Refactor Tor to subprocess mode, enabled by default (v0.46.1)
Some checks failed
Go / build-and-release (push) Has been cancelled
Some checks failed
Go / build-and-release (push) Has been cancelled
- Spawn tor binary as subprocess instead of requiring external daemon - Auto-generate torrc in $ORLY_DATA_DIR/tor/ (userspace, no root) - Enable Tor by default; gracefully disable if tor binary not found - Add ORLY_TOR_BINARY and ORLY_TOR_SOCKS config options - Remove external Tor setup scripts and documentation Files modified: - app/config/config.go: New subprocess-based Tor config options - app/main.go: Updated Tor initialization for new config - pkg/tor/service.go: Rewritten for subprocess management - Removed: deploy/orly-tor.service, docs/TOR_SETUP.md, scripts/tor-*.sh 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
woikos
@@ -1,217 +0,0 @@
|
||||
#!/bin/bash
|
||||
# tor-dev-setup.sh - Development Tor hidden service setup for ORLY relay
|
||||
#
|
||||
# This script sets up a user-space Tor hidden service for local development.
|
||||
# No root privileges required (except for initial Tor installation).
|
||||
#
|
||||
# Usage: ./scripts/tor-dev-setup.sh [port]
|
||||
# port: internal port ORLY listens on for Tor traffic (default: 3336)
|
||||
#
|
||||
# After running this script:
|
||||
# 1. Start ORLY with: ORLY_TOR_ENABLED=true ORLY_TOR_HS_DIR=~/.tor/orly-dev ./orly
|
||||
# 2. Connect via Tor Browser to the .onion address
|
||||
|
||||
set -e
|
||||
|
||||
# Configuration
|
||||
TOR_PORT="${1:-3336}"
|
||||
TOR_DATA_DIR="${HOME}/.tor/orly-dev"
|
||||
TOR_CONFIG="${TOR_DATA_DIR}/torrc"
|
||||
TOR_PID_FILE="${TOR_DATA_DIR}/tor.pid"
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
BLUE='\033[0;34m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
info() { echo -e "${GREEN}[INFO]${NC} $1"; }
|
||||
warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
|
||||
error() { echo -e "${RED}[ERROR]${NC} $1"; exit 1; }
|
||||
debug() { echo -e "${BLUE}[DEBUG]${NC} $1"; }
|
||||
|
||||
# Check if Tor is installed
|
||||
check_tor() {
|
||||
if ! command -v tor &> /dev/null; then
|
||||
error "Tor is not installed. Please install it first:
|
||||
Debian/Ubuntu: sudo apt install tor
|
||||
Arch: sudo pacman -S tor
|
||||
macOS: brew install tor
|
||||
Fedora: sudo dnf install tor"
|
||||
fi
|
||||
info "Tor is installed: $(tor --version | head -1)"
|
||||
}
|
||||
|
||||
# Create directory structure
|
||||
setup_dirs() {
|
||||
info "Creating directory structure..."
|
||||
|
||||
mkdir -p "${TOR_DATA_DIR}"
|
||||
mkdir -p "${TOR_DATA_DIR}/hidden_service"
|
||||
chmod 700 "${TOR_DATA_DIR}"
|
||||
chmod 700 "${TOR_DATA_DIR}/hidden_service"
|
||||
|
||||
info "Directory created: ${TOR_DATA_DIR}"
|
||||
}
|
||||
|
||||
# Create Tor configuration
|
||||
create_config() {
|
||||
info "Creating Tor configuration..."
|
||||
|
||||
cat > "$TOR_CONFIG" << EOF
|
||||
# ORLY Development Tor Configuration
|
||||
# Generated by tor-dev-setup.sh on $(date)
|
||||
|
||||
# Data directory
|
||||
DataDirectory ${TOR_DATA_DIR}/data
|
||||
|
||||
# Run in background
|
||||
RunAsDaemon 1
|
||||
PidFile ${TOR_PID_FILE}
|
||||
|
||||
# SOCKS proxy for outgoing connections (optional, for testing)
|
||||
SocksPort 9150
|
||||
|
||||
# Hidden service for ORLY relay
|
||||
HiddenServiceDir ${TOR_DATA_DIR}/hidden_service/
|
||||
HiddenServicePort 80 127.0.0.1:${TOR_PORT}
|
||||
|
||||
# Logging
|
||||
Log notice file ${TOR_DATA_DIR}/tor.log
|
||||
EOF
|
||||
|
||||
chmod 600 "$TOR_CONFIG"
|
||||
info "Configuration created: ${TOR_CONFIG}"
|
||||
}
|
||||
|
||||
# Stop existing Tor instance
|
||||
stop_tor() {
|
||||
if [ -f "$TOR_PID_FILE" ]; then
|
||||
PID=$(cat "$TOR_PID_FILE" 2>/dev/null)
|
||||
if [ -n "$PID" ] && kill -0 "$PID" 2>/dev/null; then
|
||||
info "Stopping existing Tor instance (PID: $PID)..."
