diff --git a/Dockerfile b/Dockerfile index c8e93527..546152db 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,30 +1,28 @@ -FROM python:3.7 +FROM python -USER root - -RUN mkdir /app -WORKDIR /app - -ENV PORT=8080 -EXPOSE 8080 +#Base settings +ENV HOME /root #Install needed packages -RUN apt-get update && apt-get install -y tor locales +RUN apt update && apt install -y tor locales RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \ locale-gen -ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8 +ENV LANG en_US.UTF-8 +ENV LANGUAGE en_US:en +ENV LC_ALL en_US.UTF-8 -ADD ./requirements.txt /app/requirements.txt +WORKDIR /srv/ +ADD ./requirements.txt /srv/requirements.txt RUN pip3 install --require-hashes -r requirements.txt +WORKDIR /root/ #Add Onionr source -COPY . /app/ +COPY . /root/ +VOLUME /root/data/ -VOLUME /app/data/ +#Set upstart command +CMD bash -#Default to running as nonprivileged user -RUN chmod g=u -R /app -USER 1000 - -CMD ["bash", "./onionr.sh"] +#Expose ports +EXPOSE 8080 diff --git a/README.md b/README.md index 86d265b3..5eea66c5 100644 --- a/README.md +++ b/README.md @@ -70,7 +70,7 @@ Not yet usable: ## Watch the talk from BSidesPDX 2019 - + improving anonymous networking talk link diff --git a/requirements.in b/requirements.in index ea5f0c18..c23dec08 100644 --- a/requirements.in +++ b/requirements.in @@ -12,5 +12,5 @@ toomanyobjs==1.1.0 niceware==0.2.1 psutil==5.7.3 filenuke==0.0.0 -watchdog==1.0.1 +watchdog==0.10.4 ujson==4.0.1 diff --git a/requirements.txt b/requirements.txt index 759f221a..ffedc92c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -141,6 +141,9 @@ niceware==0.2.1 \ --hash=sha256:0f8b192f2a1e800e068474f6e208be9c7e2857664b33a96f4045340de4e5c69c \ --hash=sha256:cf2dc0e1567d36d067c61b32fed0f1b9c4534ed511f9eeead4ba548d03b5c9eb \ # via -r requirements.in +pathtools==0.1.2 \ + --hash=sha256:7c35c5421a39bb82e58018febd90e3b6e5db34c5443aaaf742b3f33d4655f1c0 \ + # via watchdog psutil==5.7.3 \ --hash=sha256:01bc82813fbc3ea304914581954979e637bcc7084e59ac904d870d6eb8bb2bc7 \ --hash=sha256:1cd6a0c9fb35ece2ccf2d1dd733c1e165b342604c67454fd56a4c12e0a106787 \ @@ -229,8 +232,8 @@ urllib3==1.25.11 \ --hash=sha256:8d7eaa5a82a1cac232164990f04874c594c9453ec55eef02eab885aa02fc17a2 \ --hash=sha256:f5321fbe4bf3fefa0efd0bfe7fb14e90909eb62a48ccda331726b4319897dd5e \ # via -r requirements.in, requests -watchdog==1.0.1 \ - --hash=sha256:78ea5d78f2cf8e4d6343ab2cbed93bb47b7a85b1c2f90a1dea365226bbab68ac \ +watchdog==0.10.4 \ + --hash=sha256:e38bffc89b15bafe2a131f0e1c74924cf07dcec020c2e0a26cccd208831fcd43 \ # via -r requirements.in werkzeug==0.15.5 \ --hash=sha256:87ae4e5b5366da2347eb3116c0e6c681a0e939a33b2805e2c0cbd282664932c4 \ diff --git a/run-onionr-node.py b/run-onionr-node.py index 15fd581e..2c8f3431 100755 --- a/run-onionr-node.py +++ b/run-onionr-node.py @@ -55,12 +55,6 @@ def show_info(p: Process): parser = argparse.ArgumentParser() -parser.add_argument( - "--bind-address", help="Address to bind to. Be very careful with non-loopback", - type=str, default="") -parser.add_argument( - "--port", help="Port to bind to, must be available and possible", - type=int, default=0) parser.add_argument( "--use-bootstrap-file", help="Use bootstrap node list file", type=int, default=1) @@ -135,13 +129,6 @@ config['general']['dev_mode'] = False config['general']['store_plaintext_blocks'] = True config['general']['use_bootstrap_list'] = True config['transports']['tor'] = True -config['general']['bind_port'] = 0 # client api server port -config['general']['bind_address'] = '' # client api server address - -if args.bind_address: - config['general']['bind_address'] = args.bind_address -if args.port: - config['client']['client']['port'] = args.port if not args.use_bootstrap_file: config['general']['use_bootstrap_list'] = False diff --git a/src/apiservers/private/__init__.py b/src/apiservers/private/__init__.py index 657c30b7..3bc0df3a 100644 --- a/src/apiservers/private/__init__.py +++ b/src/apiservers/private/__init__.py @@ -50,20 +50,13 @@ class PrivateAPI: self.startTime = epoch.get_epoch() app = flask.Flask(__name__) - - bind_port = int(config.get('client.client.port', 59496)) self.bindPort = bind_port self.clientToken = config.get('client.webpassword') - if config.get('general.bind_address'): - with open(private_API_host_file, 'w') as bindFile: - bindFile.write(config.get('general.bind_address')) - self.host = config.get('general.bind_address') - else: - self.host = httpapi.apiutils.setbindip.set_bind_IP( - private_API_host_file) + self.host = httpapi.apiutils.setbindip.set_bind_IP( + private_API_host_file) logger.info('Running api on %s:%s' % (self.host, self.bindPort)) self.httpServer = '' diff --git a/static-data/default_config.json b/static-data/default_config.json index dcad2e50..2a788eb3 100755 --- a/static-data/default_config.json +++ b/static-data/default_config.json @@ -8,7 +8,6 @@ "general": { "allow_public_api_dns_rebinding": false, "announce_node": true, - "bind_address": "", "dev_mode": false, "display_header": true, "ephemeral_tunnels": false, diff --git a/tests/test_default_config_json.py b/tests/test_default_config_json.py index 2678b13c..b50db4b2 100644 --- a/tests/test_default_config_json.py +++ b/tests/test_default_config_json.py @@ -24,7 +24,6 @@ class OnionrConfig(unittest.TestCase): self.assertEqual(conf['allocations']['disk'], 1073741824) self.assertEqual(conf['allocations']['disk'], 1073741824) self.assertEqual(conf['general']['announce_node'], True) - self.assertEqual(conf['general']['bind_address'], '') self.assertEqual(conf['general']['dev_mode'], False) self.assertEqual(conf['general']['display_header'], True) self.assertEqual(conf['general']['ephemeral_tunnels'], False)