --- a/scripts/update/.updateinclude +++ b/scripts/update/.updateinclude @@ -1,4 +1,5 @@ .env bitcoin/bitcoin.conf tor/torrc +tor/torrc-umbrel electrs/electrs.toml diff --git a/templates/.env-sample b/templates/.env-sample index 062307475..74d64b1c7 100644 --- a/templates/.env-sample +++ b/templates/.env-sample @@ -26,6 +26,7 @@ TOR_PROXY_IP= TOR_PROXY_PORT= TOR_PASSWORD= TOR_HASHED_PASSWORD= +UMBREL_TOR_IP= DOCKER_BINARY= # Apps diff --git a/templates/torrc-sample b/templates/torrc-sample index 1b841d347..c670aaba5 100644 --- a/templates/torrc-sample +++ b/templates/torrc-sample @@ -6,32 +6,6 @@ SocksPort : ControlPort :29051 -# Umbrel - -# Dashboard Hidden Service -HiddenServiceDir /var/lib/tor/web -HiddenServicePort 80 :80 - -# Bitcoin Core P2P Hidden Service -HiddenServiceDir /var/lib/tor/bitcoin-p2p -HiddenServicePort : - -# Bitcoin Core RPC Hidden Service -HiddenServiceDir /var/lib/tor/bitcoin-rpc -HiddenServicePort : - -# Electrum Hidden Service -HiddenServiceDir /var/lib/tor/electrum -HiddenServicePort : - -# LND REST Hidden Service -HiddenServiceDir /var/lib/tor/lnd-rest -HiddenServicePort : - -# LND gRPC Hidden Service -HiddenServiceDir /var/lib/tor/lnd-grpc -HiddenServicePort : - # Apps # btc-rpc-explorer Hidden Service diff --git a/templates/torrc-umbrel-sample b/templates/torrc-umbrel-sample new file mode 100644 index 000000000..3d39ede8b --- /dev/null +++ b/templates/torrc-umbrel-sample @@ -0,0 +1,25 @@ +# Umbrel + +# Dashboard Hidden Service +HiddenServiceDir /var/lib/tor/web +HiddenServicePort 80 :80 + +# Bitcoin Core P2P Hidden Service +HiddenServiceDir /var/lib/tor/bitcoin-p2p +HiddenServicePort : + +# Bitcoin Core RPC Hidden Service +HiddenServiceDir /var/lib/tor/bitcoin-rpc +HiddenServicePort : + +# Electrum Hidden Service +HiddenServiceDir /var/lib/tor/electrum +HiddenServicePort : + +# LND REST Hidden Service +HiddenServiceDir /var/lib/tor/lnd-rest +HiddenServicePort : + +# LND gRPC Hidden Service +HiddenServiceDir /var/lib/tor/lnd-grpc +HiddenServicePort : From 17014579ee0d320d5c01887b23b653a8157325e6 Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 14:03:43 +0100 Subject: [PATCH 2/9] Run proxy and control port on Umbrel Tor --- docker-compose.yml | 17 ++++++++--------- scripts/configure | 18 +++++++++--------- templates/.env-sample | 2 +- templates/{torrc-sample => torrc-apps-sample} | 10 ---------- templates/torrc-umbrel-sample | 10 ++++++++++ 5 files changed, 28 insertions(+), 29 deletions(-) rename templates/{torrc-sample => torrc-apps-sample} (90%) diff --git a/docker-compose.yml b/docker-compose.yml index 1a2e238e7..d1c245eb9 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,30 +1,29 @@ version: '3.7' services: - umbrel_tor: + tor: + container_name: tor image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c user: toruser restart: on-failure volumes: - ${PWD}/tor/torrc-umbrel:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ + ports: + - "127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT" networks: default: - ipv4_address: $UMBREL_TOR_IP - tor: - container_name: tor + ipv4_address: $TOR_PROXY_IP + app_tor: image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c user: toruser restart: on-failure volumes: - - ${PWD}/tor/torrc:/etc/tor/torrc + - ${PWD}/tor/torrc-apps:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ - - ${PWD}/tor/run:/var/run/tor/ - ports: - - "127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT" networks: default: - ipv4_address: $TOR_PROXY_IP + ipv4_address: $APPS_TOR_IP nginx: container_name: nginx image: nginx:1.17.8@sha256:380eb808e2a3b0dd954f92c1cae2f845e6558a15037efefcabc5b4e03d666d03 diff --git a/scripts/configure b/scripts/configure index f713e9ff7..df0d78417 100755 --- a/scripts/configure +++ b/scripts/configure @@ -71,7 +71,7 @@ echo NGINX_CONF_FILE="./templates/nginx.conf" BITCOIN_CONF_FILE="./templates/bitcoin.conf" LND_CONF_FILE="./templates/lnd.conf" -TOR_CONF_FILE="./templates/torrc" +APPS_TOR_CONF_FILE="./templates/torrc-apps" UMBREL_TOR_CONF_FILE="./templates/torrc-umbrel" ELECTRS_CONF_FILE="./templates/electrs.toml" ENV_FILE="./templates/.env" @@ -81,7 +81,7 @@ ENV_FILE="./templates/.env" [[ -f "$NGINX_CONF_FILE" ]] && rm -f "$NGINX_CONF_FILE" [[ -f "$BITCOIN_CONF_FILE" ]] && rm -f "$BITCOIN_CONF_FILE" [[ -f "$LND_CONF_FILE" ]] && rm -f "$LND_CONF_FILE" -[[ -f "$TOR_CONF_FILE" ]] && rm -f "$TOR_CONF_FILE" +[[ -f "$APPS_TOR_CONF_FILE" ]] && rm -f "$APPS_TOR_CONF_FILE" [[ -f "$UMBREL_TOR_CONF_FILE" ]] && rm -f "$UMBREL_TOR_CONF_FILE" [[ -f "$ELECTRS_CONF_FILE" ]] && rm -f "$ELECTRS_CONF_FILE" [[ -f "$ENV_FILE" ]] && rm -f "$ENV_FILE" @@ -90,7 +90,7 @@ ENV_FILE="./templates/.env" [[ -f "./templates/nginx-sample.conf" ]] && cp "./templates/nginx-sample.conf" "$NGINX_CONF_FILE" [[ -f "./templates/bitcoin-sample.conf" ]] && cp "./templates/bitcoin-sample.conf" "$BITCOIN_CONF_FILE" [[ -f "./templates/lnd-sample.conf" ]] && cp "./templates/lnd-sample.conf" "$LND_CONF_FILE" -[[ -f "./templates/torrc-sample" ]] && cp "./templates/torrc-sample" "$TOR_CONF_FILE" +[[ -f "./templates/torrc-apps-sample" ]] && cp "./templates/torrc-apps-sample" "$APPS_TOR_CONF_FILE" [[ -f "./templates/torrc-umbrel-sample" ]] && cp "./templates/torrc-umbrel-sample" "$UMBREL_TOR_CONF_FILE" [[ -f "./templates/electrs-sample.toml" ]] && cp "./templates/electrs-sample.toml" "$ELECTRS_CONF_FILE" [[ -f "./templates/.env-sample" ]] && cp "./templates/.env-sample" "$ENV_FILE" @@ -125,7 +125,7 @@ LND_REST_PORT="8080" ELECTRUM_IP="10.21.21.10" ELECTRUM_PORT="50001" TOR_PROXY_IP="10.21.21.11" -UMBREL_TOR_IP="10.21.21.47" +APPS_TOR_IP="10.21.21.47" TOR_PROXY_PORT="9050" # Apps @@ -247,8 +247,8 @@ fi # Update RPC, P2P and ZMQ Ports sed -i "s/rpcport=/rpcport=$BITCOIN_RPC_PORT/g;" "$BITCOIN_CONF_FILE" sed -i "s/port=/port=$BITCOIN_P2P_PORT/g;" "$BITCOIN_CONF_FILE" -sed -i "s//$BITCOIN_RPC_PORT/g;" "$TOR_CONF_FILE" -sed -i "s//$BITCOIN_P2P_PORT/g;" "$TOR_CONF_FILE" +sed -i "s//$BITCOIN_RPC_PORT/g;" "$APPS_TOR_CONF_FILE" +sed -i "s//$BITCOIN_P2P_PORT/g;" "$APPS_TOR_CONF_FILE" sed -i "/daemon_rpc_addr/s//$BITCOIN_RPC_PORT/g;" "$ELECTRS_CONF_FILE" sed -i "s/BITCOIN_RPC_PORT=/BITCOIN_RPC_PORT=$BITCOIN_RPC_PORT/g;" "$ENV_FILE" sed -i "s/BITCOIN_P2P_PORT=/BITCOIN_P2P_PORT=$BITCOIN_P2P_PORT/g;" "$ENV_FILE" @@ -267,7 +267,7 @@ sed -i "s/BITCOIN_RPC_PASS=/BITCOIN_RPC_PASS=$BITCOIN_RPC_PASS/g;" "$E sed -i "s/BITCOIN_NETWORK=/BITCOIN_NETWORK=$BITCOIN_NETWORK/g;" "$ENV_FILE" # Add Tor password -sed -i "s/HashedControlPassword /HashedControlPassword $TOR_HASHED_PASSWORD/g;" "$TOR_CONF_FILE" +sed -i "s/HashedControlPassword /HashedControlPassword $TOR_HASHED_PASSWORD/g;" "$APPS_TOR_CONF_FILE" sed -i "s/torpassword=/torpassword=$TOR_PASSWORD/g;" "$BITCOIN_CONF_FILE" sed -i "s/tor.password=/tor.password=$TOR_PASSWORD/g;" "$LND_CONF_FILE" sed -i "s/TOR_PASSWORD=/TOR_PASSWORD=$TOR_PASSWORD/g;" "$ENV_FILE" @@ -314,7 +314,7 @@ for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" " sed -i "s//${ELECTRUM_PORT}/g" "${template}" sed -i "s//${TOR_PROXY_IP}/g" "${template}" sed -i "s//${TOR_PROXY_PORT}/g" "${template}" - sed -i "s//${UMBREL_TOR_IP}/g" "${template}" + sed -i "s//${APPS_TOR_IP}/g" "${template}" sed -i "s//${BITCOIN_ZMQ_RAWBLOCK_PORT}/g;" "${template}" sed -i "s//${BITCOIN_ZMQ_RAWTX_PORT}/g;" "${template}" sed -i "s//${BITCOIN_ZMQ_HASHBLOCK_PORT}/g;" "${template}" @@ -388,7 +388,7 @@ done mv -f "$NGINX_CONF_FILE" "./nginx/nginx.conf" mv -f "$BITCOIN_CONF_FILE" "./bitcoin/bitcoin.conf" -mv -f "$TOR_CONF_FILE" "./tor/torrc" +mv -f "$APPS_TOR_CONF_FILE" "./tor/torrc-apps" mv -f "$UMBREL_TOR_CONF_FILE" "./tor/torrc-umbrel" mv -f "$ELECTRS_CONF_FILE" "./electrs/electrs.toml" mv -f "$ENV_FILE" "./.env" diff --git a/templates/.env-sample b/templates/.env-sample index 74d64b1c7..6cdfc399f 100644 --- a/templates/.env-sample +++ b/templates/.env-sample @@ -26,7 +26,7 @@ TOR_PROXY_IP= TOR_PROXY_PORT= TOR_PASSWORD= TOR_HASHED_PASSWORD= -UMBREL_TOR_IP= +APPS_TOR_IP= DOCKER_BINARY= # Apps diff --git a/templates/torrc-sample b/templates/torrc-apps-sample similarity index 90% rename from templates/torrc-sample rename to templates/torrc-apps-sample index c670aaba5..bfeb2c872 100644 --- a/templates/torrc-sample +++ b/templates/torrc-apps-sample @@ -1,11 +1,3 @@ -# Warning: it's not recommended to modify these files directly. Any -# modifications you make can break the functionality of your umbrel. These files -# are automatically reset with every Umbrel update. - -# Bind only to "" which is the tor IP within the container -SocksPort : -ControlPort :29051 - # Apps # btc-rpc-explorer Hidden Service @@ -104,5 +96,3 @@ HiddenServicePort 80 : # code-server Hidden Service HiddenServiceDir /var/lib/tor/app-code-server HiddenServicePort 80 :8080 - -HashedControlPassword diff --git a/templates/torrc-umbrel-sample