route txes through tor and i2p proxies

tor-i2p-proxies
lza_menace 4 days ago
parent 183d85942d
commit 21895dca35

@ -1,5 +1,3 @@
version: "3.7"
volumes: volumes:
grafana: grafana:
prometheus: prometheus:
@ -77,12 +75,35 @@ services:
# ports: # ports:
# - 127.0.0.1:${MAPPER_PORT:-5000}:5000 # - 127.0.0.1:${MAPPER_PORT:-5000}:5000
<<: *log-config <<: *log-config
tor:
container_name: monerod_tor
build:
context: .
dockerfile: dockerfiles/tor
restart: unless-stopped
# ports:
# - 127.0.0.1:9050:9050
<<: *log-config
i2p:
container_name: monerod_i2p
build:
context: .
dockerfile: dockerfiles/i2p
restart: unless-stopped
# ports:
# - 127.0.0.1:4444:4444
<<: *log-config
monerod: monerod:
container_name: monerod container_name: monerod
build: build:
context: . context: .
dockerfile: dockerfiles/monero dockerfile: dockerfiles/monero
restart: unless-stopped restart: unless-stopped
depends_on:
tor:
condition: service_started
i2p:
condition: service_started
volumes: volumes:
- ${DATA_DIR:-./data}:/data - ${DATA_DIR:-./data}:/data
ports: ports:
@ -90,6 +111,4 @@ services:
- ${RESTRICTED_PORT:-18081}:18081 # restricted rpc - ${RESTRICTED_PORT:-18081}:18081 # restricted rpc
- 127.0.0.1:${ZMQ_PORT:-18082}:18082 # zmq - 127.0.0.1:${ZMQ_PORT:-18082}:18082 # zmq
- 127.0.0.1:${UNRESTRICTED_PORT:-18083}:18083 # unrestricted rpc - 127.0.0.1:${UNRESTRICTED_PORT:-18083}:18083 # unrestricted rpc
command:
monerod --data-dir=/data --p2p-bind-ip=0.0.0.0 --p2p-bind-port=18080 --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18081 --zmq-rpc-bind-ip=0.0.0.0 --zmq-rpc-bind-port=18082 --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18083 --non-interactive --confirm-external-bind --public-node --log-level=0 --enable-dns-blocklist --rpc-ssl=disabled --ban-list=/ban_list.txt
<<: *log-config <<: *log-config

@ -0,0 +1,26 @@
FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && \
apt-get install wget sudo -y
WORKDIR /tmp/i2p
RUN wget https://github.com/PurpleI2P/i2pd/releases/download/2.47.0/i2pd_2.47.0-1jammy1_amd64.deb -O i2pd.deb -q
RUN apt install ./i2pd.deb -y
RUN rm -rf /tmp/i2p
RUN adduser \
--system \
--shell /bin/bash \
--gecos 'i2p' \
--group \
--disabled-password \
--home /home/i2p \
--uid 1000 \
i2p
COPY dockerfiles/i2p-entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
EXPOSE 4444
CMD /entrypoint.sh

@ -0,0 +1,9 @@
#!/bin/bash
chown -R i2p:i2p /home/i2p
# Run i2pd
sudo -u i2p i2pd \
--httpproxy.enabled 1 \
--httpproxy.address 0.0.0.0 \
--httpproxy.port 4444

