compose.yaml

@@ -109,18 +109,20 @@ services:
     container_name: tor_service
     build:
       context: tor
+    environment:
+      - USE_TOR=${USE_TOR}
     depends_on:
       - backend
     networks:
       - frontnet
  
   pmb:
-    build:
-      args:
-        GPG_PP: $BUILD_GPG_PP
-      context: pmb-pf
-      dockerfile: Dockerfile
-    #image: site_pmb:latest
+    #build:
+    #  args:
+    #    GPG_PP: $BUILD_GPG_PP
+    #  context: pmb-pf
+    #  dockerfile: Dockerfile
+    image: site_pmb:latest
     expose:
       - "25"
     env_file:

compose.yaml.local

@@ -105,14 +105,24 @@ services:
       - backend
     networks:
       - frontnet
+  hs:
+    container_name: tor_service
+    build:
+      context: tor
+    environment:
+      - USE_TOR=${USE_TOR}
+    depends_on:
+      - backend
+    networks:
+      - frontnet
  
   pmb:
-    #build:
-    #  args:
-    #    GPG_PP: $BUILD_GPG_PP
-    #  context: pmb-pf
-    #  dockerfile: Dockerfile
-    image: site_pmb:latest
+    build:
+      args:
+        GPG_PP: $BUILD_GPG_PP
+      context: pmb-pf
+      dockerfile: Dockerfile
+    #image: site_pmb:latest
     expose:
       - "25"
     env_file:

compose.yaml.prod

@@ -105,14 +105,24 @@ services:
       - backend
     networks:
       - frontnet
+  hs:
+    container_name: tor_service
+    build:
+      context: tor
+    environment:
+      - USE_TOR=${USE_TOR}
+    depends_on:
+      - backend
+    networks:
+      - frontnet
  
   pmb:
-    #build:
-    #  args:
-    #    GPG_PP: $BUILD_GPG_PP
-    #  context: pmb-pf
-    #  dockerfile: Dockerfile
-    image: site_pmb:latest
+    build:
+      args:
+        GPG_PP: $BUILD_GPG_PP
+      context: pmb-pf
+      dockerfile: Dockerfile
+    #image: site_pmb:latest
     expose:
       - "25"
     env_file:

dotenv

@@ -5,23 +5,26 @@ DOTENV_MYSQL_ROOT_PASSWORD=rootp
 DOTENV_MYSQL_GITEA_PASSWORD=giteap
 DOTENV_MYSQL_FLASK_PASSWORD=flaskp
 
-GITEA_MAIL_FROM="git@changeme"
+GITEA_MAIL_FROM="git@e.e"
 
 # Build ARG GPG_PP. May still need to be empty to avoid breakage.
 BUILD_GPG_PP=
 
+# Tor:
+# true/false
+USE_TOR=false
 
 # Backend:
 
-FLASK_SECRET_KEY="changeme"
+FLASK_SECRET_KEY="flaskkey"
 # Inconsequential token: minimal inconvenience if exposed
 FLASK_TOKEN_I=dti
 
 # Consequential token: protect
 FLASK_TOKEN_C=dtc
 
-FLASK_MAIL_FROM="git@changeme"
+FLASK_MAIL_FROM="git@e.e"
 # admin email must be valid send from with mail subsystem
-FLASK_ADMIN_EMAIL="git@changeme"
-FLASK_JWT_PHRASE="jwtphrase"
+FLASK_ADMIN_EMAIL="git@e.e"
+FLASK_JWT_PHRASE="tphrase"
 FLASK_REAL_HOSTNAME="localhost"

tor/Dockerfile

@@ -6,6 +6,7 @@ RUN apt update && apt install -y tor curl
 
 COPY hidden_service /hidden_service
 COPY torrc /etc/tor/torrc
+COPY entrypoint.sh /
 
 RUN chown -R tor /etc/tor
 RUN chown -R tor /hidden_service
@@ -14,5 +15,5 @@ RUN chmod -R go-rwx /hidden_service
 
 USER tor
 
-ENTRYPOINT ["tor"]
+ENTRYPOINT ["/entrypoint.sh"]
 

tor/entrypoint.sh

@@ -0,0 +1,8 @@
+#!/bin/bash
+
+if $USE_TOR ; then
+	echo "@@@@@@@@@@ TOR ENABLED BY ENV"
+	exec tor
+else
+	echo "@@@@@@@@@@ TOR DISABLED BY ENV"
+fi