From 4e948af492ca28a0643914a260cbc45269a3dc7d Mon Sep 17 00:00:00 2001 From: finn Date: Thu, 8 Aug 2024 02:57:33 -0700 Subject: [PATCH] add tor env switch --- compose.yaml | 14 ++++++++------ compose.yaml.local | 24 +++++++++++++++++------- compose.yaml.prod | 24 +++++++++++++++++------- dotenv | 13 ++++++++----- tor/Dockerfile | 3 ++- tor/entrypoint.sh | 8 ++++++++ 6 files changed, 60 insertions(+), 26 deletions(-) create mode 100755 tor/entrypoint.sh diff --git a/compose.yaml b/compose.yaml index d7c3678..4c9c778 100644 --- a/compose.yaml +++ b/compose.yaml @@ -109,18 +109,20 @@ services: container_name: tor_service build: context: tor + environment: + - USE_TOR=${USE_TOR} depends_on: - backend networks: - frontnet pmb: - build: - args: - GPG_PP: $BUILD_GPG_PP - context: pmb-pf - dockerfile: Dockerfile - #image: site_pmb:latest + #build: + # args: + # GPG_PP: $BUILD_GPG_PP + # context: pmb-pf + # dockerfile: Dockerfile + image: site_pmb:latest expose: - "25" env_file: diff --git a/compose.yaml.local b/compose.yaml.local index 884f51e..567274f 100644 --- a/compose.yaml.local +++ b/compose.yaml.local @@ -105,14 +105,24 @@ services: - backend networks: - frontnet - + hs: + container_name: tor_service + build: + context: tor + environment: + - USE_TOR=${USE_TOR} + depends_on: + - backend + networks: + - frontnet + pmb: - #build: - # args: - # GPG_PP: $BUILD_GPG_PP - # context: pmb-pf - # dockerfile: Dockerfile - image: site_pmb:latest + build: + args: + GPG_PP: $BUILD_GPG_PP + context: pmb-pf + dockerfile: Dockerfile + #image: site_pmb:latest expose: - "25" env_file: diff --git a/compose.yaml.prod b/compose.yaml.prod index 30f644c..c537da6 100644 --- a/compose.yaml.prod +++ b/compose.yaml.prod @@ -105,14 +105,24 @@ services: - backend networks: - frontnet - + hs: + container_name: tor_service + build: + context: tor + environment: + - USE_TOR=${USE_TOR} + depends_on: + - backend + networks: + - frontnet + pmb: - #build: - # args: - # GPG_PP: $BUILD_GPG_PP - # context: pmb-pf - # dockerfile: Dockerfile - image: site_pmb:latest + build: + args: + GPG_PP: $BUILD_GPG_PP + context: pmb-pf + dockerfile: Dockerfile + #image: site_pmb:latest expose: - "25" env_file: diff --git a/dotenv b/dotenv index d93dd76..6c95f51 100644 --- a/dotenv +++ b/dotenv @@ -5,23 +5,26 @@ DOTENV_MYSQL_ROOT_PASSWORD=rootp DOTENV_MYSQL_GITEA_PASSWORD=giteap DOTENV_MYSQL_FLASK_PASSWORD=flaskp -GITEA_MAIL_FROM="git@changeme" +GITEA_MAIL_FROM="git@e.e" # Build ARG GPG_PP. May still need to be empty to avoid breakage. BUILD_GPG_PP= +# Tor: +# true/false +USE_TOR=false # Backend: -FLASK_SECRET_KEY="changeme" +FLASK_SECRET_KEY="flaskkey" # Inconsequential token: minimal inconvenience if exposed FLASK_TOKEN_I=dti # Consequential token: protect FLASK_TOKEN_C=dtc -FLASK_MAIL_FROM="git@changeme" +FLASK_MAIL_FROM="git@e.e" # admin email must be valid send from with mail subsystem -FLASK_ADMIN_EMAIL="git@changeme" -FLASK_JWT_PHRASE="jwtphrase" +FLASK_ADMIN_EMAIL="git@e.e" +FLASK_JWT_PHRASE="tphrase" FLASK_REAL_HOSTNAME="localhost" diff --git a/tor/Dockerfile b/tor/Dockerfile index b4dc6fb..88f3c0a 100644 --- a/tor/Dockerfile +++ b/tor/Dockerfile @@ -6,6 +6,7 @@ RUN apt update && apt install -y tor curl COPY hidden_service /hidden_service COPY torrc /etc/tor/torrc +COPY entrypoint.sh / RUN chown -R tor /etc/tor RUN chown -R tor /hidden_service @@ -14,5 +15,5 @@ RUN chmod -R go-rwx /hidden_service USER tor -ENTRYPOINT ["tor"] +ENTRYPOINT ["/entrypoint.sh"] diff --git a/tor/entrypoint.sh b/tor/entrypoint.sh new file mode 100755 index 0000000..eff4933 --- /dev/null +++ b/tor/entrypoint.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +if $USE_TOR ; then + echo "@@@@@@@@@@ TOR ENABLED BY ENV" + exec tor +else + echo "@@@@@@@@@@ TOR DISABLED BY ENV" +fi