|
||||
kill "$PID" 2>/dev/null || true
|
||||
sleep 2
|
||||
fi
|
||||
rm -f "$TOR_PID_FILE"
|
||||
fi
|
||||
}
|
||||
|
||||
# Start Tor
|
||||
start_tor() {
|
||||
info "Starting Tor..."
|
||||
|
||||
# Ensure data directory exists
|
||||
mkdir -p "${TOR_DATA_DIR}/data"
|
||||
|
||||
# Start Tor with our config
|
||||
tor -f "$TOR_CONFIG" 2>&1 | head -20 &
|
||||
|
||||
# Wait for Tor to bootstrap
|
||||
info "Waiting for Tor to connect to the network..."
|
||||
|
||||
for i in {1..60}; do
|
||||
if [ -f "${TOR_DATA_DIR}/hidden_service/hostname" ]; then
|
||||
ONION_ADDR=$(cat "${TOR_DATA_DIR}/hidden_service/hostname")
|
||||
if [ -n "$ONION_ADDR" ]; then
|
||||
break
|
||||
fi
|
||||
fi
|
||||
|
||||
# Check if Tor is still running
|
||||
if [ -f "$TOR_PID_FILE" ]; then
|
||||
PID=$(cat "$TOR_PID_FILE")
|
||||
if ! kill -0 "$PID" 2>/dev/null; then
|
||||
error "Tor process died. Check ${TOR_DATA_DIR}/tor.log"
|
||||
fi
|
||||
fi
|
||||
|
||||
sleep 1
|
||||
echo -n "."
|
||||
done
|
||||
echo ""
|
||||
|
||||
if [ -f "${TOR_DATA_DIR}/hidden_service/hostname" ]; then
|
||||
ONION_ADDR=$(cat "${TOR_DATA_DIR}/hidden_service/hostname")
|
||||
info "Tor started successfully"
|
||||
echo ""
|
||||
echo -e "${GREEN}======================================${NC}"
|
||||
echo -e "${GREEN}Hidden Service Address:${NC}"
|
||||
echo -e "${YELLOW}${ONION_ADDR}${NC}"
|
||||
echo -e "${GREEN}======================================${NC}"
|
||||
echo ""
|
||||
else
|
||||
warn "Tor started but hidden service not ready yet"
|
||||
warn "Check: tail -f ${TOR_DATA_DIR}/tor.log"
|
||||
fi
|
||||
}
|
||||
|
||||
# Print usage instructions
|
||||
print_instructions() {
|
||||
echo ""
|
||||
info "Development Tor setup complete!"
|
||||
echo ""
|
||||
echo " To start ORLY with Tor:"
|
||||
echo -e " ${BLUE}ORLY_TOR_ENABLED=true ORLY_TOR_HS_DIR=${TOR_DATA_DIR}/hidden_service ./orly${NC}"
|
||||
echo ""
|
||||
echo " To view the .onion address:"
|
||||
echo -e " ${BLUE}cat ${TOR_DATA_DIR}/hidden_service/hostname${NC}"
|
||||
echo ""
|
||||
echo " To view Tor logs:"
|
||||
echo -e " ${BLUE}tail -f ${TOR_DATA_DIR}/tor.log${NC}"
|
||||
echo ""
|
||||
echo " To stop Tor:"
|
||||
echo -e " ${BLUE}kill \$(cat ${TOR_PID_FILE})${NC}"
|
||||
echo ""
|
||||
echo " To restart Tor:"
|
||||
echo -e " ${BLUE}./scripts/tor-dev-setup.sh${NC}"
|
||||
echo ""
|
||||
}
|
||||
|
||||
# Status command
|
||||
status() {
|
||||
if [ -f "$TOR_PID_FILE" ]; then
|
||||
PID=$(cat "$TOR_PID_FILE")
|
||||
if kill -0 "$PID" 2>/dev/null; then
|
||||
info "Tor is running (PID: $PID)"
|
||||
if [ -f "${TOR_DATA_DIR}/hidden_service/hostname" ]; then
|
||||
ONION_ADDR=$(cat "${TOR_DATA_DIR}/hidden_service/hostname")
|
||||
echo -e " Address: ${YELLOW}${ONION_ADDR}${NC}"
|
||||
fi
|
||||
return 0
|
||||
fi
|
||||
fi
|
||||
warn "Tor is not running"
|
||||
return 1
|
||||
}
|
||||
|
||||
# Main
|
||||
main() {
|
||||
case "${1:-}" in
|
||||
status)
|
||||
status
|
||||
exit $?
