Added different v3 onion addresses for traefik, bitcoin and ln

cyphernodeconf_docker/lib/app.js

@@ -274,8 +274,10 @@ module.exports = class App {
 
     // Tor...
     if( this.isChecked( 'features', 'tor' ) ) {
-      const torgen = new TorGen(this.destinationPath( path.join( destinationDirName, 'tor/hidden_service' ) ));
-      this.sessionData.tor_hostname = await torgen.generateTorFiles();
+      const torgen = new TorGen();
+      this.sessionData.tor_traefik_hostname = await torgen.generateTorFiles(this.destinationPath( path.join( destinationDirName, 'tor/traefik/hidden_service' ) ));
+      this.sessionData.tor_ln_hostname = await torgen.generateTorFiles(this.destinationPath( path.join( destinationDirName, 'tor/ln/hidden_service' ) ));
+      this.sessionData.tor_bitcoin_hostname = await torgen.generateTorFiles(this.destinationPath( path.join( destinationDirName, 'tor/bitcoin/hidden_service' ) ));
     }
 
     // creates keys if they don't exist or we say so.
@@ -428,8 +430,9 @@ module.exports = class App {
           prune_size: this.config.data.bitcoin_prune_size,
           expose: this.config.data.bitcoin_expose,
           uacomment: this.config.data.bitcoin_uacomment,
-          torified: this.torifyables.find(data => data.value === 'tor_bitcoinnode').checked,
-          clearnet: this.isChecked('clearnet', 'clearnet_bitcoinnode')
+          torified: this.torifyables.find(data => data.value === 'tor_bitcoin').checked,
+          clearnet: this.isChecked('clearnet', 'clearnet_bitcoinnode'),
+          tor_hostname: this.sessionData.tor_bitcoin_hostname
         }
       },
       {
@@ -482,6 +485,16 @@ module.exports = class App {
         host: 'broker',
         networks: ['cyphernodenet', 'cyphernodeappsnet'],
         docker: 'eclipse-mosquitto:'+this.config.docker_versions['eclipse-mosquitto']
+      },
+      {
+        name: 'Traefik',
+        label: 'traefik',
+        host: 'traefik',
+        networks: ['cyphernodeappsnet'],
+        docker: 'cyphernode/traefik:'+this.config.docker_versions['cyphernode/traefik'],
+        extra: {
+          tor_hostname: this.sessionData.tor_traefik_hostname,
+        }
       }
 
     ];
@@ -493,7 +506,9 @@ module.exports = class App {
         networks: ['cyphernodenet', 'cyphernodeappsnet'],
         docker: "cyphernode/tor:" + this.config.docker_versions['cyphernode/tor'],
         extra: {
-          hostname: this.sessionData.tor_hostname,
+          traefik_hostname: this.sessionData.tor_traefik_hostname,
+          ln_hostname: this.sessionData.tor_ln_hostname,
+          bitcoin_hostname: this.sessionData.tor_bitcoin_hostname,
         }
       },
       otsclient: {
@@ -513,8 +528,9 @@ module.exports = class App {
           expose: this.config.data.lightning_expose,
           external_ip: this.config.data.lightning_external_ip,
           implementation: this.config.data.lightning_implementation,
-          torified: this.torifyables.find(data => data.value === 'tor_lnnode').checked,
-          clearnet: this.isChecked('clearnet', 'clearnet_lnnode')
+          torified: this.torifyables.find(data => data.value === 'tor_ln').checked,
+          clearnet: this.isChecked('clearnet', 'clearnet_lnnode'),
+          tor_hostname: this.sessionData.tor_ln_hostname
         }
       }
     }

cyphernodeconf_docker/lib/torgen.js

@@ -5,21 +5,19 @@ const chalk = require('chalk');
 
 module.exports = class TorGen {
 
-  constructor( path ) {
-    this.path = path || './'
-  }
+  async generateTorFiles(path) {
+    path = path || './'
 
-  async generateTorFiles() {
-    if( !fs.existsSync(this.path) ) {
+    if( !fs.existsSync(path) ) {
       console.log(chalk.green( 'Creating Tor Hidden Service directory...' ));
-      fs.mkdirSync(this.path, { recursive: true });
+      fs.mkdirSync(path, { recursive: true });
     }
 
-    if( !fs.existsSync(this.path + '/hostname') ) {
+    if( !fs.existsSync(path + '/hostname') ) {
 
       console.log(chalk.green( 'Generating Tor Hidden Service secret key, public key and hostname...' ));
 
