aljaz/cyphernode
1
0
Fork 0
mirror of https://github.com/aljazceru/cyphernode.git synced 2026-01-31 10:14:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added Tor container with hidden service

Browse Source
This commit is contained in:
kexkey
2019-11-08 11:20:15 -05:00
committed by kexkey
parent 9e561a2148
commit 477c93468f
18 changed files with 843 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build.sh
View File

@@ -5,6 +5,7 @@ TRACING=1
# CYPHERNODE VERSION "v0.2.4"
CONF_VERSION="v0.2.4-local"
GATEKEEPER_VERSION="v0.2.4-local"
TOR_VERSION="v0.2.4-local"
PROXY_VERSION="v0.2.4-local"
NOTIFIER_VERSION="v0.2.4-local"
PROXYCRON_VERSION="v0.2.4-local"
@@ -36,6 +37,7 @@ build_docker_images() {
trace "Creating cyphernode images"
docker build api_auth_docker/ -t cyphernode/gatekeeper:$GATEKEEPER_VERSION \
&& docker build tor_docker/ -t cyphernode/tor:$TOR_VERSION \
&& docker build proxy_docker/ -t cyphernode/proxy:$PROXY_VERSION \
&& docker build notifier_docker/ -t cyphernode/notifier:$NOTIFIER_VERSION \
&& docker build cron_docker/ -t cyphernode/proxycron:$PROXYCRON_VERSION \

2
cyphernodeconf_docker/help.json
View File

@@ -19,6 +19,8 @@
"gatekeeper_cns": "I use <font underline='true'>domain names</font> and/or <font underline='true'>IP addresses</font> to create valid TLS certificates. For example, if <font color='# 0000ff'>https://cyphernodehost/getbestblockhash</font> and <font color='# 0000ff'>https://192.168.7.44/getbestblockhash</font> will be used, enter <font color='# 0000ff'>cyphernodehost, 192.168.7.44</font> as a possible domains. <font color='# 0000ff'>127.0.0.1, localhost, gatekeeper</font> will be automatically added to your list. Make sure the provided domain names are in your DNS or client's hosts file and is reachable.",
"traefik_datapath": "The Traefik's files will be stored in a container's mounted directory. Please provide the <font underline='true'>local mounted path</font> to that directory. <font color='#ff0000'>If running on OSX, check mountable directories in Docker's File Sharing configs.</font>",
"traefik_datapath_custom": "Provide the <font underline='true'>full path name</font> where the Traefik's files will be saved.",
"tor_datapath": "The Tor's files will be stored in a container's mounted directory. Please provide the <font underline='true'>local mounted path</font> to that directory. <font color='#ff0000'>If running on OSX, check mountable directories in Docker's File Sharing configs.</font>",
"tor_datapath_custom": "Provide the <font underline='true'>full path name</font> where the Tor's files will be saved.",
"bitcoin_mode": "Cyphernode will spawn a new <font underline='true'>Bitcoin Core</font> full node for its own use. If you already have Bitcoin Core node data, you can use the directory containing that data directly or copy the contents of it to a new directory to be used by cyphernode. Be aware that the files might change ownership, if you run cyphernode as a different user. In case you want to move the blockchain data to another node you might need to change the owner to fit the configuration of that node.",
"bitcoin_node_ip": "Cyphernode uses <font color='#00ff00'>Bitcoin Core</font> RPC interface for its tasks. Please provide the <font underline='true'>IP address</font> of your current Bitcoin Core node.",
"bitcoin_rpcuser": "Bitcoin Core's <font underline='true'>RPC username</font> used by Cyphernode when calling the node.",

3
cyphernodeconf_docker/lib/app.js
View File

@@ -79,6 +79,7 @@ module.exports = class App {
setupDir: process.env.SETUP_DIR || path.join( process.env.HOME, 'cyphernode' ),
default_username: process.env.DEFAULT_USER || '',
gatekeeper_version: process.env.GATEKEEPER_VERSION,
tor_version: process.env.TOR_VERSION,
gatekeeper_cns: process.env.DEFAULT_CERT_HOSTNAME,
proxy_version: process.env.PROXY_VERSION,
proxycron_version: process.env.PROXYCRON_VERSION,
@@ -137,6 +138,7 @@ module.exports = class App {
docker_versions: {
'cyphernode/bitcoin': this.sessionData.bitcoin_version,
'cyphernode/gatekeeper': this.sessionData.gatekeeper_version,
'cyphernode/tor': this.sessionData.tor_version,
'cyphernode/proxy': this.sessionData.proxy_version,
'cyphernode/proxycron': this.sessionData.proxycron_version,
'cyphernode/pycoin': this.sessionData.pycoin_version,
@@ -334,6 +336,7 @@ module.exports = class App {
const pathProps = [
'gatekeeper_datapath',
'traefik_datapath',
'tor_datapath',
'proxy_datapath',
'bitcoin_datapath',
'lightning_datapath',

16
cyphernodeconf_docker/lib/config.js
View File

@@ -9,10 +9,11 @@ const colorsys = require( 'colorsys');
const schemas = {
'0.1.0': require('../schema/config-v0.1.0.json'),
'0.2.0': require('../schema/config-v0.2.0.json'),
'0.2.2': require('../schema/config-v0.2.2.json')
'0.2.2': require('../schema/config-v0.2.2.json'),
'0.2.3': require('../schema/config-v0.2.3.json')
};
const versionHistory = [ '0.1.0', '0.2.0', '0.2.2' ];
const versionHistory = [ '0.1.0', '0.2.0', '0.2.2', '0.2.3' ];
const defaultSchemaVersion=versionHistory[0];
const latestSchemaVersion=versionHistory[versionHistory.length-1];
@@ -40,7 +41,8 @@ module.exports = class Config {
this.migrations = {
'0.1.0->0.2.0': this.migrate_0_1_0_to_0_2_0,
'0.2.0->0.2.2': this.migrate_0_2_0_to_0_2_2
'0.2.0->0.2.2': this.migrate_0_2_0_to_0_2_2,
'0.2.2->0.2.3': this.migrate_0_2_2_to_0_2_3
};
this.setData( { schema_version: latestSchemaVersion } );
@@ -217,4 +219,12 @@ module.exports = class Config {
this.data.gatekeeper_expose = true;
}
async migrate_0_2_2_to_0_2_3() {
const currentVersion = this.data.schema_version;
if( currentVersion != '0.2.2' ) {
return;
}
this.data.schema_version = '0.2.3';
}
};

