mleku/next.orly.dev
1
0
Fork 1
Code Issues 5 Pull Requests Actions 2 Packages Projects Releases Wiki Activity
Files
25d087697e3c5263349fa34ec867d8576d5606b2
next.orly.dev/scripts/tor-setup.sh
woikos 25d087697e
Some checks failed
Go / build-and-release (push) Has been cancelled
Details
Add Tor hidden service support and fallback relay profile fetching (v0.46.0) 
- Add pkg/tor package for Tor hidden service integration
- Add Tor config options: ORLY_TOR_ENABLED, ORLY_TOR_PORT, ORLY_TOR_HS_DIR, ORLY_TOR_ONION_ADDRESS
- Extend NIP-11 relay info with addresses field for .onion URLs
- Add fallback relays (Damus, nos.lol, nostr.band, purplepag.es) for profile lookups
- Refactor profile fetching to try local relay first, then fallback relays
- Add Tor setup documentation and deployment scripts

Files modified:
- app/config/config.go: Add Tor configuration options
- app/handle-relayinfo.go: Add ExtendedRelayInfo with addresses field
- app/main.go: Initialize and manage Tor service lifecycle
- app/server.go: Add torService field to Server struct
- app/web/src/constants.js: Add FALLBACK_RELAYS
- app/web/src/nostr.js: Add fallback relay profile fetching
- pkg/tor/: New package for Tor hidden service management
- docs/TOR_SETUP.md: Documentation for Tor configuration
- deploy/orly-tor.service: Systemd service for Tor integration
- scripts/tor-*.sh: Setup scripts for Tor development and production

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-03 05:50:03 +01:00

198 lines
5.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# tor-setup.sh - Production Tor hidden service setup for ORLY relay
#
# This script installs Tor and configures a hidden service for the relay.
# The .onion address will be automatically detected by ORLY.
#
# Usage: sudo ./scripts/tor-setup.sh [port]
# port: internal port ORLY listens on for Tor traffic (default: 3336)
#
# Requirements:
# - Root privileges (for installing packages and configuring Tor)
# - Systemd-based Linux distribution
#
# After running this script:
# 1. Start ORLY with: ORLY_TOR_ENABLED=true ORLY_TOR_HS_DIR=/var/lib/tor/orly-relay ./orly
# 2. The .onion address will appear in logs and NIP-11
set -e
# Configuration
TOR_PORT="${1:-3336}"
HS_NAME="orly-relay"
HS_DIR="/var/lib/tor/${HS_NAME}"
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
info() { echo -e "${GREEN}[INFO]${NC} $1"; }
warn() { echo -e "${YELLOW}[WARN]${NC} $1"; }
error() { echo -e "${RED}[ERROR]${NC} $1"; exit 1; }
# Check if running as root
if [ "$EUID" -ne 0 ]; then
error "Please run as root: sudo $0"
fi
# Detect package manager and install Tor
install_tor() {
info "Installing Tor..."
if command -v apt-get &> /dev/null; then
# Debian/Ubuntu
apt-get update
apt-get install -y tor
elif command -v dnf &> /dev/null; then
# Fedora/RHEL
dnf install -y tor
elif command -v pacman &> /dev/null; then
# Arch Linux
pacman -Sy --noconfirm tor
elif command -v apk &> /dev/null; then
# Alpine
apk add tor
elif command -v brew &> /dev/null; then
# macOS (run as user, not root)
brew install tor
else
error "Unsupported package manager. Please install Tor manually."
fi
info "Tor installed successfully"
}
# Configure hidden service
configure_tor() {
info "Configuring Tor hidden service..."
TORRC="/etc/tor/torrc"
# Check if hidden service already configured
if grep -q "HiddenServiceDir ${HS_DIR}" "$TORRC" 2>/dev/null; then
warn "Hidden service already configured in ${TORRC}"
return 0
fi
# Backup original torrc
if [ -f "$TORRC" ]; then
cp "$TORRC" "${TORRC}.backup.$(date +%Y%m%d%H%M%S)"
info "Backed up original torrc"
fi
# Add hidden service configuration
cat >> "$TORRC" << EOF
# ORLY Relay Hidden Service
# Added by tor-setup.sh on $(date)
HiddenServiceDir ${HS_DIR}/
HiddenServicePort 80 127.0.0.1:${TOR_PORT}
EOF
info "Hidden service configured: ${HS_DIR}"
}
# Set permissions
set_permissions() {
info "Setting directory permissions..."
# Create hidden service directory if it doesn't exist
mkdir -p "$HS_DIR"
# Set correct ownership (debian-tor on Debian/Ubuntu, tor on others)
if id "debian-tor" &>/dev/null; then
chown -R debian-tor:debian-tor "$HS_DIR"
elif id "tor" &>/dev/null; then
chown -R tor:tor "$HS_DIR"
fi
chmod 700 "$HS_DIR"
info "Permissions set"
}
# Restart Tor service
restart_tor() {
info "Restarting Tor service..."
if command -v systemctl &> /dev/null; then
systemctl enable tor
systemctl restart tor
elif command -v service &> /dev/null; then
service tor restart
else
warn "Could not restart Tor. Please restart manually."
return 1
fi
# Wait for Tor to create the hostname file
info "Waiting for hidden service to initialize..."
for i in {1..30}; do
if [ -f "${HS_DIR}/hostname" ]; then
break
fi
sleep 1
done
if [ -f "${HS_DIR}/hostname" ]; then
ONION_ADDR=$(cat "${HS_DIR}/hostname")
info "Tor service started successfully"
echo ""
echo -e "${GREEN}======================================${NC}"
echo -e "${GREEN}Hidden Service Address:${NC}"
echo -e "${YELLOW}${ONION_ADDR}${NC}"
echo -e "${GREEN}======================================${NC}"
echo ""
else
warn "Tor started but hostname file not yet created"
warn "Check: ls -la ${HS_DIR}/"
fi
}
# Print usage instructions
print_instructions() {
echo ""
info "Setup complete! To enable Tor in ORLY:"
echo ""
echo " Option 1 - Environment variables:"
echo " export ORLY_TOR_ENABLED=true"
echo " export ORLY_TOR_HS_DIR=${HS_DIR}"
echo " export ORLY_TOR_PORT=${TOR_PORT}"
echo " ./orly"
echo ""
echo " Option 2 - Command line:"
echo " ORLY_TOR_ENABLED=true ORLY_TOR_HS_DIR=${HS_DIR} ./orly"
echo ""
echo " The .onion address will automatically appear in NIP-11 relay info."
echo ""
echo " To view the .onion address:"
echo " cat ${HS_DIR}/hostname"
echo ""
echo " To check Tor status:"
echo " systemctl status tor"
echo ""
}
# Main
main() {
info "ORLY Tor Hidden Service Setup"
info "Internal port: ${TOR_PORT}"
echo ""
# Check if Tor is already installed
if ! command -v tor &> /dev/null; then
install_tor
else
info "Tor is already installed"
fi
configure_tor
set_permissions
restart_tor
print_instructions
}
main
Reference in New Issue View Git Blame Copy Permalink