b/templates/torrc-umbrel-sample index 3d39ede8b..a339fd4ca 100644 --- a/templates/torrc-umbrel-sample +++ b/templates/torrc-umbrel-sample @@ -1,3 +1,11 @@ +# Warning: it's not recommended to modify these files directly. Any +# modifications you make can break the functionality of your umbrel. These files +# are automatically reset with every Umbrel update. + +# Bind only to "" which is the tor IP within the container +SocksPort : +ControlPort :29051 + # Umbrel # Dashboard Hidden Service @@ -23,3 +31,5 @@ HiddenServicePort : # LND gRPC Hidden Service HiddenServiceDir /var/lib/tor/lnd-grpc HiddenServicePort : + +HashedControlPassword From 69226137d0d74361294f0de660d8b8c4e430f2df Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 14:18:17 +0100 Subject: [PATCH 3/9] Fixes --- scripts/configure | 2 +- scripts/update/.updateinclude | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/configure b/scripts/configure index df0d78417..15a54a873 100755 --- a/scripts/configure +++ b/scripts/configure @@ -296,7 +296,7 @@ if [[ "$BITCOIN_NETWORK" == "mainnet" ]] && [[ ! -f "${STATUS_DIR}/node-status-b fi # TODO: Update all the above code to use this simpler logic -for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "${TOR_CONF_FILE}" "${UMBREL_TOR_CONF_FILE}" "${ELECTRS_CONF_FILE}" "${ENV_FILE}"; do +for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "${APPS_TOR_CONF_FILE}" "${UMBREL_TOR_CONF_FILE}" "${ELECTRS_CONF_FILE}" "${ENV_FILE}"; do # Umbrel sed -i "s//${NETWORK_IP}/g" "${template}" sed -i "s//${GATEWAY_IP}/g" "${template}" diff --git a/scripts/update/.updateinclude b/scripts/update/.updateinclude index 148d9c39a..76488cdbd 100644 --- a/scripts/update/.updateinclude +++ b/scripts/update/.updateinclude @@ -1,5 +1,5 @@ .env bitcoin/bitcoin.conf -tor/torrc +tor/torrc-apps tor/torrc-umbrel electrs/electrs.toml From ed4d3f9148403b9c0dcfde23221136c21b849349 Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 14:57:48 +0100 Subject: [PATCH 4/9] Fix --- scripts/configure | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/configure b/scripts/configure index 15a54a873..cba553381 100755 --- a/scripts/configure +++ b/scripts/configure @@ -247,8 +247,8 @@ fi # Update RPC, P2P and ZMQ Ports sed -i "s/rpcport=/rpcport=$BITCOIN_RPC_PORT/g;" "$BITCOIN_CONF_FILE" sed -i "s/port=/port=$BITCOIN_P2P_PORT/g;" "$BITCOIN_CONF_FILE" -sed -i "s//$BITCOIN_RPC_PORT/g;" "$APPS_TOR_CONF_FILE" -sed -i "s//$BITCOIN_P2P_PORT/g;" "$APPS_TOR_CONF_FILE" +sed -i "s//$BITCOIN_RPC_PORT/g;" "$UMBREL_TOR_CONF_FILE" +sed -i "s//$BITCOIN_P2P_PORT/g;" "$UMBREL_TOR_CONF_FILE" sed -i "/daemon_rpc_addr/s//$BITCOIN_RPC_PORT/g;" "$ELECTRS_CONF_FILE" sed -i "s/BITCOIN_RPC_PORT=/BITCOIN_RPC_PORT=$BITCOIN_RPC_PORT/g;" "$ENV_FILE" sed -i "s/BITCOIN_P2P_PORT=/BITCOIN_P2P_PORT=$BITCOIN_P2P_PORT/g;" "$ENV_FILE" @@ -267,7 +267,7 @@ sed -i "s/BITCOIN_RPC_PASS=/BITCOIN_RPC_PASS=$BITCOIN_RPC_PASS/g;" "$E sed -i "s/BITCOIN_NETWORK=/BITCOIN_NETWORK=$BITCOIN_NETWORK/g;" "$ENV_FILE" # Add Tor password -sed -i "s/HashedControlPassword /HashedControlPassword $TOR_HASHED_PASSWORD/g;" "$APPS_TOR_CONF_FILE" +sed -i "s/HashedControlPassword /HashedControlPassword $TOR_HASHED_PASSWORD/g;" "$UMBREL_TOR_CONF_FILE" sed -i "s/torpassword=/torpassword=$TOR_PASSWORD/g;" "$BITCOIN_CONF_FILE" sed -i "s/tor.password=/tor.password=$TOR_PASSWORD/g;" "$LND_CONF_FILE" sed -i "s/TOR_PASSWORD=/TOR_PASSWORD=$TOR_PASSWORD/g;" "$ENV_FILE" From 703e704d9e8ec0554307df6e61284ee68f06ac76 Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 15:53:18 +0100 Subject: [PATCH 5/9] Add third Tor daemon --- docker-compose.yml | 10 +++++++ scripts/configure | 7 ++++- templates/.env-sample | 1 + templates/torrc-apps-2-sample | 55 +++++++++++++++++++++++++++++++++++ templates/torrc-apps-sample | 54 ---------------------------------- 5 files changed, 72 insertions(+), 55 deletions(-) create mode 100644 templates/torrc-apps-2-sample diff --git a/docker-compose.yml b/docker-compose.yml index d1c245eb9..d26bb5412 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -24,6 +24,16 @@ services: networks: default: ipv4_address: $APPS_TOR_IP + app_2_tor: + image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c + user: toruser + restart: on-failure + volumes: + - ${PWD}/tor/torrc-apps-2:/etc/tor/torrc + - ${PWD}/tor/data:/var/lib/tor/ + networks: + default: + ipv4_address: $APPS_2_TOR_IP nginx: container_name: nginx image: nginx:1.17.8@sha256:380eb808e2a3b0dd954f92c1cae2f845e6558a15037efefcabc5b4e03d666d03 diff --git a/scripts/configure b/scripts/configure index cba553381..915b0c358 100755 --- a/scripts/configure +++ b/scripts/configure @@ -72,6 +72,7 @@ NGINX_CONF_FILE="./templates/nginx.conf" BITCOIN_CONF_FILE="./templates/bitcoin.conf" LND_CONF_FILE="./templates/lnd.conf" APPS_TOR_CONF_FILE="./templates/torrc-apps" +APPS_2_TOR_CONF_FILE="./templates/torrc-apps-2" UMBREL_TOR_CONF_FILE="./templates/torrc-umbrel" ELECTRS_CONF_FILE="./templates/electrs.toml" ENV_FILE="./templates/.env" @@ -82,6 +83,7 @@ ENV_FILE="./templates/.env" [[ -f "$BITCOIN_CONF_FILE" ]] && rm -f "$BITCOIN_CONF_FILE" [[ -f "$LND_CONF_FILE" ]] && rm -f "$LND_CONF_FILE" [[ -f "$APPS_TOR_CONF_FILE" ]] && rm -f "$APPS_TOR_CONF_FILE" +[[ -f "$APPS_2_TOR_CONF_FILE" ]] && rm -f "$APPS_2_TOR_CONF_FILE" [[ -f "$UMBREL_TOR_CONF_FILE" ]] && rm -f "$UMBREL_TOR_CONF_FILE" [[ -f "$ELECTRS_CONF_FILE" ]] && rm -f "$ELECTRS_CONF_FILE" [[ -f "$ENV_FILE" ]] && rm -f "$ENV_FILE" @@ -91,6 +93,7 @@ ENV_FILE="./templates/.env" [[ -f "./templates/bitcoin-sample.conf" ]] && cp "./templates/bitcoin-sample.conf" "$BITCOIN_CONF_FILE" [[ -f "./templates/lnd-sample.conf" ]] && cp "./templates/lnd-sample.conf" "$LND_CONF_FILE" [[ -f "./templates/torrc-apps-sample" ]] && cp "./templates/torrc-apps-sample" "$APPS_TOR_CONF_FILE" +[[ -f "./templates/torrc-apps-2-sample" ]] && cp "./templates/torrc-apps-2-sample" "$APPS_2_TOR_CONF_FILE" [[ -f "./templates/torrc-umbrel-sample" ]] && cp "./templates/torrc-umbrel-sample" "$UMBREL_TOR_CONF_FILE" [[ -f "./templates/electrs-sample.toml" ]] && cp "./templates/electrs-sample.toml" "$ELECTRS_CONF_FILE" [[ -f "./templates/.env-sample" ]] && cp "./templates/.env-sample" "$ENV_FILE" @@ -126,6 +129,7 @@ ELECTRUM_IP="10.21.21.10" ELECTRUM_PORT="50001" TOR_PROXY_IP="10.21.21.11" APPS_TOR_IP="10.21.21.47" +APPS_2_TOR_IP="10.21.21.48" TOR_PROXY_PORT="9050" # Apps @@ -296,7 +300,7 @@ if [[ "$BITCOIN_NETWORK" == "mainnet" ]] && [[ ! -f "${STATUS_DIR}/node-status-b fi # TODO: Update all the above code to use this simpler logic -for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "${APPS_TOR_CONF_FILE}" "${UMBREL_TOR_CONF_FILE}" "${ELECTRS_CONF_FILE}" "${ENV_FILE}"; do +for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "${APPS_TOR_CONF_FILE}" "${APPS_2_TOR_CONF_FILE}" "${UMBREL_TOR_CONF_FILE}" "${ELECTRS_CONF_FILE}" "${ENV_FILE}"; do # Umbrel sed -i "s//${NETWORK_IP}/g" "${template}" sed -i "s//${GATEWAY_IP}/g" "${template}" @@ -389,6 +393,7 @@ done mv -f "$NGINX_CONF_FILE" "./nginx/nginx.conf" mv -f "$BITCOIN_CONF_FILE" "./bitcoin/bitcoin.conf" mv -f "$APPS_TOR_CONF_FILE" "./tor/torrc-apps" +mv -f "$APPS_2_TOR_CONF_FILE" "./tor/torrc-apps-2" mv -f "$UMBREL_TOR_CONF_FILE" "./tor/torrc-umbrel" mv -f "$ELECTRS_CONF_FILE" "./electrs/electrs.toml" mv -f "$ENV_FILE" "./.env" diff --git a/templates/.env-sample b/templates/.env-sample index 6cdfc399f..b5390884b 100644 --- a/templates/.env-sample +++ b/templates/.env-sample @@ -27,6 +27,7 @@ TOR_PROXY_PORT= TOR_PASSWORD= TOR_HASHED_PASSWORD= APPS_TOR_IP= +APPS_2_TOR_IP= DOCKER_BINARY= # Apps diff --git a/templates/torrc-apps-2-sample b/templates/torrc-apps-2-sample new file mode 100644 index 000000000..0181cf226 --- /dev/null +++ b/templates/torrc-apps-2-sample @@ -0,0 +1,55 @@ +# Apps 2 + +# samourai-server dojo Hidden Service +HiddenServiceDir /var/lib/tor/app-samourai-server-dojo +HiddenServicePort 80 :80 + +# samourai-server connect Hidden Service +HiddenServiceDir /var/lib/tor/app-samourai-server +HiddenServicePort 80 :8081 + +# samourai-server whirlpool Hidden Service +HiddenServiceDir /var/lib/tor/app-samourai-server-whirlpool +HiddenServicePort 80 : + +# LndHub Hidden Service +HiddenServiceDir /var/lib/tor/app-bluewallet +HiddenServicePort 80 : + +# nextcloud Hidden Service +HiddenServiceDir /var/lib/tor/app-nextcloud +HiddenServicePort 80 :80 + +# pi-hole Hidden Service +HiddenServiceDir /var/lib/tor/app-pi-hole +HiddenServicePort 80 :80 + +# home-assistant Hidden Service +HiddenServiceDir /var/lib/tor/app-home-assistant +HiddenServicePort 80 :8123 + +# gitea Hidden Service +HiddenServiceDir /var/lib/tor/app-gitea +HiddenServicePort 80 : +HiddenServicePort 22 : + +# simple-torrent Hidden Service +HiddenServiceDir /var/lib/tor/app-simple-torrent +HiddenServicePort 80 : + +# synapse Hidden Service +HiddenServiceDir /var/lib/tor/app-synapse +HiddenServicePort 80 : +HiddenServicePort : + +# element Hidden Service +HiddenServiceDir /var/lib/tor/app-element +HiddenServicePort 80 :80 + +# vaultwarden Hidden Service +HiddenServiceDir /var/lib/tor/app-vaultwarden +HiddenServicePort 80 : + +# code-server Hidden Service +HiddenServiceDir /var/lib/tor/app-code-server +HiddenServicePort 80 :8080 diff --git a/templates/torrc-apps-sample b/templates/torrc-apps-sample index bfeb2c872..a96c76b99 100644 --- a/templates/torrc-apps-sample +++ b/templates/torrc-apps-sample @@ -42,57 +42,3 @@ HiddenServicePort 80 : # mempool Hidden Service HiddenServiceDir /var/lib/tor/app-mempool HiddenServicePort 80 : - -# samourai-server dojo Hidden Service -HiddenServiceDir /var/lib/tor/app-samourai-server-dojo -HiddenServicePort 80 :80 - -# samourai-server connect Hidden Service -HiddenServiceDir /var/lib/tor/app-samourai-server -HiddenServicePort 80 :8081 - -# samourai-server whirlpool Hidden Service -HiddenServiceDir /var/lib/tor/app-samourai-server-whirlpool -HiddenServicePort 80 : - -# LndHub Hidden Service -HiddenServiceDir /var/lib/tor/app-bluewallet -HiddenServicePort 80 : - -# nextcloud Hidden Service -HiddenServiceDir /var/lib/tor/app-nextcloud -HiddenServicePort 80 :80 - -# pi-hole Hidden Service -HiddenServiceDir /var/lib/tor/app-pi-hole -HiddenServicePort 80 :80 - -# home-assistant Hidden Service -HiddenServiceDir /var/lib/tor/app-home-assistant -HiddenServicePort 80 :8123 - -# gitea Hidden Service -HiddenServiceDir /var/lib/tor/app-gitea -HiddenServicePort 80 : -HiddenServicePort 22 : - -# simple-torrent Hidden Service -HiddenServiceDir /var/lib/tor/app-simple-torrent -HiddenServicePort 80 : - -# synapse Hidden Service -HiddenServiceDir /var/lib/tor/app-synapse -HiddenServicePort 80 : -HiddenServicePort : - -# element Hidden Service -HiddenServiceDir /var/lib/tor/app-element -HiddenServicePort 80 :80 - -# vaultwarden Hidden Service -HiddenServiceDir /var/lib/tor/app-vaultwarden -HiddenServicePort 80 : - -# code-server Hidden Service -HiddenServiceDir /var/lib/tor/app-code-server -HiddenServicePort 80 :8080 From 147d5cd231ae5868ef3ce477d35aef463edac886 Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 16:05:16 +0100 Subject: [PATCH 6/9] Fix --- scripts/configure | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/configure b/scripts/configure index 915b0c358..86e07a4cf 100755 --- a/scripts/configure +++ b/scripts/configure @@ -319,6 +319,7 @@ for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" " sed -i "s//${TOR_PROXY_IP}/g" "${template}" sed -i "s//${TOR_PROXY_PORT}/g" "${template}" sed -i "s//${APPS_TOR_IP}/g" "${template}" + sed -i "s//${APPS_2_TOR_IP}/g" "${template}" sed -i "s//${BITCOIN_ZMQ_RAWBLOCK_PORT}/g;" "${template}" sed -i "s//${BITCOIN_ZMQ_RAWTX_PORT}/g;" "${template}" sed -i "s//${BITCOIN_ZMQ_HASHBLOCK_PORT}/g;" "${template}" From 4757be401e258f5058e68687ade2929699a2e893 Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 17:21:18 +0100 Subject: [PATCH 7/9] Mount torrc as dir --- docker-compose.