|
||||
;;
|
||||
stop)
|
||||
stop_tor
|
||||
info "Tor stopped"
|
||||
exit 0
|
||||
;;
|
||||
*)
|
||||
;;
|
||||
esac
|
||||
|
||||
info "ORLY Development Tor Setup"
|
||||
info "Internal port: ${TOR_PORT}"
|
||||
echo ""
|
||||
|
||||
check_tor
|
||||
setup_dirs
|
||||
stop_tor
|
||||
create_config
|
||||
start_tor
|
||||
print_instructions
|
||||
}
|
||||
|
||||
main "$@"
|
||||
@@ -1,197 +0,0 @@
|
||||
#!/bin/bash
|
||||
# tor-setup.sh - Production Tor hidden service setup for ORLY relay
|
||||
#
|
||||
# This script installs Tor and configures a hidden service for the relay.
|
||||
# The .onion address will be automatically detected by ORLY.
|
||||
#
|
||||
# Usage: sudo ./scripts/tor-setup.sh [port]
|
||||
# port: internal port ORLY listens on for Tor traffic (default: 3336)
|
||||
#
|
||||
# Requirements:
|
||||
# - Root privileges (for installing packages and configuring Tor)
|
||||
# - Systemd-based Linux distribution
|
||||
#
|
||||
# After running this script:
|
||||
# 1. Start ORLY with: ORLY_TOR_ENABLED=true ORLY_TOR_HS_DIR=/var/lib/tor/orly-relay ./orly
|
||||
# 2. The .onion address will appear in logs and NIP-11
|
||||
|
||||
set -e
|
||||
|
||||
# Configuration
|
||||
TOR_PORT="${1:-3336}"
|
||||
HS_NAME="orly-relay"
|
||||
HS_DIR="/var/lib/tor/${HS_NAME}"
|
||||
|
||||
# Colors for output
|
||||
RED='\033[0;31m'
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
NC='\033[0m' # No Color
|
||||
|
||||
info() { echo -e "${GREEN}[INFO]${NC} $1"; }
|
||||
warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
|
||||
error() { echo -e "${RED}[ERROR]${NC} $1"; exit 1; }
|
||||
|
||||
# Check if running as root
|
||||
if [ "$EUID" -ne 0 ]; then
|
||||
error "Please run as root: sudo $0"
|
||||
fi
|
||||
|
||||
# Detect package manager and install Tor
|
||||
install_tor() {
|
||||
info "Installing Tor..."
|
||||
|
||||
if command -v apt-get &> /dev/null; then
|
||||
# Debian/Ubuntu
|
||||
apt-get update
|
||||
apt-get install -y tor
|
||||
elif command -v dnf &> /dev/null; then
|
||||
# Fedora/RHEL
|
||||
dnf install -y tor
|
||||
elif command -v pacman &> /dev/null; then
|
||||
# Arch Linux
|
||||
pacman -Sy --noconfirm tor
|
||||
elif command -v apk &> /dev/null; then
|
||||
# Alpine
|
||||
apk add tor
|
||||
elif command -v brew &> /dev/null; then
|
||||
# macOS (run as user, not root)
|
||||
brew install tor
|
||||
else
|
||||
error "Unsupported package manager. Please install Tor manually."
|
||||
fi
|
||||
|
||||
info "Tor installed successfully"
|
||||
}
|
||||
|
||||
# Configure hidden service
|
||||
configure_tor() {
|
||||
info "Configuring Tor hidden service..."
|
||||
|
||||
TORRC="/etc/tor/torrc"
|
||||
|
||||
# Check if hidden service already configured
|
||||
if grep -q "HiddenServiceDir ${HS_DIR}" "$TORRC" 2>/dev/null; then
|
||||
warn "Hidden service already configured in ${TORRC}"
|
||||
return 0
|
||||
fi
|
||||
|
||||
# Backup original torrc
|
||||
if [ -f "$TORRC" ]; then
|
||||
cp "$TORRC" "${TORRC}.backup.$(date +%Y%m%d%H%M%S)"
|
||||
info "Backed up original torrc"
|
||||
fi
|
||||
|
||||
# Add hidden service configuration
|
||||
cat >> "$TORRC" << EOF
|
||||
|
||||
# ORLY Relay Hidden Service
|
||||
# Added by tor-setup.sh on $(date)
|
||||
HiddenServiceDir ${HS_DIR}/
|
||||
HiddenServicePort 80 127.0.0.1:${TOR_PORT}
|
||||
EOF
|
||||
|
||||
info "Hidden service configured: ${HS_DIR}"
|
||||
}
|
||||
|
||||
# Set permissions
|
||||
set_permissions() {
|
||||
info "Setting directory permissions..."
|
||||
|
||||
# Create hidden service directory if it doesn't exist
|
||||
mkdir -p "$HS_DIR"
|
||||
|
||||
# Set correct ownership (debian-tor on Debian/Ubuntu, tor on others)
|
||||
if id "debian-tor" &>/dev/null; then
|
||||
chown -R debian-tor:debian-tor "$HS_DIR"
|
||||
elif id "tor" &>/dev/null; then
|
||||
chown -R tor:tor "$HS_DIR"
|
||||
fi
|
||||
|
||||
chmod 700 "$HS_DIR"
|
||||
|
||||
info "Permissions set"
|
||||
}
|
||||
|
||||
# Restart Tor service
|
||||
restart_tor() {
|
||||
info "Restarting Tor service..."
|
||||
|
||||
if command -v systemctl &> /dev/null; then
|
||||
systemctl enable tor
|
||||
systemctl restart tor
|
||||
elif command -v service &> /dev/null; then
|
||||
service tor restart
|
||||
else
|
||||
warn "Could not restart Tor. Please restart manually."
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Wait for Tor to create the hostname file
|
||||
info "Waiting for hidden service to initialize..."
|
||||
for i in {1..30}; do
|
||||
if [ -f "${HS_DIR}/hostname" ]; then
|
||||
break
|
||||
fi
|
||||
sleep 1
|
||||
done
|
||||
|
||||
if [ -f "${HS_DIR}/hostname" ]; then
|
||||
ONION_ADDR=$(cat "${HS_DIR}/hostname")
|
||||
info "Tor service started successfully"
|
||||
echo ""
|
||||
echo -e "${GREEN}======================================${NC}"
|
||||
echo -e "${GREEN}Hidden Service Address:${NC}"
|
||||
echo -e "${YELLOW}${ONION_ADDR}${NC}"
|
||||
echo -e "${GREEN}======================================${NC}"
|
||||
echo ""
|
||||
else
|
||||
warn "Tor started but hostname file not yet created"
|
||||
warn "Check: ls -la ${HS_DIR}/"
|
||||
fi
|
||||
}
|
||||
|
||||
# Print usage instructions
|
||||
print_instructions() {
|
||||
echo ""
|
||||
info "Setup complete! To enable Tor in ORLY:"
|
||||
echo ""
|
||||
echo " Option 1 - Environment variables:"
|
||||
echo " export ORLY_TOR_ENABLED=true"
|
||||
echo " export ORLY_TOR_HS_DIR=${HS_DIR}"
|
||||
echo " export ORLY_TOR_PORT=${TOR_PORT}"
|
||||
echo " ./orly"
|
||||
echo ""
|
||||
echo " Option 2 - Command line:"
|
||||
echo " ORLY_TOR_ENABLED=true ORLY_TOR_HS_DIR=${HS_DIR} ./orly"
|
||||
echo ""
|
||||
echo " The .onion address will automatically appear in NIP-11 relay info."
|
||||
echo ""
|
||||
echo " To view the .onion address:"
|
||||
echo " cat ${HS_DIR}/hostname"
|
||||
echo ""
|
||||
echo " To check Tor status:"
|
||||
echo " systemctl status tor"
|
||||
echo ""
|
||||
}
|
||||
|
||||
# Main
|
||||
main() {
|
||||
info "ORLY Tor Hidden Service Setup"
|
||||
info "Internal port: ${TOR_PORT}"
|
||||
echo ""
|
||||
|
||||
# Check if Tor is already installed
|
||||
if ! command -v tor &> /dev/null; then
|
||||
install_tor
|
||||
else
|
||||
info "Tor is already installed"
|
||||
fi
|
||||
|
||||
configure_tor
|
||||
set_permissions
|
||||
restart_tor
|
||||
print_instructions
|
||||
}
|
||||
|
||||
main
|
||||
Reference in New Issue
Block a user