-      const torgenbin = spawn('./torgen/torgen', [this.path]);
+      const torgenbin = spawn('./torgen/torgen', [path]);
       try {
         await stringio.onExit( torgenbin );
       } catch( err ) {
@@ -32,7 +30,7 @@ module.exports = class TorGen {
     }
 
     try {
-      var data = fs.readFileSync(this.path + '/hostname', 'utf8');
+      var data = fs.readFileSync(path + '/hostname', 'utf8');
       // Remove the LF at the end of the host name
       return data.slice(0, -1);
     } catch (err) {

cyphernodeconf_docker/prompters/100_lightning.js

@@ -57,7 +57,7 @@ module.exports = {
       Next question is asked when lightning_annouce is YES and (not Tor or (Tor and LN clearnet)).
     */
     {
-      when: (props) => { return featureCondition(props) && props.lightning_announce && (props.torifyables.indexOf('tor_lnnode') == -1 || props.clearnet.indexOf('clearnet_lnnode') != -1) },
+      when: (props) => { return featureCondition(props) && props.lightning_announce && (props.torifyables.indexOf('tor_ln') == -1 || props.clearnet.indexOf('clearnet_lnnode') != -1) },
       type: 'input',
       name: 'lightning_external_ip',
       default: utils.getDefault( 'lightning_external_ip' ),

cyphernodeconf_docker/schema/config-v0.2.3.json

@@ -205,8 +205,8 @@
         "type": "string",
         "enum": [
           "tor_hiddenservice",
-          "tor_bitcoinnode",
-          "tor_lnnode",
+          "tor_bitcoin",
+          "tor_ln",
           "tor_otsoperations",
           "tor_otswebhooks",
           "tor_addrwatcheswebhooks",
@@ -216,8 +216,8 @@
         "default": "",
         "examples": [
           "tor_hiddenservice",
-          "tor_bitcoinnode",
-          "tor_lnnode",
+          "tor_bitcoin",
+          "tor_l",
           "tor_otsoperations",
           "tor_otswebhooks",
           "tor_addrwatcheswebhooks",

cyphernodeconf_docker/templates/bitcoin/bitcoin.conf

@@ -17,7 +17,7 @@ zmqpubrawtx=tcp://0.0.0.0:18502
 
 listen=1
 
-<% if ( torifyables.indexOf('tor_bitcoinnode') !== -1 ) { %>
+<% if ( torifyables.indexOf('tor_bitcoin') !== -1 ) { %>
 #tor
 proxy=tor:9050
 <% if ( clearnet.indexOf('clearnet_bitcoinnode') == -1 ) { %>

cyphernodeconf_docker/templates/installer/config.sh

@@ -13,6 +13,8 @@ TOR_DATAPATH=<%= tor_datapath %>
 TOR_OTS_WEBHOOKS=<%= (torifyables.indexOf('tor_otswebhooks') != -1)?'true':'false' %>
 TOR_ADDR_WATCH_WEBHOOKS=<%= (torifyables.indexOf('tor_addrwatcheswebhooks') != -1)?'true':'false' %>
 TOR_TXID_WATCH_WEBHOOKS=<%= (torifyables.indexOf('tor_txidwatcheswebhooks') != -1)?'true':'false' %>
+TOR_BITCOIN=<%= (torifyables.indexOf('tor_bitcoin') != -1)?'true':'false' %>
+TOR_LN=<%= (torifyables.indexOf('tor_ln') != -1)?'true':'false' %>
 <% } %>
 DOCKER_MODE=<%= docker_mode %>
 RUN_AS_USER=<%= run_as_different_user?username:'' %>

cyphernodeconf_docker/templates/installer/testdeployment.sh

@@ -81,6 +81,6 @@ printf "\r\n"
 printf "\033[0;95m<% cns.forEach(cn => { %><%= ('https://' + cn + ':' + traefik_https_port + '/welcome\\r\\n') %><% }) %>\033[0m\r\n"
 <% if ( features.indexOf('tor') !== -1 ) { %>
 printf "\033[0;92mYou can also use Tor Browser and navigate to your onion address:\r\n"
-printf "\033[0;95mhttps://${TOR_HOSTNAME}:<%= traefik_https_port %>/welcome\033[0m\r\n\r\n"
+printf "\033[0;95mhttps://${TOR_TRAEFIK_HOSTNAME}:<%= traefik_https_port %>/welcome\033[0m\r\n\r\n"
 <% } %>
 printf "\033[0;92mUse 'admin' as the username with the configuration password you selected at the beginning of the configuration process.\r\n\r\n\033[0m"

