ATOR-173 - Add anon client and control socket

anyone-protocol · Feb 28, 2024 · 5d9d538 · 5d9d538
1 parent be55179
commit 5d9d538
Show file tree

Hide file tree

Showing 8 changed files with 51 additions and 20 deletions.
diff --git a/docker/destination/Dockerfile b/docker/destination/Dockerfile
@@ -4,6 +4,4 @@ WORKDIR /app/destination
 
 COPY docker-entrypoint.sh /app/destination
 
-#COPY default.conf /etc/nginx/conf.d/default.conf
-
 ENTRYPOINT [ "sh", "docker-entrypoint.sh" ]
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
@@ -5,12 +5,11 @@ services:
     restart: always
     volumes:
       - ./scanner/.sbws.ini:/root/.sbws.ini
-      - ./scanner/data/:/app/scanner/data
+      - ./scanner/anonrc:/etc/anon/anonrc
   sbws-destination:
     image: sbws-destination
     restart: always
     ports:
       - "8888:80"
     volumes:
       - ./destination/default.conf:/etc/nginx/conf.d/default.conf
-      - ./destination/data/:/app/destination/data
diff --git a/docker/scanner/.sbws.ini b/docker/scanner/.sbws.ini
@@ -56,3 +56,8 @@ country = ZZ
 
 # To disable certificate validation, uncomment the following
 # verify = False
+
+[tor]
+control_socket = /var/lib/anon/control
+;external_control_host = 127.0.0.1
+;external_control_port = 9051
diff --git a/docker/scanner/Dockerfile b/docker/scanner/Dockerfile
@@ -15,4 +15,12 @@ RUN cd temp && ls -la && \
     cd .. && \
     rm -rf temp
 
+RUN apt-get -y update && \
+    apt-get -y install wget apt-transport-https && \
+    . /etc/os-release && \
+    wget -qO- https://deb.dmz.ator.dev/anon.asc | tee /etc/apt/trusted.gpg.d/anon.asc && \
+    echo "deb [signed-by=/etc/apt/trusted.gpg.d/anon.asc] https://deb.dmz.ator.dev anon-dev-$VERSION_CODENAME main" > /etc/apt/sources.list.d/anon.list && \
+    apt-get -y update && \
+    apt-get -y install anon
+
 ENTRYPOINT [ "sh", "docker-entrypoint.sh" ]
diff --git a/docker/scanner/anonrc b/docker/scanner/anonrc
@@ -0,0 +1,5 @@
+User debian-anon
+DataDirectory /var/lib/anon
+ControlSocket /var/lib/anon/control
+Nickname AnonSBWS
+FetchUselessDescriptors 1
diff --git a/docker/scanner/docker-entrypoint.sh b/docker/scanner/docker-entrypoint.sh
@@ -1,6 +1,8 @@
-mkdir -p /app/scanner/data/logs
+anon
 
-crontab -l | { cat; echo "*/5 * * * * sbws generate >> /app/scanner/data/logs/generate.log  2>&1"; } | crontab -
-crontab -l | { cat; echo "30  0 * * * sbws cleanup >> /app/scanner/data/logs/cleanup.log  2>&1"; } | crontab -
-
-cron -f
+#mkdir -p /app/scanner/data/logs
+#
+#crontab -l | { cat; echo "*/5 * * * * sbws generate >> /app/scanner/data/logs/generate.log  2>&1"; } | crontab -
+#crontab -l | { cat; echo "30  0 * * * sbws cleanup >> /app/scanner/data/logs/cleanup.log  2>&1"; } | crontab -
+#
+#cron -f
diff --git a/operations/deploy-dev.hcl b/operations/deploy-dev.hcl
@@ -15,7 +15,7 @@ job "sbws-dev" {
     network {
 #      mode = "bridge"
       port "http-port" {
-        static = 9000
+        static = 8888
         to     = 80
 #        host_network = "wireguard"
       }
@@ -43,7 +43,7 @@ job "sbws-dev" {
         image   = "svforte/sbws-scanner:latest-dev"
         volumes = [
           "local/.sbws.ini:/root/.sbws.ini:ro",
-          "local/data:/app/scanner/data"
+          "local/anonrc:/etc/anon/anonrc:ro"
         ]
       }
 
@@ -76,7 +76,7 @@ foo = on
 
 [destinations.foo]
 # the domain and path to the 1GB file or POST URL.
-url = http://host.docker.internal:8888/1GiB
+url = http://5.78.90.106:8888/1GiB
 # Whether to verify or not the TLS certificate. Default True
 verify = False
 # ISO 3166-1 alpha-2 country code where the Web server destination is located.
@@ -118,6 +118,19 @@ country = ZZ
       }
     }
 
+    template {
+      change_mode = "noop"
+      data        = <<EOH
+User debian-anon
+DataDirectory /var/lib/anon
+ControlSocket /var/lib/anon/control
+Nickname AnonSBWS
+FetchUselessDescriptors 1
+        EOH
+      destination = "local/anonrc"
+    }
+  }
+
     task "sbws-destination-dev-task" {
       driver = "docker"
 

diff --git a/sbws/util/stem.py b/sbws/util/stem.py
@@ -305,14 +305,15 @@ def launch_tor(conf):
 
     torrc = parse_user_torrc_config(torrc, conf["tor"]["extra_lines"])
     # Finally launch Tor
-    try:
-        # If there is already a tor process running with the same control
-        # socket, this will exit here.
-        stem.process.launch_tor_with_config(
-            torrc, init_msg_handler=log.debug, take_ownership=True
-        )
-    except Exception as e:
-        fail_hard("Error trying to launch tor: %s", e)
+    # todo - do not launch own tor (anon)
+    # try:
+    #     # If there is already a tor process running with the same control
+    #     # socket, this will exit here.
+    #     stem.process.launch_tor_with_config(
+    #         torrc, init_msg_handler=log.debug, take_ownership=True
+    #     )
+    # except Exception as e:
+    #     fail_hard("Error trying to launch tor: %s", e)
     log.info("Started own tor.")
     # And return a controller to it
     cont = _init_controller_socket(conf.getpath("tor", "control_socket"))