Skip to content

Latest commit

 

History

History
81 lines (56 loc) · 4.24 KB

README.md

File metadata and controls

81 lines (56 loc) · 4.24 KB

go-torfluxdb - Anonymous metrics from Go

The aim of the go-torfluxdb project is to make it easy to collect metrics in an anonymous way, where the location of the reporter is hidden from the metrics server. This is mostly targeted towards software vendors wanting to gather measurements from devices outside of their control, without compromising on their users' privacy. These measures are meant to protect users from both asymmetric information abuse as well as long term data leaks.

Without going into technical details, the crux of this project is to tumble InfluxDB metrics reporting through the Tor network. This is achieved by clients using a Tor library for transmitting the measurements to the server; and vendors using a Tor proxy for aggregating those without leaving the Tor network. This ensures bi-directional anonymity as well as guaranteed end-to-end encryption without the possibility of messing it up.

Demo

For a detailed presentation and tutorial, please read the announcement blog post!

Quickstart

To support trying out TorfluxDB without any hassle, we've prepared an automated, pre-built docker image that contains both an InfluxDB server as well as the Tor proxy in front of it. You can easily start it up via:

$ docker run -p 8086:8086 ipsn/torfluxdb

The TorfluxDB container should behave exactly as a stock InfluxDB docker container, with an additional Tor onion endpoint opened, tunneling reuests from the Tor network into your InfluxDB instance. The image is auto-updated nightly to the latest Tor and InfluxDB releases.

The client side is based on the stock github.com/influxdata/influxdb/client/v2 library for reporting, requiring only a custom dialer to tunnel the data through the Tor network (note the custom onion address that you need to retrieve from your TorfluxDB logs):

import (
	"github.com/cretz/bine/tor"
	"github.com/influxdata/influxdb/client/v2"
	"github.com/ipsn/go-libtor"
)

func main() {
	// Start Tor with some defaults + elevated verbosity
	proxy, err := tor.Start(nil, &tor.StartConf{ProcessCreator: libtor.Creator, DebugWriter: os.Stderr, EnableNetwork: true, NoHush: true})
	if err != nil {
		panic(err)
	}
	defer proxy.Close()

	// Create an InfluxDB client tunneled through the Tor network
	dialer, err := proxy.Dialer(nil, nil)
	if err != nil {
		panic(err)
	}
	api, err := client.NewHTTPClient(client.HTTPConfig{
		Addr:        "http://<your-hash>.onion",
		DialContext: dialer.DialContext,
	})
	if err != nil {
		panic(err)
	}
	// [...]
}

The above code is based on the go-libtor library, which may not have been ported to your platform yet. You can use your own Tor static builds via tor-static in such cases (or better yet, port go-libtor and upstream it).

Production

When running a production setup, you'll probably want to keep your Tor proxy and InfluxDB database in separate docker containers. We have a standalone docker image featuring only the Tor proxy that can be fine tuned to fit your infrastructure:

$ docker run ipsn/torfluxproxy

You can fine tune the proxy with the following:

  • --influxdb flag being the remote address of the InfluxDB Instance.
  • --timeout flag being the maximum time to join the Tor network.
  • TORFLUXDB_ONIONKEY env-var being the onion private key.

If you don't have a private key yet (i.e. TORFLUXDB_ONIONKEY is empty), the proxy will generate an ephemeral one, that you can request to be printed out with the --printkey flag.

Setting the private key yourself will ensure the same onion address being produced on restarts. Please be aware that Tor's private key format is incompatible with Go's ed25519 library, so you'll need to let the proxy generate the key for you.

Credits

This repository is maintained by Péter Szilágyi (@karalabe), but it's mostly a utility wrapper around Tor, InfluxDB and various Go packages to make everything tick.

License

3-Clause BSD.