cyphernodeconf_docker/templates/installer/testfeatures.sh

@@ -441,5 +441,5 @@ echo "${result}" > /gatekeeper/installation.json
 
 echo "EXIT_STATUS=${finalreturncode}" > /dist/exitStatus.sh
 <% if (features.indexOf('tor') != -1) { %>
-echo "TOR_HOSTNAME=$(cat /dist/cyphernode/tor/hidden_service/hostname)" >> /dist/exitStatus.sh
+echo "TOR_TRAEFIK_HOSTNAME=$(cat /dist/.cyphernodeconf/tor/traefik/hidden_service/hostname)" >> /dist/exitStatus.sh
 <% } %>

cyphernodeconf_docker/templates/lightning/c-lightning/config

@@ -16,7 +16,7 @@ rgb=<%= lightning_nodecolor %>
 
 addr=0.0.0.0:9735
 
-<% if ( torifyables.indexOf('tor_lnnode') !== -1 ) { %>
+<% if ( torifyables.indexOf('tor_ln') !== -1 ) { %>
 # Tor
 # proxy=tor:9050 this has to be made at execution time because of getaddrinfo and alpine not being friends, see entrypoint.sh
 <% if ( clearnet.indexOf('clearnet_lnnode') == -1 ) { %>
@@ -26,7 +26,7 @@ disable-dns
 <% } %>
 <% if (lightning_announce) { %>
 # Announcing Tor address
-announce-addr=<%= locals.tor_hostname %>:9735
+announce-addr=<%= locals.tor_ln_hostname %>:9735
 <% if ( clearnet.indexOf('clearnet_lnnode') !== -1 ) { %>
 <% if( locals.lightning_external_ip ) { %>
 # Announcing clearnet address

cyphernodeconf_docker/templates/lightning/c-lightning/entrypoint.sh

@@ -2,7 +2,7 @@
 
 while [ ! -f "/bitcoin_monitor/up" ]; do echo "bitcoin not ready" ; sleep 10 ; done
 
-<% if ( torifyables.indexOf('tor_lnnode') !== -1 ) { %>
+<% if ( torifyables.indexOf('tor_ln') !== -1 ) { %>
 while [ -z "${TORIP}" ]; do echo "tor not ready" ; TORIP=$(getent hosts tor | awk '{ print $1 }') ; sleep 10 ; done
 
 echo "Tor ready at IP ${TORIP}"

cyphernodeconf_docker/templates/tor/torrc

@@ -1,12 +1,18 @@
 <% if ( torifyables.indexOf('tor_hiddenservice') !== -1 ) { %>
-HiddenServiceDir /tor/hidden_service/
+HiddenServiceDir /tor/traefik/hidden_service/
 HiddenServiceVersion 3
 HiddenServicePort <%= traefik_http_port %> traefik:<%= traefik_http_port %>
 HiddenServicePort <%= traefik_https_port %> traefik:<%= traefik_https_port %>
-<% if ( torifyables.indexOf('tor_lnnode') !== -1 && lightning_expose ) { %>
+<% if ( torifyables.indexOf('tor_ln') !== -1 && lightning_expose ) { %>
+
+HiddenServiceDir /tor/ln/hidden_service/
+HiddenServiceVersion 3
 HiddenServicePort 9735 lightning:9735
 <% } %>
-<% if ( torifyables.indexOf('tor_bitcoinnode') !== -1 && bitcoin_expose) { %>
+<% if ( torifyables.indexOf('tor_bitcoin') !== -1 && bitcoin_expose) { %>
+
+HiddenServiceDir /tor/bitcoin/hidden_service/
+HiddenServiceVersion 3
 HiddenServicePort 8333 bitcoin:8333
 <% } %>
 <% } %>

cyphernodeconf_docker/torifyables.json

@@ -5,11 +5,11 @@
   },
   {
     "name": "Bitcoin Node",
-    "value": "tor_bitcoinnode"
+    "value": "tor_bitcoin"
   },
   {
     "name": "LN Node",
-    "value": "tor_lnnode"
+    "value": "tor_ln"
   },
   {
     "name": "OTS stamp, upgrade and verify",