24
cyphernodeconf_docker/prompters/040_tor.js Normal file
View File

@@ -0,0 +1,24 @@
const chalk = require('chalk');
const name = 'tor';
const capitalise = function( txt ) {
return txt.charAt(0).toUpperCase() + txt.substr(1);
};
const prefix = function() {
return chalk.green(capitalise(name)+': ');
};
module.exports = {
name: function() {
return name;
},
prompts: function( utils ) {
return [
];
},
templates: function( props ) {
return [ 'torrc' ];
}
};

38
cyphernodeconf_docker/prompters/999_installer.js
View File

@@ -68,6 +68,44 @@ module.exports = {
validate: utils.pathValidator,
message: prefix()+'Custom path for traefik data?'+utils.getHelp('traefik_datapath_custom'),
},
{
when: installerDocker,
type: 'list',
name: 'tor_datapath',
default: utils.getDefault( 'tor_datapath' ),
choices: [
{
name: utils.setupDir()+"/cyphernode/tor",
value: utils.setupDir()+"/cyphernode/tor"
},
{
name: utils.defaultDataDirBase()+"/cyphernode/tor",
value: utils.defaultDataDirBase()+"/cyphernode/tor"
},
{
name: utils.defaultDataDirBase()+"/.cyphernode/tor",
value: utils.defaultDataDirBase()+"/.cyphernode/tor"
},
{
name: utils.defaultDataDirBase()+"/tor",
value: utils.defaultDataDirBase()+"/tor"
},
{
name: "Custom path",
value: "_custom"
}
],
message: prefix()+'Where do you want to store your tor data?'+utils.getHelp('tor_datapath'),
},
{
when: (props)=>{ return installerDocker(props) && (props.tor_datapath === '_custom') },
type: 'input',
name: 'tor_datapath_custom',
default: utils.getDefault( 'tor_datapath_custom' ),
filter: utils.trimFilter,
validate: utils.pathValidator,
message: prefix()+'Custom path for tor data?'+utils.getHelp('tor_datapath_custom'),
},
{
when: installerDocker,
type: 'list',

2
cyphernodeconf_docker/run.sh
View File

@@ -10,6 +10,7 @@ export BITCOIN_VERSION=v0.18.0
export LIGHTNING_VERSION=v0.7.1
export DEFAULT_DATADIR_BASE=$HOME
export GATEKEEPER_VERSION=v0.2.4
export TOR_VERSION=v0.2.4
export PROXY_VERSION=v0.2.4
export OTSCLIENT_VERSION=v0.2.4
export NOTIFIER_VERSION=v0.2.4
@@ -25,6 +26,7 @@ if [ "${MODE}" = 'docker' ]; then
-e SETUP_DIR=$SETUP_DIR \
-e DEFAULT_CERT_HOSTNAME=$(hostname) \
-e GATEKEEPER_VERSION=$GATEKEEPER_VERSION \
-e TOR_VERSION=$TOR_VERSION \
-e PROXY_VERSION=$PROXY_VERSION \
-e NOTIFIER_VERSION=$NOTIFIER_VERSION \
-e PROXYCRON_VERSION=$PROXYCRON_VERSION \

