Add tor support
This commit is contained in:
nicolas.dorier
2
Generated/.gitignore
vendored
2
Generated/.gitignore
vendored
@@ -1,4 +1,4 @@
|
|||||||
*.yml
|
*.yml
|
||||||
*.tmpl
|
nginx.tmpl
|
||||||
*.toml
|
*.toml
|
||||||
*.json
|
*.json
|
||||||
26
Generated/torrc.tmpl
Normal file
26
Generated/torrc.tmpl
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
{{ $CurrentContainer := where $ "ID" .Docker.CurrentContainerID | first }}
|
||||||
|
|
||||||
|
{{ range $name, $containers := groupByMulti $ "Env.HIDDENSERVICE_NAME" "," }}
|
||||||
|
# For the hidden service {{ $name }}
|
||||||
|
HiddenServiceDir /var/lib/tor/hidden_services/{{ $name }}
|
||||||
|
{{ range $container := $containers }}
|
||||||
|
{{ range $knownNetwork := $CurrentContainer.Networks }}
|
||||||
|
{{ range $containerNetwork := $container.Networks }}
|
||||||
|
{{ if eq $knownNetwork.Name $containerNetwork.Name }}
|
||||||
|
{{ $containerOrReverseProxyName := coalesce $container.Env.HIDDENSERVICE_REVERSEPROXY $container.Name }}
|
||||||
|
|
||||||
|
{{ range $reverseProxyContainer := where $ "Name" $containerOrReverseProxyName }}
|
||||||
|
{{ range $containerNetwork := where $reverseProxyContainer.Networks "Name" $knownNetwork.Name }}
|
||||||
|
{{ $port := coalesce $container.Env.HIDDENSERVICE_PORT "80" }}
|
||||||
|
{{ $virtualPort := coalesce $container.Env.HIDDENSERVICE_VIRTUAL_PORT $port }}
|
||||||
|
{{ if ne $containerNetwork.IP "" }}
|
||||||
|
# Redirecting to {{ $containerOrReverseProxyName }}
|
||||||
|
HiddenServicePort {{ $virtualPort }} {{ $containerNetwork.IP }}:{{ $port }}
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
@@ -216,8 +216,27 @@ upstream {{ $upstream_name }} {
|
|||||||
{{ end }}
|
{{ end }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
{{ $hiddenReverseProxy := trim (or (first (groupByKeys $containers "Env.HIDDENSERVICE_REVERSEPROXY")) "") }}
|
||||||
|
{{ if (eq $hiddenReverseProxy "nginx")}}
|
||||||
|
{{ $hiddenHostName := trim (or (first (groupByKeys $containers "Env.HIDDENSERVICE_NAME")) "") }}
|
||||||
|
{{ $onionHost := read (printf "/var/lib/tor/hidden_services/%s/hostname" $hiddenHostName) }}
|
||||||
|
{{ if ne $onionHost "" }}
|
||||||
|
server {
|
||||||
|
server_name {{ trim $onionHost }};
|
||||||
|
listen nginx:80 ;
|
||||||
|
access_log /var/log/nginx/access.log vhost;
|
||||||
|
location / {
|
||||||
|
proxy_pass http://{{ trim $upstream_name }};
|
||||||
|
}
|
||||||
|
{{ template "redirects" (dict "HostName" $host_name "Containers" $) }}
|
||||||
|
}
|
||||||
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
{{ range $host, $containers := groupByMulti $containers "Env.VIRTUAL_HOST" "," }}
|
{{ range $host, $containers := groupByMulti $containers "Env.VIRTUAL_HOST" "," }}
|
||||||
{{ $host := trim $host }}
|
{{ $host := trim $host }}
|
||||||
|
{{ if ne $host "" }}
|
||||||
{{ $default_host := or ($.Env.DEFAULT_HOST) "" }}
|
{{ $default_host := or ($.Env.DEFAULT_HOST) "" }}
|
||||||
{{ $default_server := index (dict $host "" $default_host "default_server") $host }}
|
{{ $default_server := index (dict $host "" $default_host "default_server") $host }}
|
||||||
|
|
||||||
@@ -424,7 +443,7 @@ server {
|
|||||||
ssl_certificate_key /etc/nginx/certs/default.key;
|
ssl_certificate_key /etc/nginx/certs/default.key;
|
||||||
}
|
}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
|
{{ end }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
{{ end }}
|
{{ end }}
|
||||||
119
docker-compose-generator/docker-fragments/opt-add-tor.yml
Normal file
119
docker-compose-generator/docker-fragments/opt-add-tor.yml
Normal file
@@ -0,0 +1,119 @@
|
|||||||
|
version: "3"
|
||||||
|
|
||||||
|
services:
|
||||||
|
|
||||||
|
btcpayserver:
|
||||||
|
environment:
|
||||||
|
HIDDENSERVICE_NAME: BTCPayServer
|
||||||
|
HIDDENSERVICE_REVERSEPROXY: nginx
|
||||||
|
BTCPAY_TORRCFILE: /usr/local/etc/tor/torrc-2
|
||||||
|
BTCPAY_SOCKSENDPOINT: tor:9050
|
||||||
|
volumes:
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