dist/setup.sh

@@ -401,15 +401,48 @@ install_docker() {
   if [[ $FEATURE_TOR == true ]]; then
     if [ ! -d $TOR_DATAPATH ]; then
       step "   create $TOR_DATAPATH"
-      sudo_if_required mkdir -p $TOR_DATAPATH/hidden_service
-      sudo_if_required chmod 700 $TOR_DATAPATH/hidden_service
+      sudo_if_required mkdir -p $TOR_DATAPATH
+      sudo_if_required chmod 700 $TOR_DATAPATH
       next
     fi
+    if [ ! -d $TOR_DATAPATH/traefik ]; then
+      step "   create $TOR_DATAPATH/traefik"
+      sudo_if_required mkdir -p $TOR_DATAPATH/traefik/hidden_service
+      sudo_if_required chmod 700 $TOR_DATAPATH/traefik/hidden_service
+      next
+    fi
+    if [[ $TOR_LN == true ]]; then
+      if [ ! -d $TOR_DATAPATH/ln ]; then
+        step "   create $TOR_DATAPATH/ln"
+        sudo_if_required mkdir -p $TOR_DATAPATH/ln/hidden_service
+        sudo_if_required chmod 700 $TOR_DATAPATH/ln/hidden_service
+        next
+      fi
+    fi
+    if [[ $TOR_BITCOIN == true ]]; then
+      if [ ! -d $TOR_DATAPATH/bitcoin ]; then
+        step "   create $TOR_DATAPATH/bitcoin"
+        sudo_if_required mkdir -p $TOR_DATAPATH/bitcoin/hidden_service
+        sudo_if_required chmod 700 $TOR_DATAPATH/bitcoin/hidden_service
+        next
+      fi
+    fi
 
     copy_file $cyphernodeconf_filepath/tor/torrc $TOR_DATAPATH/torrc 1 $SUDO_REQUIRED
-    copy_file $cyphernodeconf_filepath/tor/hidden_service/hs_ed25519_secret_key $TOR_DATAPATH/hidden_service/hs_ed25519_secret_key 1 $SUDO_REQUIRED
-    copy_file $cyphernodeconf_filepath/tor/hidden_service/hs_ed25519_public_key $TOR_DATAPATH/hidden_service/hs_ed25519_public_key 1 $SUDO_REQUIRED
-    copy_file $cyphernodeconf_filepath/tor/hidden_service/hostname $TOR_DATAPATH/hidden_service/hostname 1 $SUDO_REQUIRED
+    copy_file $cyphernodeconf_filepath/tor/traefik/hidden_service/hs_ed25519_secret_key $TOR_DATAPATH/traefik/hidden_service/hs_ed25519_secret_key 1 $SUDO_REQUIRED
+    copy_file $cyphernodeconf_filepath/tor/traefik/hidden_service/hs_ed25519_public_key $TOR_DATAPATH/traefik/hidden_service/hs_ed25519_public_key 1 $SUDO_REQUIRED
+    copy_file $cyphernodeconf_filepath/tor/traefik/hidden_service/hostname $TOR_DATAPATH/traefik/hidden_service/hostname 1 $SUDO_REQUIRED
+
+    if [[ $TOR_LN == true ]]; then
+      copy_file $cyphernodeconf_filepath/tor/ln/hidden_service/hs_ed25519_secret_key $TOR_DATAPATH/ln/hidden_service/hs_ed25519_secret_key 1 $SUDO_REQUIRED
+      copy_file $cyphernodeconf_filepath/tor/ln/hidden_service/hs_ed25519_public_key $TOR_DATAPATH/ln/hidden_service/hs_ed25519_public_key 1 $SUDO_REQUIRED
+      copy_file $cyphernodeconf_filepath/tor/ln/hidden_service/hostname $TOR_DATAPATH/ln/hidden_service/hostname 1 $SUDO_REQUIRED
+    fi
+    if [[ $TOR_BITCOIN == true ]]; then
+      copy_file $cyphernodeconf_filepath/tor/bitcoin/hidden_service/hs_ed25519_secret_key $TOR_DATAPATH/bitcoin/hidden_service/hs_ed25519_secret_key 1 $SUDO_REQUIRED
+      copy_file $cyphernodeconf_filepath/tor/bitcoin/hidden_service/hs_ed25519_public_key $TOR_DATAPATH/bitcoin/hidden_service/hs_ed25519_public_key 1 $SUDO_REQUIRED
+      copy_file $cyphernodeconf_filepath/tor/bitcoin/hidden_service/hostname $TOR_DATAPATH/bitcoin/hidden_service/hostname 1 $SUDO_REQUIRED
+    fi
   fi