607
cyphernodeconf_docker/schema/config-v0.2.3.json Normal file
View File

@@ -0,0 +1,607 @@
{
"definitions": {},
"$schema": "http://json-schema.org/draft-07/schema#",
"$id": "http://cyphernode.io/config-v0.2.3.json",
"type": "object",
"title": "Cyphernode config file structure v0.2.3",
"additionalProperties": false,
"required": [
"schema_version",
"setup_version",
"features",
"net",
"use_xpub",
"installer_mode",
"run_as_different_user",
"docker_mode",
"docker_versions",
"adminhash",
"bitcoin_rpcuser",
"bitcoin_rpcpassword",
"bitcoin_prune",
"bitcoin_datapath",
"bitcoin_mode",
"bitcoin_expose",
"gatekeeper_expose",
"gatekeeper_keys",
"gatekeeper_sslcert",
"gatekeeper_sslkey",
"gatekeeper_cns",
"gatekeeper_clientkeyspassword",
"gatekeeper_datapath",
"gatekeeper_port",
"proxy_datapath",
"traefik_datapath",
"traefik_http_port",
"traefik_https_port",
"tor_datapath"
],
"allOf": [
{
"if": {
"properties": {
"run_as_different_user": {
"enum": [
true
]
}
}
},
"then": {
"required": [
"username"
]
}
},
{
"if": {
"properties": {
"use_xpub": {
"enum": [
true
]
}
}
},
"then": {
"required": [
"xpub",
"derivation_path"
]
}
},
{
"if": {
"properties": {
"bitcoin_prune": {
"enum": [
true
]
}
}
},
"then": {
"required": [
"bitcoin_prune_size"
]
}
},
{
"if": {
"properties": {
"features": {
"contains": {
"enum": [
"lightning"
]
}
}
}
},
"then": {
"required": [
"lightning_announce",
"lightning_expose",
"lightning_implementation",
"lightning_datapath",
"lightning_nodename",
"lightning_nodecolor"
]
}
},
{
"if": {
"properties": {
"features": {
"contains": {
"enum": [
"otsclient"
]
}
}
}
},
"then": {
"required": [
"otsclient_datapath"
]
}
}
],
"properties": {
"schema_version": {
"type": "string",
"enum": [
"0.2.3"
],
"default": "0.3.0",
"examples": [
"0.2.3"
]
},
"setup_version": {
"type": "string",
"examples": [
"v0.2.0"
]
},
"docker_versions": {
"$id": "#/properties/dockerVersions",
"type": "object",
"title": "All versions of the docker containers",
"default": {},
"additionalProperties": {
"type": "string"
}
},
"features": {
"$id": "#/properties/features",
"type": "array",
"title": "The optional features of this cyphernode",
"default": [],
"items": {
"$id": "#/properties/features/items",
"type": "string",
"enum": [
"lightning",
"otsclient"
],
"title": "The feature",
"default": "",
"examples": [
"lightning",
"otsclient"
]
}
},
"net": {
"$id": "#/properties/net",
"type": "string",
"enum": [
"testnet",
"mainnet",
"regtest"
],
"title": "The net cyphernode is running on",
"default": "testnet",
"examples": [
"testnet"
]
},
"use_xpub": {
"$id": "#/properties/use_xpub",
"type": "boolean",
"title": "Use xpub key?",
"default": false,
"examples": [
false
]
},
"xpub": {
"$id": "#/properties/xpub",
"type": "string",
"title": "Default xpub to derive addresses from",
"pattern": "^(\\w+)$"
},
"derivation_path": {
"$id": "#/properties/derivation_path",
"type": "string",
"title": "Default derivation path",
"default": "0/n",
"examples": [
"0/n"
]
},
"installer_mode": {
"$id": "#/properties/installer_mode",
"type": "string",
"enum": [
"docker"
],
"title": "Install mode",
"default": "docker",
"examples": [
"docker"
]
},
"run_as_different_user": {
"$id": "#/properties/run_as_different_user",
"type": "boolean",
"title": "Run as different user",
"default": true,
"examples": [
true
]
},
"username": {
"$id": "#/properties/username",
"type": "string",
"title": "Username to run under",
"default": "cyphernode",
"examples": [
"cyphernode"
]
},
"docker_mode": {
"$id": "#/properties/docker_mode",
"type": "string",
"enum": [
"swarm",
"compose"
],
"title": "How to run the containers",
"default": "compose",
"examples": [
"compose"
]
},
"bitcoin_rpcuser": {
"$id": "#/properties/bitcoin_rpcuser",
"type": "string",
"title": "Bitcoin rpc user",
"default": "bitcoin",
"examples": [
"bitcoin"
]
},
"bitcoin_rpcpassword": {
"$id": "#/properties/bitcoin_rpcpassword",
"type": "string",
"title": "Bitcoin rpc password",
"default": "CHANGEME",
"examples": [
"CHANGEME"
]
},
"bitcoin_uacomment": {
"$id": "#/properties/bitcoin_uacomment",
"type": "string",
"title": "Bitcoin user agent comment",
"examples": [
"cyphernode"
]
},
"bitcoin_prune": {
"$id": "#/properties/bitcoin_prune",
"type": "boolean",
"title": "Bitcoin prune",
"default": false,
"examples": [
"false"
]
},
"bitcoin_prune_size": {
"$id": "#/properties/bitcoin_prune_size",
"type": "integer",
"title": "Bitcoin prune size",
"default": 550,
"examples": [
550
]
},
"bitcoin_datapath": {
"$id": "#/properties/bitcoin_datapath",
"type": "string",
"title": "Bitcoin datapath",
"examples": [
"/tmp/cyphernode/bitcoin"
]
},
"bitcoin_datapath_custom": {
"$id": "#/properties/bitcoin_datapath_custom",
"type": "string",
"title": "Bitcoin custom datapath",
"examples": [
"/tmp/cyphernode/bitcoin"
]
},
"lightning_datapath": {
"$id": "#/properties/lightning_datapath",
"type": "string",
"title": "Lightning datapath",
"examples": [
"/tmp/cyphernode/lightning"
]
},
"lightning_datapath_custom": {
"$id": "#/properties/lightning_datapath_custom",
"type": "string",
"title": "Lightning custom datapath",
"examples": [
"/tmp/cyphernode/lightning"
]
},
"proxy_datapath": {
"$id": "#/properties/proxy_datapath",
"type": "string",
"title": "Proxy datapath",
"examples": [
"/tmp/cyphernode/proxy"
]
},
"proxy_datapath_custom": {
"$id": "#/properties/proxy_datapath_custom",
"type": "string",
"title": "Proxy custom datapath",
"examples": [
"/tmp/cyphernode/proxy"
]
},
"otsclient_datapath": {
"$id": "#/properties/otsclient_datapath",
"type": "string",
"title": "OTS Client datapath",
"examples": [
"/tmp/cyphernode/otsclient"
]
},
"otsclient_datapath_custom": {
"$id": "#/properties/otsclient_datapath_custom",
"type": "string",
"title": "OTS Client custom datapath",
"examples": [
"/tmp/cyphernode/otsclient"
]
},
"traefik_http_port": {
"$id": "#/properties/traefik_port",
"type": "integer",
"title": "Traefik HTTP port",
"default": 80,
"examples": [
80
]
},
"traefik_https_port": {
"$id": "#/properties/traefik_https_port",
"type": "integer",
"title": "Traefik HTTPS port",
"default": 443,
"examples": [
443
]
},
"traefik_datapath": {
"$id": "#/properties/traefik_datapath",
"type": "string",
"title": "Traefik datapath",
"examples": [
"/tmp/cyphernode/traefik"
]
},
"traefik_datapath_custom": {
"$id": "#/properties/traefik_datapath_custom",
"type": "string",
"title": "Traefik custom datapath",
"examples": [
"/tmp/cyphernode/traefik"
]
},
"tor_datapath": {
"$id": "#/properties/tor_datapath",
"type": "string",
"title": "Tor datapath",
"examples": [
"/tmp/cyphernode/tor"
]
},
"tor_datapath_custom": {
"$id": "#/properties/tor_datapath_custom",
"type": "string",
"title": "Tor custom datapath",
"examples": [
"/tmp/cyphernode/tor"
]
},
"lightning_announce": {
"$id": "#/properties/lightning_announce",
"type": "boolean",
"title": "Announce lightning ip",
"default": false,
"examples": [
false
]
},
"lightning_external_ip": {
"$id": "#/properties/lightning_external_ip",
"type": "string",
"format": "ipv4",
"title": "External lightning node ip",
"examples": [
"123.123.123.123"
]
},
"bitcoin_mode": {
"$id": "#/properties/bitcoin_mode",
"type": "string",
"enum": [
"internal"
],
"title": "Bitcoin mode",
"default": "internal",
"examples": [
"internal"
]
},
"bitcoin_expose": {
"$id": "#/properties/bitcoin_expose",
"type": "boolean",
"title": "Expose bitcoin node",
"default": false,
"examples": [
false
]
},
"lightning_expose": {
"$id": "#/properties/lightning_expose",
"type": "boolean",
"title": "Expose lightning node",
"default": false,
"examples": [
false
]
},
"gatekeeper_expose": {
"$id": "#/properties/gatekeeper_expose",
"type": "boolean",
"title": "Expose gatekeeper port",
"default": false,
"examples": [
false
]
},
"gatekeeper_datapath": {
"$id": "#/properties/gatekeeper_datapath",
"type": "string",
"title": "Gatekeeper datapath",
"examples": [
"/tmp/cyphernode/gatekeeper"
]
},
"gatekeeper_datapath_custom": {
"$id": "#/properties/gatekeeper_datapath_custom",
"type": "string",
"title": "Gatekeeper custom datapath",
"examples": [
"/tmp/cyphernode/gatekeeper"
]
},
"gatekeeper_port": {
"$id": "#/properties/gatekeeper_port",
"type": "integer",
"title": "Gatekeeper port",
"default": 2009,
"examples": [
2009
]
},
"gatekeeper_keys": {
"$id": "#/properties/gatekeeper_keys",
"type": "object",
"title": "Gatekeeper keys",
"default": {
"configEntries": [],
"clientInformation": []
},
"required": [
"configEntries",
"clientInformation"
],
"properties": {
"configEntries": {
"$id": "#/properties/gatekeeper_keys/configEntries",
"type": "array",
"items": {
"$id": "#/properties/gatekeeper_keys/configEntries/entry",
"type": "string",
"pattern": "^kapi_id=\".+\";kapi_key=\".+\";kapi_groups=\".+\";.+$"
},
"examples": [
[
"kapi_id=\"000\";kapi_key=\"a27f9e73fdde6a5005879c259c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a\";kapi_groups=\"stats\";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}",
"kapi_id=\"001\";kapi_key=\"a27f9e73fdde6a5005879c273c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a\";kapi_groups=\"stats,watcher\";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}",
"kapi_id=\"002\";kapi_key=\"fe58ddbb66d7302a7087af3242a98b6326c51a257f5eab1c06bb8cc02e25890d\";kapi_groups=\"stats,watcher,spender\";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}",
"kapi_id=\"003\";kapi_key=\"f0b8bb52f4c7007938757bcdfc73b452d6ce08cc0c660ce57c5464ae95f35417\";kapi_groups=\"stats,watcher,spender,admin\";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}"
]
]
},
"clientInformation": {
"$id": "#/properties/gatekeeper_keys/clientInformation",
"type": "array",
"items": {
"$id": "#/properties/gatekeeper_keys/clientInformation/entry",
"type": "string",
"pattern": "^.+=.+$"
},
"examples": [
[
"000=a27f9e73fdde6a5005879c259c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a",
"001=a27f9e73fdde6a5005879c273c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a",
"002=fe58ddbb66d7302a7087af3242a98b6326c51a257f5eab1c06bb8cc02e25890d",
"003=f0b8bb52f4c7007938757bcdfc73b452d6ce08cc0c660ce57c5464ae95f35417"
]
]
}
}
},
"gatekeeper_sslcert": {
"$id": "#/properties/gatekeeper_sslcert",
"type": "string",
"title": "Gatekeeper SSL Cert"
},
"gatekeeper_sslkey": {
"$id": "#/properties/gatekeeper_sslkey",
"type": "string",
"title": "Gatekeeper SSL Key"
},
"gatekeeper_cns": {
"$id": "#/properties/gatekeeper_cns",
"type": "string",
"title": "Gatekeeper cns",
"examples": [
"myhost.mydomain.com,*.myotherdomain.com,123.123.123.123"
]
},
"gatekeeper_clientkeyspassword": {
"$id": "#/properties/gatekeeper_clientkeyspassword",
"type": "string",
"title": "Password for the encrypted client keys archive"
},
"adminhash": {
"$id": "#/properties/adminhash",
"type": "string",
"title": "Bcrypted hash of admin password"
},
"lightning_implementation": {
"$id": "#/properties/lightning_implementation",
"type": "string",
"enum": [
"c-lightning"
],
"title": "The lightning implementation",
"default": "c-lightning",
"examples": [
"c-lightning"
]
},
"lightning_nodename": {
"$id": "#/properties/lightning_nodename",
"type": "string",
"title": "The lightning node name",
"examples": [
"🚀 Mighty Moose 🚀"
]
},
"lightning_nodecolor": {
"$id": "#/properties/lightning_nodecolor",
"type": "string",
"pattern": "^[0-9A-Fa-f]{6}$",
"title": "The lightning node color",
"examples": [
"ff0000",
"00ff00",
"00ffff"
]
}
}
}

1
cyphernodeconf_docker/templates/installer/config.sh
View File

@@ -7,6 +7,7 @@ PROXY_DATAPATH=<%= proxy_datapath %>
GATEKEEPER_DATAPATH=<%= gatekeeper_datapath %>
GATEKEEPER_PORT=<%= gatekeeper_port %>
TRAEFIK_DATAPATH=<%= traefik_datapath %>
TOR_DATAPATH=<%= tor_datapath %>
DOCKER_MODE=<%= docker_mode %>
RUN_AS_USER=<%= run_as_different_user?username:'' %>
CLEANUP=<%= installer_cleanup?'true':'false' %>

19
cyphernodeconf_docker/templates/installer/docker/docker-compose.yaml
View File

@@ -231,6 +231,25 @@ services:
- gatekeeper
# deploy:
# placement:
# constraints: [node.hostname==dev]
##########################
# TOR #
##########################
tor:
image: cyphernode/tor:<%= tor_version %>
command: $USER sh -c 'export HOME=/tor && tor -f /tor/torrc'
depends_on:
- traefik
volumes:
- "<%= tor_datapath %>:/tor"
restart: always
networks:
- cyphernodenet
- cyphernodeappsnet
# deploy:
# placement:
# constraints: [node.hostname==dev]
<% if ( features.indexOf('lightning') !== -1 && lightning_implementation === 'c-lightning' ) { %>

1
cyphernodeconf_docker/templates/installer/start.sh
View File

@@ -27,6 +27,7 @@ start_apps() {
export SHARED_HTPASSWD_PATH
export GATEKEEPER_DATAPATH
export GATEKEEPER_PORT
export TOR_DATAPATH
export LIGHTNING_DATAPATH
export BITCOIN_DATAPATH
export APP_SCRIPT_PATH

1
cyphernodeconf_docker/templates/installer/stop.sh
View File

@@ -28,6 +28,7 @@ stop_apps() {
export SHARED_HTPASSWD_PATH
export GATEKEEPER_DATAPATH
export GATEKEEPER_PORT
export TOR_DATAPATH
export LIGHTNING_DATAPATH
export BITCOIN_DATAPATH
export APP_SCRIPT_PATH

5
cyphernodeconf_docker/templates/tor/torrc Normal file
View File

@@ -0,0 +1,5 @@
HiddenServiceDir /tor/hidden_service/
HiddenServiceVersion 3
HiddenServicePort 80 traefik:80
HiddenServicePort 443 traefik:443
SocksPort 0.0.0.0:9050

60
cyphernodeconf_docker/test/data/config.0.2.3.json Normal file
View File

@@ -0,0 +1,60 @@
{
"schema_version": "0.2.2",
"setup_version": "setup_version",
"docker_versions": {},
"features": [
"lightning",
"otsclient"
],
"net": "testnet",
"use_xpub": true,
"installer_mode": "docker",
"run_as_different_user": true,
"username": "cyphernode",
"docker_mode": "compose",
"bitcoin_rpcuser": "bitcoin",
"bitcoin_rpcpassword": "test123",
"bitcoin_uacomment": "",
"bitcoin_prune": false,
"bitcoin_prune_size": 550,
"bitcoin_datapath": "/Users/jash/.cyphernode/bitcoin",
"bitcoin_mode": "internal",
"bitcoin_expose": false,
"lightning_expose": true,
"gatekeeper_port": 2009,
"gatekeeper_keys": {
"configEntries": [
"kapi_id=\"000\";kapi_key=\"a27f9e73fdde6a5005879c273c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a\";kapi_groups=\"watcher\";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}",
"kapi_id=\"001\";kapi_key=\"a27f9e73fdde6a5005879c273c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a\";kapi_groups=\"watcher\";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}",
"kapi_id=\"002\";kapi_key=\"fe58ddbb66d7302a7087af3242a98b6326c51a257f5eab1c06bb8cc02e25890d\";kapi_groups=\"watcher,spender\";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}",
"kapi_id=\"003\";kapi_key=\"f0b8bb52f4c7007938757bcdfc73b452d6ce08cc0c660ce57c5464ae95f35417\";kapi_groups=\"watcher,spender,admin\";eval ugroups_${kapi_id}=${kapi_groups};eval ukey_${kapi_id}=${kapi_key}"
],
"clientInformation": [
"000=a27f9e73fdde6a5005879c273c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a",
"001=a27f9e73fdde6a5005879c273c9aea5e8d917eec77bbdfd73272c0af9b4c6b7a",
"002=fe58ddbb66d7302a7087af3242a98b6326c51a257f5eab1c06bb8cc02e25890d",
"003=f0b8bb52f4c7007938757bcdfc73b452d6ce08cc0c660ce57c5464ae95f35417"
]
},
"gatekeeper_sslcert": "-----BEGIN CERTIFICATE-----\nMIIE/jCCAuagAwIBAgIJAIBv4aiI2NRtMA0GCSqGSIb3DQEBCwUAMB4xHDAaBgNV\nBAMME2Rpc2swYm9vay5mcml0ei5ib3gwHhcNMTkwMTE3MTcwMDA5WhcNMjkwMTE0\nMTcwMDA5WjAeMRwwGgYDVQQDDBNkaXNrMGJvb2suZnJpdHouYm94MIICIjANBgkq\nhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyVKNTGlPfd4QX9HaDc9a6prbc9il4jtR\niChSlMf3/6UfAMcS+xVgR2iR8FK/DQuFzxn+6BybpoiD333rjDr7zR7y9px3Xph2\nbmsjZy0hv9SIBbx0DJvvwODTlWTAH8qgU2DN6xWc7vjgeGi5uTpnmwWrkH6BjtVr\nwoBkF0JmfH7KiLS/QjWqPKeI6o/GpvCP9meD131Sq/ReoOTrJ4F5aNdhAril4nU5\n6e7Y+Iyp35DZSLuU+pDJAhxEvkYGas1ted5RRxlho8ukaoABCbmaTeNmgsJxK2SC\nABjfUc38aAlNLuMbMMR7Q85Z84OTJiUqanVczwdSj1QHlNCWZK1McBPhj2m2Wdge\ngedrq5XcjQGChzTEozcFntU0qzY3ja1+DOE8UaMaTrDH4saUXCMZk3W1m5mmiZW3\nmcB0cKGdeg6K6USg1BwBTU9qolUusxz5T0tNxjcMlXU93P17d4s5IXfliXhMNr/6\n4fl78Ey3FNprTix4alW7hBAp/eA/LhS55s3jwdoVzJl4RELC0284pahj5exYQwU6\nzjLedMxzC+7veQYwWfZOs9jVCTP0YStuT0j9xD3ausLZyB1Egbsajyy71IeoYOf1\n9S6dFIXE5LHAw2j3D3bh5wb019I8V5szGbeemdBpb3m+bzT8qjLSNranuT41CIHd\nIYjq85vDEJsCAwEAAaM/MD0wOwYDVR0RBDQwMoITZGlzazBib29rLmZyaXR6LmJv\neIIJbG9jYWxob3N0ggpnYXRla2VlcGVyhwR/AAABMA0GCSqGSIb3DQEBCwUAA4IC\nAQBrE4bJsIMwSRPng94PcqR5F6Cux0bkwezALJCHpjHTuqok/wHHE5dZsAXcSsYc\n5givuBESih6CpY5h21Od0TBugyv3FCRY8OoaBXtlO6FYlEnVeJ8AOexJTb3qcbBS\nHU8MBWEydUh5HFA3PRKAG0Y4cvUK4WXJZ42Et3td0NkGFOv6bxdtVGB4Vz7FGn+3\nqd9fpmFCdQYDp6RSZDDz4B8XLsVuTeTES5GbUMSQAGanP7jxMr04wQ3MuoZrRODN\nFatifOJfq0fZddsBjJbrTLxArIqaPh3J4xzwiNE5du4CQDQrbbHXG22kuvbr5foA\ncixLnuyWMq0a5a70mSNS6TZ3nq4ATXNNa0cZ8fBxHqHGTLM8gQisW8vTaZfIFh/i\nhnFcGxtpo1ryi7JG9HCWsh0x20677iag5MuZfv2s4TbK71Ol6WV4FravCqU0qgbn\nTTl+BnYw3H67FO/a6RD4ISlFWK+8EVEQdMgvPoRuw323YznT0Nd8Q/Gq8raYF2wa\nz9T9OXu6TcVGtfPAgX+AM/+hDqWGxyiFR9ZtLpGOHGP8f+TZA5uCawc8Zry4yN6L\nE0yPIx96pJz59T3k8XbRHTQCaPsSUGRAZIY9LpJj0fIG7zCr9eCBpp2qyzmpyNfx\negN3ILYy1Y8JbJj73HWyP0F3Am7i76tkCWB7tQeFOb5FMg==\n-----END CERTIFICATE-----\n",
"gatekeeper_sslkey": "-----BEGIN PRIVATE KEY-----\nMIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQDJUo1MaU993hBf\n0doNz1rqmttz2KXiO1GIKFKUx/f/pR8AxxL7FWBHaJHwUr8NC4XPGf7oHJumiIPf\nfeuMOvvNHvL2nHdemHZuayNnLSG/1IgFvHQMm+/A4NOVZMAfyqBTYM3rFZzu+OB4\naLm5OmebBauQfoGO1WvCgGQXQmZ8fsqItL9CNao8p4jqj8am8I/2Z4PXfVKr9F6g\n5OsngXlo12ECuKXidTnp7tj4jKnfkNlIu5T6kMkCHES+RgZqzW153lFHGWGjy6Rq\ngAEJuZpN42aCwnErZIIAGN9RzfxoCU0u4xswxHtDzlnzg5MmJSpqdVzPB1KPVAeU\n0JZkrUxwE+GPabZZ2B6B52urldyNAYKHNMSjNwWe1TSrNjeNrX4M4TxRoxpOsMfi\nxpRcIxmTdbWbmaaJlbeZwHRwoZ16DorpRKDUHAFNT2qiVS6zHPlPS03GNwyVdT3c\n/Xt3izkhd+WJeEw2v/rh+XvwTLcU2mtOLHhqVbuEECn94D8uFLnmzePB2hXMmXhE\nQsLTbzilqGPl7FhDBTrOMt50zHML7u95BjBZ9k6z2NUJM/RhK25PSP3EPdq6wtnI\nHUSBuxqPLLvUh6hg5/X1Lp0UhcTkscDDaPcPduHnBvTX0jxXmzMZt56Z0Glveb5v\nNPyqMtI2tqe5PjUIgd0hiOrzm8MQmwIDAQABAoICAQCI5uA7M+ngd9++qR+VAIqc\nus28y3iSjS/2XSU7E3irmYepqbZYk8KzDIMhX8OXhVxq5wyWns2hw3eZxTEmXP3a\nEM+7r87kvtzaXXTntqMapdYRwINSB8BT8w8uqiKT++Bmko+06y+auhc7Ckwxj2vg\n2Uw/qCdGEA+FZnWp83dp9XaY3ACrb37iXDMY/shhwXjEYMQhB5HuaPDojIL0jHEZ\nQE0x4oq7omfNkqRs8IqcAw4fDaBTe52VF9APa+L1QdjOZMX0iWgCUHrwCTere1FY\n4ehVxw/aKDDXDBLguCiKPrkDx2A4G4SPKYW1uKWZ7PAZENIZ3qrf2I6HPgjnUYmG\nAHQiR3JcwsXFZZAMW/kbqzRCS7CrvNnrzcUL9JAlpFmMDeAFIlbVkFED+kOtVioR\nPAcDWKtlWOWbX3Kn218FCblH86XdzB9H/pgbHxf8cXFcnaqVApxC1zv+uIaV526p\nU9maF8CMVX5bZ21e+dpP1BQ3DDRn3DCQno/QrGGMxK66EBVrHrllHBYpUppcj4w8\nCn5RDhp2KJjYsgX9zjuXif1gdP2jqBCDWCog+YwsoQP1Qp613D6rl5TKaa/rfZmX\nfG5Q98/wfAHwLjIDfwCXWqKOFoGdMzxg9hxk0bSNn64m1UY6OYB4yJs/o6spqGXq\nZRaX2LStSq5fhvB+tjl3AQKCAQEA7wBS3t2dHOVLZGVycxSq1LRoeW44KxZaNSiv\nXj5Xrw/jAnnAEAcVFrCGFY40MC4SNM//VUWHs4zKXxAhK/vFOgSvmnNh6mWDd/sO\nFyzo17fhwhi4u8BIjvchHgwg5aMi4uCLFM8RBZjI5MpMyNBwxT5VLKKKv3N9YtUK\n5JPhXkZJnhOhKj3vTaCeJFBMvcknoqqNcUcEEMo0d+YqUAYh9+8qpjBSKBV+8/VZ\nbQwyjd+EN5ajqRLIjKOy1GrbRwBcxadGdZzqMDYlSVBdAxAssPiUqhTLeHAuGfbK\nB0iF0DLgwl0N/6qx0WtLTA3MY7NcQJ/cjUioJKqbnvouEP2f2wKCAQEA16Qulg5I\nyDbJsiFzmeLNpKSXeh9y1q/hvqizd8R9GAUh9TVSgAnoiCpucguvMYBsXeGU3srr\no9AvxmkmrMWVNZbolaMRv0p+nXPR6uF5tFQJ/jYm1H/jI3ieF2ZXJveQBkqjRsOD\nsWI4HNuarGnsOo8rqV0ybYGFks1dhuvBZp7RemZbXqaFnk/D8FtkmHRsWUdEQifd\njHCATRbUHjAm8tk7HjdJbhYIMCZkbN1HRkx044pk+os37Eqi4Ok+s/MbQ7g2lY+R\nt1sxrJo4dsqxwflz9U6U5ECwH2hxuzpowGXwfcqtPLvVJT1p+TUxIHNb2eUvJg7R\ntsx4BzC4FbaOQQKCAQBMaHYV+hO4oTWxKx2j3P+gcOzVpX8fh03foNov7w5pUVLp\n/7J/bUQ4tMapLYVRwejgKX8f69KufFxWd/mi7iLnoYfigPDU1w9o1EJ09k6aaJcs\nTmsA20BXNHrJ+GasA7OrhM3yISD4ARh4zJQvvzPOW1cvpedlva5gYmvRF9X9Jctz\nViM4NgTDdI4aXfGq2xxozM3bYTDTjVGo41SzsMI7WaLw7pHVbsnfhJjKXBPtd3/1\npZs8+lxTWiJZ9q+Ty3HdXtUP1NKqByV0gtS5nforuc0Ncwh5wKN8eYGtQmpFXX6t\npMJM8m1W3k58Sg0F8tmTb4g7Qvc+gayu7py7odnxAoIBAQC5pJqGjF2UH7acJ7hB\nrsOjDh9p/1D6Cgip/soiPYID/8cwNmuD1wPc1cqnW+/DCfBBEkb7Vm5uZHf8s+Gb\ns620qOoqiGxq5lMCcgcx0lLYL9E6jJv5LO/6RYi0VGKLJW1UPUU7Um45c3kjPtt1\nuuqnr0HDWHxlUbAQpcPyt1uUYP2uBhh675jwpXLlpYiAxxnP8k6NNYzBrsiFlTWf\nl4ywXNtMNAR/RXBfI24pWoZVutSWXzp3hwrp3YdDYQmeGZhLQHedYi/sThIBqfMa\nMX2+pGZztObxac81+tCOgsZTfG8BnE5vjrT8jlaBOI3Ghgl5GJjyhqd8W6KpbgPM\njZEBAoIBAQCuI/dv6opNniMmOY+iI1Oh6kyNnctKe/VF2SqwfeK3I6fCfcNEm46u\nQHnJWqVCIQ1ZsU8b/Pn0+mJYB/n+OYh585DsDR2YEJPXE+qrVHG1qIEEyTgcTb30\n+nehJ6d5SYMej4VMdepgMD7HeG7Nly1wwu0VYTUTLP3Z812NUdnBYmb5QSRnsHrk\nOVlAkJAaunAk1O3rwwdyGwMmNVIgzf0foa/c8uFQCbUHocQUwr//vN+U+Nhi4VQC\nnRiPT36rWxLqwyn8sa7dcE9A6Hp2KDBc97DJTDNvA3StF1JHAf/EoiTq3mWvVNhR\nmPN+iWirFH2RN5KkSaTzEtrXAgbLvic9\n-----END PRIVATE KEY-----\n",
"gatekeeper_cns": "disk0book.fritz.box",
"proxy_datapath": "/Users/jash/.cyphernode/proxy",
"lightning_implementation": "c-lightning",
"lightning_datapath": "/Users/jash/.cyphernode/lightning",
"lightning_nodename": "🚀 Disciplined Dormouse 🚀",
"lightning_nodecolor": "ff0000",
"otsclient_datapath": "/Users/jash/.cyphernode/otsclient",
"adminhash": "BsJFlh7q4JmwI\n",
"use_xpub": true,
"xpub": "abc",
"derivation_path": "da",
"gatekeeper_clientkeyspassword": "test123",
"gatekeeper_datapath": "/Users/jash/.cyphernode/gatekeeper",
"traefik_datapath": "foo",
"tor_datapath": "foo",
"lightning_announce": true,
"gatekeeper_expose": false,
"traefik_http_port": 80,
"traefik_https_port": 443
}