- "tor_torrcdir:/usr/local/etc/tor/"
|
||||||
|
|
||||||
|
woocommerce:
|
||||||
|
environment:
|
||||||
|
HIDDENSERVICE_NAME: WooCommerce
|
||||||
|
WOOCOMMERCE_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/WooCommerce/hostname
|
||||||
|
volumes:
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
|
||||||
|
bitcoind:
|
||||||
|
environment:
|
||||||
|
BITCOIN_EXTRA_ARGS: |
|
||||||
|
onion=tor:9050
|
||||||
|
volumes:
|
||||||
|
- "tor_datadir:/home/tor/.tor"
|
||||||
|
links:
|
||||||
|
- tor
|
||||||
|
|
||||||
|
nginx:
|
||||||
|
volumes:
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
nginx-gen:
|
||||||
|
volumes:
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
|
||||||
|
tor:
|
||||||
|
restart: unless-stopped
|
||||||
|
image: btcpayserver/tor:0.3.5.8
|
||||||
|
container_name: tor
|
||||||
|
environment:
|
||||||
|
TOR_PASSWORD: btcpayserver
|
||||||
|
TOR_ADDITIONAL_CONFIG: /usr/local/etc/tor/torrc-2
|
||||||
|
TOR_EXTRA_ARGS: |
|
||||||
|
CookieAuthentication 1
|
||||||
|
expose:
|
||||||
|
- "9050" # SOCKS
|
||||||
|
- "9051" # Tor Control
|
||||||
|
volumes:
|
||||||
|
- "tor_datadir:/home/tor/.tor"
|
||||||
|
- "tor_torrcdir:/usr/local/etc/tor"
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
|
||||||
|
clightning_bitcoin:
|
||||||
|
environment:
|
||||||
|
HIDDENSERVICE_NAME: c-lightning
|
||||||
|
HIDDENSERVICE_PORT: 9735
|
||||||
|
LIGHTNINGD_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/c-lightning/hostname
|
||||||
|
LIGHTNINGD_OPT: |
|
||||||
|
proxy=tor:9050
|
||||||
|
volumes:
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
links:
|
||||||
|
- tor
|
||||||
|
clightning_litecoin:
|
||||||
|
environment:
|
||||||
|
HIDDENSERVICE_NAME: c-lightning-ltc
|
||||||
|
HIDDENSERVICE_PORT: 9736
|
||||||
|
LIGHTNINGD_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/c-lightning-ltc/hostname
|
||||||
|
LIGHTNINGD_OPT: |
|
||||||
|
proxy=tor:9050
|
||||||
|
volumes:
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
links:
|
||||||
|
- tor
|
||||||
|
|
||||||
|
tor-gen:
|
||||||
|
restart: unless-stopped
|
||||||
|
image: btcpayserver/docker-gen:0.7.5
|
||||||
|
container_name: tor-gen
|
||||||
|
volumes:
|
||||||
|
- "/var/run/docker.sock:/tmp/docker.sock:ro"
|
||||||
|
- "./torrc.tmpl:/etc/docker-gen/templates/torrc.tmpl:ro"
|
||||||
|
- "tor_torrcdir:/usr/local/etc/tor"
|
||||||
|
entrypoint: /usr/local/bin/docker-gen -notify-sighup tor -watch -wait 5s:30s /etc/docker-gen/templates/torrc.tmpl /usr/local/etc/tor/torrc-2
|
||||||
|
links:
|
||||||
|
- tor
|
||||||
|
|
||||||
|
lnd_bitcoin:
|
||||||
|
environment:
|
||||||
|
HIDDENSERVICE_NAME: lnd
|
||||||
|
HIDDENSERVICE_PORT: 9735
|
||||||
|
LND_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/lnd/hostname
|
||||||
|
LND_EXTRA_ARGS: |
|
||||||
|
tor.socks=tor:9050
|
||||||
|
links:
|
||||||
|
- tor
|
||||||
|
volumes:
|
||||||
|
- "tor_datadir:/home/tor/.tor"
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
|
||||||
|
lnd_litecoin:
|
||||||
|
environment:
|
||||||
|
HIDDENSERVICE_NAME: lnd-ltc
|
||||||
|
HIDDENSERVICE_PORT: 9736
|
||||||
|
LND_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/lnd-ltc/hostname
|
||||||
|
LND_EXTRA_ARGS: |
|
||||||
|
tor.socks=tor:9050
|
||||||
|
links:
|
||||||
|
- tor
|
||||||
|
volumes:
|
||||||
|
- "tor_datadir:/home/tor/.tor"
|
||||||
|
- "tor_servicesdir:/var/lib/tor/hidden_services"
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
tor_datadir:
|
||||||
|
tor_torrcdir:
|
||||||
|
tor_servicesdir:
|
||||||
@@ -2,7 +2,7 @@ version: '3'
|
|||||||
|
|
||||||
services:
|
services:
|
||||||
woocommerce:
|
woocommerce:
|
||||||
image: btcpayserver/docker-woocommerce:3.0.5
|
image: btcpayserver/docker-woocommerce:3.0.6-2
|
||||||
environment:
|
environment:
|
||||||
WOOCOMMERCE_HOST: ${WOOCOMMERCE_HOST}
|
WOOCOMMERCE_HOST: ${WOOCOMMERCE_HOST}
|
||||||
WORDPRESS_DB_HOST: mariadb
|
WORDPRESS_DB_HOST: mariadb
|
||||||
|
|||||||
Reference in New Issue
Block a user