@ -1,4 +1,4 @@
FROM ubuntu:22.04 as OG FROM ubuntu:22.04 AS og
ENV MONERO_HASH 51ba03928d189c1c11b5379cab17dd9ae8d2230056dc05c872d0f8dba4a87f1d ENV MONERO_HASH 51ba03928d189c1c11b5379cab17dd9ae8d2230056dc05c872d0f8dba4a87f1d
ENV MONERO_DL_URL https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.4.tar.bz2 ENV MONERO_DL_URL https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.4.tar.bz2
@ -8,18 +8,14 @@ ENV MONERO_SUMS_FILE sha256sums
WORKDIR /opt/monero WORKDIR /opt/monero
# Update system and install dependencies # Update system and install dependencies
# Download ban list
# Download Monero binaries from getmonero.org
# Confirm hashes match
# Install daemon binary
# Clean up
RUN apt-get update \ RUN apt-get update \
&& apt-get upgrade -y \ && apt-get upgrade -y \
&& apt-get install -y tar wget bzip2 && apt-get install -y tar wget bzip2
RUN wget -qO /ban_list.txt "https://raw.githubusercontent.com/Boog900/monero-ban-list/main/ban_list.txt" # Download Monero binaries from getmonero.org
# Confirm hashes match
# Install daemon binary
# Clean up
RUN wget -qO ${MONERO_DL_FILE} ${MONERO_DL_URL} \ RUN wget -qO ${MONERO_DL_FILE} ${MONERO_DL_URL} \
&& echo "${MONERO_HASH} ${MONERO_DL_FILE}" > ${MONERO_SUMS_FILE} \ && echo "${MONERO_HASH} ${MONERO_DL_FILE}" > ${MONERO_SUMS_FILE} \
&& sha256sum -c ${MONERO_SUMS_FILE}; \ && sha256sum -c ${MONERO_SUMS_FILE}; \
@ -35,14 +31,27 @@ RUN wget -qO ${MONERO_DL_FILE} ${MONERO_DL_URL} \
&& mv ./tmp/* /usr/local/bin/ \ && mv ./tmp/* /usr/local/bin/ \
&& rm -rf ./tmp ${MONERO_SUMS_FILE} ${MONERO_DL_FILE} && rm -rf ./tmp ${MONERO_SUMS_FILE} ${MONERO_DL_FILE}
WORKDIR /data # Download ban list
RUN wget -qO /tmp/ban_list.txt "https://raw.githubusercontent.com/Boog900/monero-ban-list/main/ban_list.txt"
# Download DNS client
RUN wget -qO q.tar.gz "https://github.com/natesales/q/releases/download/v0.19.2/q_0.19.2_linux_amd64.tar.gz" \
&& tar xzvf q.tar.gz \
&& mv q /tmp/q \
&& rm *.tar.gz
# Copy to fresh Ubuntu image to reduce size # Copy to fresh Ubuntu image to reduce size
FROM ubuntu:22.04 FROM ubuntu:22.04
COPY --from=OG /usr/local/bin/monerod /usr/local/bin/monerod COPY --from=og /usr/local/bin/monerod /usr/local/bin/monerod
COPY --from=OG /usr/local/bin/monero-wallet-cli /usr/local/bin/monero-wallet-cli COPY --from=og /usr/local/bin/monero-wallet-cli /usr/local/bin/monero-wallet-cli
COPY --from=OG /usr/local/bin/monero-wallet-rpc /usr/local/bin/monero-wallet-rpc COPY --from=og /usr/local/bin/monero-wallet-rpc /usr/local/bin/monero-wallet-rpc
COPY --from=OG /ban_list.txt /ban_list.txt COPY --from=og /tmp/ban_list.txt /ban_list.txt
COPY --from=og /tmp/q /usr/local/bin/q
COPY dockerfiles/monero-entrypoint.sh /entrypoint.sh
RUN chmod 755 /entrypoint.sh
CMD "/entrypoint.sh"
EXPOSE 18080 EXPOSE 18080
EXPOSE 18081 EXPOSE 18081

@ -0,0 +1,27 @@
#!/bin/bash
TOR_HOST=$(q tor A -r)
I2P_HOST=$(q i2p A -r)
set -x
monerod \
--data-dir=/data \
--p2p-bind-ip=0.0.0.0 \
--p2p-bind-port=18080 \
--rpc-restricted-bind-ip=0.0.0.0 \
--rpc-restricted-bind-port=18081 \
--zmq-rpc-bind-ip=0.0.0.0 \
--zmq-rpc-bind-port=18082 \
--rpc-bind-ip=0.0.0.0 \
--rpc-bind-port=18083 \
--non-interactive \
--confirm-external-bind \
--public-node \
--log-level=0 \
--enable-dns-blocklist \
--rpc-ssl=disabled \
--ban-list=/ban_list.txt \
--tx-proxy=tor,$TOR_HOST:9050 \
--tx-proxy=i2p,$I2P_HOST:4444

@ -0,0 +1,15 @@
FROM ubuntu:20.04
RUN apt-get update && apt-get install tor -y
RUN mkdir -p /run/tor \
&& chown -R debian-tor:debian-tor /run/tor \
&& chmod 700 -R /run/tor
COPY dockerfiles/tor-config /etc/tor/torrc
USER debian-tor
EXPOSE 9050
ENTRYPOINT ["tor"]

@ -0,0 +1,12 @@
ControlSocket /run/tor/control
ControlSocketsGroupWritable 1
CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /run/tor/control.authcookie
DataDirectory /var/lib/tor
ExitPolicy reject6 *:*, reject *:*
ExitRelay 0
IPv6Exit 0
Log notice stdout
PublishServerDescriptor 0
SOCKSPort 0.0.0.0:9050
Loading…
Cancel
Save