Compare commits
No commits in common. "docker" and "master" have entirely different histories.
|
@ -1,6 +1,3 @@
|
||||||
onionr/data/**/*
|
onionr/data/**/*
|
||||||
onionr/data
|
onionr/data
|
||||||
MY-RUN.sh
|
MY-RUN.sh
|
||||||
Dockerfile
|
|
||||||
.dockerignore
|
|
||||||
.git
|
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
FROM python:3.7
|
FROM python:3.7
|
||||||
EXPOSE 8080
|
|
||||||
|
|
||||||
USER root
|
USER root
|
||||||
|
|
||||||
RUN mkdir /app
|
RUN mkdir /app
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
ENV ONIONR_DOCKER=true
|
ENV PORT=8080
|
||||||
|
EXPOSE 8080
|
||||||
|
|
||||||
#Install needed packages
|
#Install needed packages
|
||||||
RUN apt-get update && apt-get install -y tor locales
|
RUN apt-get update && apt-get install -y tor locales
|
||||||
|
@ -26,6 +26,5 @@ VOLUME /app/data/
|
||||||
#Default to running as nonprivileged user
|
#Default to running as nonprivileged user
|
||||||
RUN chmod g=u -R /app
|
RUN chmod g=u -R /app
|
||||||
USER 1000
|
USER 1000
|
||||||
ENV HOME=/app
|
|
||||||
|
|
||||||
CMD ["bash", "./run-onionr-node.sh"]
|
CMD ["bash", "./onionr.sh"]
|
||||||
|
|
|
@ -1,51 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
set -x
|
|
||||||
ORIG_ONIONR_RUN_DIR=`pwd`
|
|
||||||
export ORIG_ONIONR_RUN_DIR
|
|
||||||
cd "$(dirname "$0")"
|
|
||||||
|
|
||||||
if [[ -n "$ONIONR_DOCKER" ]]; then
|
|
||||||
[[ -f "/privkey" ]] && privkey_opt="--private-key /privkey"
|
|
||||||
[[ -n "$ONIONR_ONBOARDING" ]] || ONIONR_ONBOARDING=0
|
|
||||||
[[ -n "$ONIONR_OPEN_UI" ]] || ONIONR_OPEN_UI=0
|
|
||||||
[[ -n "$ONIONR_RANDOM_LOCALHOST_IP" ]] || ONIONR_RANDOM_LOCALHOST_IP=0
|
|
||||||
[[ -n "$ONIONR_BIND_ADDRESS" ]] || ONIONR_BIND_ADDRESS=0.0.0.0
|
|
||||||
[[ -n "$ONIONR_PORT" ]] || ONIONR_PORT=8080
|
|
||||||
fi
|
|
||||||
|
|
||||||
[[ -n "$ONIONR_PRIVATE_KEY_FILE" ]] && privkey_opt="--private-key $ONIONR_PRIVATE_KEY_FILE"
|
|
||||||
[[ -n "$ONIONR_USE_BOOTSTRAP_FILE" ]] && bootstrap_opt="--use-bootstrap-file $ONIONR_USE_BOOTSTRAP_FILE"
|
|
||||||
[[ -n "$ONIONR_SHOW_STATS" ]] && show_stats_opt="--show-stats $ONIONR_SHOW_STATS"
|
|
||||||
[[ -n "$ONIONR_ONBOARDING" ]] && onboarding_opt="--onboarding $ONIONR_ONBOARDING"
|
|
||||||
[[ -n "$ONIONR_SECURITY_LEVEL" ]] && security_level_opt="--security-level $ONIONR_SECURITY_LEVEL"
|
|
||||||
[[ -n "$ONIONR_OPEN_UI" ]] && open_ui_opt="--open-ui $ONIONR_OPEN_UI"
|
|
||||||
[[ -n "$ONIONR_RANDOM_LOCALHOST_IP" ]] && random_localhost_ip_opt="--random-localhost-ip $ONIONR_RANDOM_LOCALHOST_IP"
|
|
||||||
[[ -n "$ONIONR_USE_TOR" ]] && use_tor_opt="--use-tor $ONIONR_USE_TOR"
|
|
||||||
[[ -n "$ONIONR_ANIMATED_BACKGROUND" ]] && animated_background_opt="--animated-background $ONIONR_ANIMATED_BACKGROUND"
|
|
||||||
[[ -n "$ONIONR_KEEP_LOG" ]] && keep_log_opt="--keep-log-on-exit $ONIONR_KEEP_LOG"
|
|
||||||
[[ -n "$ONIONR_USE_UPLOAD_MIXING" ]] && use_upload_mixing_opt="--use-upload-mixing $ONIONR_USE_UPLOAD_MIXING"
|
|
||||||
[[ -n "$ONIONR_DEV_MODE" ]] && dev_mode_opt="--dev-mode $ONIONR_DEV_MODE"
|
|
||||||
[[ -n "$ONIONR_DISABLE_PLUGIN_LIST" ]] && disable_plugin_list_opt=" --disable-plugin-list $ONIONR_DISABLE_PLUGIN_LIST"
|
|
||||||
[[ -n "$ONIONR_STORE_PLAINTEXT" ]] && store_plaintext_opt="--store-plaintext $ONIONR_STORE_PLAINTEXT"
|
|
||||||
[[ -n "$ONIONR_BIND_ADDRESS" ]] && bind_address_opt="--bind-address $ONIONR_BIND_ADDRESS"
|
|
||||||
[[ -n "$ONIONR_PORT" ]] && port_opt="--port $ONIONR_PORT"
|
|
||||||
|
|
||||||
|
|
||||||
python3 run-onionr-node.py \
|
|
||||||
$privkey_opt \
|
|
||||||
$bootstrap_opt \
|
|
||||||
$show_stats_opt \
|
|
||||||
$onboarding_opt \
|
|
||||||
$security_level_opt \
|
|
||||||
$open_ui_opt \
|
|
||||||
$random_localhost_ip_opt \
|
|
||||||
$use_tor_opt \
|
|
||||||
$animated_background_opt \
|
|
||||||
$keep_log_opt \
|
|
||||||
$use_upload_mixing_opt \
|
|
||||||
$dev_mode_opt \
|
|
||||||
$disable_plugin_list_opt \
|
|
||||||
$store_plaintext_opt \
|
|
||||||
$bind_address_opt \
|
|
||||||
$port_opt \
|
|
||||||
"$@"
|
|
|
@ -4,6 +4,8 @@ Create required Onionr directories
|
||||||
"""
|
"""
|
||||||
import os
|
import os
|
||||||
import stat
|
import stat
|
||||||
|
from pwd import getpwuid
|
||||||
|
from getpass import getuser
|
||||||
|
|
||||||
from . import identifyhome
|
from . import identifyhome
|
||||||
import filepaths
|
import filepaths
|
||||||
|
@ -25,6 +27,10 @@ import onionrexceptions
|
||||||
home = identifyhome.identify_home()
|
home = identifyhome.identify_home()
|
||||||
|
|
||||||
|
|
||||||
|
def find_owner(filename):
|
||||||
|
return getpwuid(os.stat(filename).st_uid).pw_name
|
||||||
|
|
||||||
|
|
||||||
def create_dirs():
|
def create_dirs():
|
||||||
"""Create onionr data-related directories in
|
"""Create onionr data-related directories in
|
||||||
order of the hardcoded list below,
|
order of the hardcoded list below,
|
||||||
|
@ -35,7 +41,7 @@ def create_dirs():
|
||||||
if not os.path.exists(path):
|
if not os.path.exists(path):
|
||||||
os.makedirs(path)
|
os.makedirs(path)
|
||||||
else:
|
else:
|
||||||
if os.getuid() != os.stat(path).st_uid:
|
if getuser() != find_owner(path):
|
||||||
raise onionrexceptions.InsecureDirectoryUsage(
|
raise onionrexceptions.InsecureDirectoryUsage(
|
||||||
"Directory " + path +
|
"Directory " + path +
|
||||||
" already exists and is not owned by the same user")
|
" already exists and is not owned by the same user")
|
||||||
|
@ -48,4 +54,4 @@ def create_dirs():
|
||||||
try:
|
try:
|
||||||
db()
|
db()
|
||||||
except FileExistsError:
|
except FileExistsError:
|
||||||
pass
|
pass
|
Loading…
Reference in New Issue