21
dist/setup.sh vendored
View File

@@ -110,7 +110,7 @@ sudo_if_required() {
}
modify_permissions() {
local directories=("installer" "gatekeeper" "lightning" "bitcoin" "docker-compose.yaml" "traefik" "$BITCOIN_DATAPATH" "$LIGHTNING_DATAPATH" "$PROXY_DATAPATH" "$GATEKEEPER_DATAPATH" "$OTSCLIENT_DATAPATH" "$TRAEFIK_DATAPATH")
local directories=("installer" "gatekeeper" "lightning" "bitcoin" "docker-compose.yaml" "traefik" "tor" "$BITCOIN_DATAPATH" "$LIGHTNING_DATAPATH" "$PROXY_DATAPATH" "$GATEKEEPER_DATAPATH" "$OTSCLIENT_DATAPATH" "$TRAEFIK_DATAPATH" "$TOR_DATAPATH")
for d in "${directories[@]}"
do
if [[ -e $d ]]; then
@@ -122,7 +122,7 @@ modify_permissions() {
}
modify_owner() {
local directories=("$BITCOIN_DATAPATH" "$LIGHTNING_DATAPATH" "$PROXY_DATAPATH" "$GATEKEEPER_DATAPATH" "$OTSCLIENT_DATAPATH" "$TRAEFIK_DATAPATH")
local directories=("$BITCOIN_DATAPATH" "$LIGHTNING_DATAPATH" "$PROXY_DATAPATH" "$GATEKEEPER_DATAPATH" "$OTSCLIENT_DATAPATH" "$TRAEFIK_DATAPATH" "$TOR_DATAPATH")
local user=$(id -u $RUN_AS_USER):$(id -g $RUN_AS_USER)
for d in "${directories[@]}"
do
@@ -185,6 +185,7 @@ configure() {
-e SETUP_DIR=$SETUP_DIR \
-e DEFAULT_CERT_HOSTNAME=$(hostname) \
-e GATEKEEPER_VERSION=$GATEKEEPER_VERSION \
-e TOR_VERSION=$TOR_VERSION \
-e PROXY_VERSION=$PROXY_VERSION \
-e NOTIFIER_VERSION=$NOTIFIER_VERSION \
-e PROXYCRON_VERSION=$PROXYCRON_VERSION \
@@ -397,6 +398,16 @@ install_docker() {
copy_file $cyphernodeconf_filepath/traefik/htpasswd $TRAEFIK_DATAPATH/htpasswd 1 $SUDO_REQUIRED
if [ ! -d $TOR_DATAPATH ]; then
step " create $TOR_DATAPATH"
sudo_if_required mkdir -p $TOR_DATAPATH/hidden_service
sudo_if_required chmod 700 $TOR_DATAPATH/hidden_service
next
fi
copy_file $cyphernodeconf_filepath/tor/torrc $TOR_DATAPATH/torrc 1 $SUDO_REQUIRED
if [ ! -d $PROXY_DATAPATH ]; then
step " create $PROXY_DATAPATH"
sudo_if_required mkdir -p $PROXY_DATAPATH
@@ -567,7 +578,7 @@ install_docker() {
check_directory_owner() {
# if one directory does not have access rights for $RUN_AS_USER, we echo 1, else we echo 0
local directories=("$BITCOIN_DATAPATH" "$LIGHTNING_DATAPATH" "$PROXY_DATAPATH" "$GATEKEEPER_DATAPATH" "$TRAEFIK_DATAPATH")
local directories=("$BITCOIN_DATAPATH" "$LIGHTNING_DATAPATH" "$PROXY_DATAPATH" "$GATEKEEPER_DATAPATH" "$TRAEFIK_DATAPATH" "$TOR_DATAPATH")
local status=0
for d in "${directories[@]}"
do
@@ -671,7 +682,7 @@ sanity_checks_pre_install() {
if [[ $sudo_reason == 'directories' ]]; then
echo " or check your data volumes if they have the right owner."
echo " The owner of the following folders should be '$RUN_AS_USER':"
local directories=("$BITCOIN_DATAPATH" "$LIGHTNING_DATAPATH" "$PROXY_DATAPATH" "$GATEKEEPER_DATAPATH" "$TRAEFIK_DATAPATH")
local directories=("$BITCOIN_DATAPATH" "$LIGHTNING_DATAPATH" "$PROXY_DATAPATH" "$GATEKEEPER_DATAPATH" "$TRAEFIK_DATAPATH" "$TOR_DATAPATH")
local status=0
for d in "${directories[@]}"
do
@@ -720,6 +731,7 @@ AUTOSTART=0
SETUP_VERSION="v0.2.4"
CONF_VERSION="v0.2.4"
GATEKEEPER_VERSION="v0.2.4"
TOR_VERSION="v0.2.4"
PROXY_VERSION="v0.2.4"
NOTIFIER_VERSION="v0.2.4"
PROXYCRON_VERSION="v0.2.4"
@@ -780,6 +792,7 @@ if [[ $nbbuiltimgs -gt 1 ]]; then
if [[ $REPLY =~ ^[Yy]$ ]]; then
CONF_VERSION="$CONF_VERSION-local"
GATEKEEPER_VERSION="$GATEKEEPER_VERSION-local"
TOR_VERSION="$TOR_VERSION-local"
PROXY_VERSION="$PROXY_VERSION-local"
NOTIFIER_VERSION="$NOTIFIER_VERSION-local"
PROXYCRON_VERSION="$PROXYCRON_VERSION-local"

23
tor_docker/Dockerfile Normal file
View File

@@ -0,0 +1,23 @@
FROM alpine:3.10.2
ARG TOR_VER=0.4.1.6
ARG TORGZ=https://dist.torproject.org/tor-$TOR_VER.tar.gz
RUN apk --no-cache add --update \
alpine-sdk gnupg libevent libevent-dev zlib zlib-dev openssl openssl-dev su-exec
RUN wget $TORGZ.asc && wget $TORGZ
# Verify tar signature, build and install
# From https://2019.www.torproject.org/include/keys.txt
# Roger Dingledine: 0xEB5A896A28988BF5, 0xC218525819F78451
# Nick Mathewson: 0xFE43009C4607B1FB, 0x6AFEE6D49E92B601(signing key)
RUN gpg --keyserver pool.sks-keyservers.net --recv-keys 0x6AFEE6D49E92B601 \
&& gpg --verify tor-$TOR_VER.tar.gz.asc \
&& tar xfz tor-$TOR_VER.tar.gz && cd tor-$TOR_VER \
&& ./configure && make install
ENTRYPOINT ["su-exec"]
# docker run -it --rm --network wbnet -v /home/debian/whatever/tor:/tor tor
# wget https://dist.torproject.org/tor-0.4.1.6.tar.gz.asc && wget https://dist.torproject.org/tor-0.4.1.6.tar.gz

21
tor_docker/README.md Normal file
View File

@@ -0,0 +1,21 @@
# Tor container in Cyphernode
## Pull our Cyphernode image
```shell
docker pull cyphernode/tor:latest
```
## Build yourself the image
```shell
docker build -t cyphernode/tor:latest .
```
## Run image
If you are using it independantly from the Docker stack (docker-compose.yml), you can run it like that:
```shell
docker run --rm -d --network cyphernodenet cyphernode/tor:latest `id -u cyphernode`:`id -g cyphernode` ./tor -f /tor/torrc
```

4
tor_docker/torrc-sample Normal file
View File

@@ -0,0 +1,4 @@
HiddenServiceDir /tor/hidden_service/
HiddenServiceVersion 3
HiddenServicePort 80 traefik:80
SocksPort 0.0.0.0:9050