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index d26bb5412..d3aa40f1f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,8 +6,9 @@ services: image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c user: toruser restart: on-failure + command: -f /data/torrc-umbrel volumes: - - ${PWD}/tor/torrc-umbrel:/etc/tor/torrc + - ${PWD}/tor/:/data - ${PWD}/tor/data:/var/lib/tor/ ports: - "127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT" @@ -18,8 +19,9 @@ services: image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c user: toruser restart: on-failure + command: -f /data/torrc-apps volumes: - - ${PWD}/tor/torrc-apps:/etc/tor/torrc + - ${PWD}/tor/:/data - ${PWD}/tor/data:/var/lib/tor/ networks: default: @@ -28,8 +30,9 @@ services: image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c user: toruser restart: on-failure + command: -f /data/torrc-apps-2 volumes: - - ${PWD}/tor/torrc-apps-2:/etc/tor/torrc + - ${PWD}/tor/:/data - ${PWD}/tor/data:/var/lib/tor/ networks: default: From 4beb16af8b085ab26279e6d9c90837a32b0d0f24 Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 17:26:27 +0100 Subject: [PATCH 8/9] fix --- scripts/update/.updateinclude | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/update/.updateinclude b/scripts/update/.updateinclude index 76488cdbd..7aaf1ebaf 100644 --- a/scripts/update/.updateinclude +++ b/scripts/update/.updateinclude @@ -1,5 +1,6 @@ .env bitcoin/bitcoin.conf tor/torrc-apps +tor/torrc-apps-2 tor/torrc-umbrel electrs/electrs.toml From 623554fc29a03b72b41e72b30c4aa1a0c24c5144 Mon Sep 17 00:00:00 2001 From: Luke Childs Date: Thu, 19 Aug 2021 17:39:29 +0100 Subject: [PATCH 9/9] Revert "Mount torrc as dir" This reverts commit 4757be401e258f5058e68687ade2929699a2e893. --- docker-compose.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index d3aa40f1f..d26bb5412 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,9 +6,8 @@ services: image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c user: toruser restart: on-failure - command: -f /data/torrc-umbrel volumes: - - ${PWD}/tor/:/data + - ${PWD}/tor/torrc-umbrel:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ ports: - "127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT" @@ -19,9 +18,8 @@ services: image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c user: toruser restart: on-failure - command: -f /data/torrc-apps volumes: - - ${PWD}/tor/:/data + - ${PWD}/tor/torrc-apps:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ networks: default: @@ -30,9 +28,8 @@ services: image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c user: toruser restart: on-failure - command: -f /data/torrc-apps-2 volumes: - - ${PWD}/tor/:/data + - ${PWD}/tor/torrc-apps-2:/etc/tor/torrc - ${PWD}/tor/data:/var/lib/tor/ networks: default: