adding hidden tor service by default

tor
lza_menace 4 years ago
parent 911ebb9ca1
commit efe253201e

@ -8,6 +8,7 @@ help:
up: ## Build and run the required containers by fetching binaries up: ## Build and run the required containers by fetching binaries
docker-compose -f docker-compose.yaml up -d docker-compose -f docker-compose.yaml up -d
docker-compose -f docker-compose.yaml exec tor cat /var/lib/tor/monero/hostname
up-full: ## Build and run the required containers by compiling source up-full: ## Build and run the required containers by compiling source
docker-compose -f docker-compose.full.yaml up -d docker-compose -f docker-compose.full.yaml up -d
@ -29,3 +30,6 @@ logs: ## Get logs from the containers
logs-full: ## Get logs from the containers logs-full: ## Get logs from the containers
docker-compose -f docker-compose.full.yaml logs -f monerod docker-compose -f docker-compose.full.yaml logs -f monerod
tor: ## Get onion address for the Monero node
docker-compose -f docker-compose.yaml exec tor cat /var/lib/tor/monero/hostname

@ -52,6 +52,19 @@ services:
PORT: 8080 PORT: 8080
ports: ports:
- 127.0.0.1:8080:8080 - 127.0.0.1:8080:8080
tor:
container_name: tor
build:
context: dockerfiles
dockerfile: tor
restart: unless-stopped
ports:
- 127.0.0.1:9050:9050
volumes:
- tor:/var/lib/tor
networks:
monero:
ipv4_address: 172.96.0.15
monerod: monerod:
container_name: monerod container_name: monerod
build: build:
@ -62,6 +75,9 @@ services:
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- ${DATA_DIR:-./data}:/data - ${DATA_DIR:-./data}:/data
networks:
monero:
ipv4_address: 172.96.0.20
ports: ports:
- ${P2P_PORT:-18080}:18080 # p2p - ${P2P_PORT:-18080}:18080 # p2p
- ${RESTRICTED_PORT:-18081}:18081 # restricted rpc - ${RESTRICTED_PORT:-18081}:18081 # restricted rpc
@ -69,3 +85,10 @@ services:
- 127.0.0.1:${UNRESTRICTED_PORT:-18083}:18083 # unrestricted rpc - 127.0.0.1:${UNRESTRICTED_PORT:-18083}:18083 # unrestricted rpc
command: command:
monerod --data-dir=/data --p2p-bind-ip=0.0.0.0 --p2p-bind-port=18080 --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18081 --zmq-rpc-bind-ip=0.0.0.0 --zmq-rpc-bind-port=18082 --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18083 --non-interactive --confirm-external-bind --public-node --log-level=0 --enable-dns-blocklist monerod --data-dir=/data --p2p-bind-ip=0.0.0.0 --p2p-bind-port=18080 --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18081 --zmq-rpc-bind-ip=0.0.0.0 --zmq-rpc-bind-port=18082 --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18083 --non-interactive --confirm-external-bind --public-node --log-level=0 --enable-dns-blocklist
networks:
monero:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.96.0.0/16

@ -2,6 +2,7 @@ version: '3'
volumes: volumes:
grafana: grafana:
prometheus: prometheus:
tor:
services: services:
prometheus: prometheus:
image: prom/prometheus:v2.18.0 image: prom/prometheus:v2.18.0
@ -54,6 +55,19 @@ services:
PORT: 8080 PORT: 8080
ports: ports:
- 127.0.0.1:8080:8080 - 127.0.0.1:8080:8080
tor:
container_name: tor
build:
context: dockerfiles
dockerfile: tor
restart: unless-stopped
ports:
- 127.0.0.1:9050:9050
volumes:
- tor:/var/lib/tor
networks:
monero:
ipv4_address: 172.96.0.15
monerod: monerod:
container_name: monerod container_name: monerod
build: build:
@ -62,10 +76,20 @@ services:
restart: unless-stopped restart: unless-stopped
volumes: volumes:
- ${DATA_DIR:-./data}:/data - ${DATA_DIR:-./data}:/data
networks:
monero:
ipv4_address: 172.96.0.20
ports: ports:
- ${P2P_PORT:-18080}:18080 # p2p - ${P2P_PORT:-18080}:18080 # p2p
- ${RESTRICTED_PORT:-18081}:18081 # restricted rpc - ${RESTRICTED_PORT:-18081}:18081 # restricted rpc
- 127.0.0.1:${ZMQ_PORT:-18082}:18082 # zmq - 127.0.0.1:${ZMQ_PORT:-18082}:18082 # zmq
- 127.0.0.1:${UNRESTRICTED_PORT:-18083}:18083 # unrestricted rpc - 127.0.0.1:${UNRESTRICTED_PORT:-18083}:18083 # unrestricted rpc
command: command:
monerod --data-dir=/data --p2p-bind-ip=0.0.0.0 --p2p-bind-port=18080 --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18081 --zmq-rpc-bind-ip=0.0.0.0 --zmq-rpc-bind-port=18082 --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18083 --non-interactive --confirm-external-bind --public-node --log-level=0 --enable-dns-blocklist monerod --data-dir=/data --p2p-bind-ip=0.0.0.0 --p2p-bind-port=18080 --rpc-restricted-bind-ip=0.0.0.0 --rpc-restricted-bind-port=18081 --zmq-rpc-bind-ip=0.0.0.0 --zmq-rpc-bind-port=18082 --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18083 --non-interactive --confirm-external-bind --public-node --log-level=0 --enable-dns-blocklist --tx-proxy tor,172.96.0.15:9050
networks:
monero:
driver: bridge
ipam:
driver: default
config:
- subnet: 172.96.0.0/16

@ -0,0 +1,16 @@
BridgeRelay 1
ControlSocket /run/tor/control
ControlSocketsGroupWritable 1
CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /run/tor/control.authcookie
DataDirectory /var/lib/tor
ExitPolicy reject6 *:*, reject *:*
ExitRelay 0
IPv6Exit 0
Log notice stdout
ORPort 9001
PublishServerDescriptor 0
SOCKSPort 0.0.0.0:9050
HiddenServiceDir /var/lib/tor/monero
HiddenServicePort 18081 172.96.0.20:18081

@ -0,0 +1,15 @@
FROM ubuntu:20.04
RUN apt-get update && apt-get install tor -y
RUN mkdir -p /run/tor \
&& chown -R debian-tor:debian-tor /run/tor \
&& chmod 700 -R /run/tor
COPY conf/torrc /etc/tor/torrc
USER debian-tor
EXPOSE 9050
ENTRYPOINT ["tor"]
Loading…
Cancel
Save