Merge branch 'feature/tor'

Generated/.gitignore

@@ -1,4 +1,4 @@
 *.yml
-*.tmpl
+nginx.tmpl
 *.toml
 *.json

Generated/torrc.tmpl

@@ -0,0 +1,30 @@
+{{ $CurrentContainer := where $ "ID" .Docker.CurrentContainerID | first }}
+
+{{ range $name, $containers := groupByMulti $ "Env.HIDDENSERVICE_NAME" "," }}
+{{ $firstServicePort := true }}
+{{ range $container := $containers }}
+	{{ range $knownNetwork := $CurrentContainer.Networks }}
+		{{ range $containerNetwork := $container.Networks }}
+			{{ if eq $knownNetwork.Name $containerNetwork.Name }}
+			    {{ $containerOrReverseProxyName := coalesce $container.Env.HIDDENSERVICE_REVERSEPROXY $container.Name }}
+
+				{{ range $reverseProxyContainer := where $ "Name" $containerOrReverseProxyName }}
+					{{ range $containerNetwork := where $reverseProxyContainer.Networks "Name" $knownNetwork.Name }}
+						{{ $port := coalesce $container.Env.HIDDENSERVICE_PORT "80" }}
+						{{ $virtualPort := coalesce $container.Env.HIDDENSERVICE_VIRTUAL_PORT $port }}
+						{{ if ne $containerNetwork.IP "" }}
+							{{ if $firstServicePort }}
+# For the hidden service {{ $name }}
+HiddenServiceDir /var/lib/tor/hidden_services/{{ $name }}
+								{{ $firstServicePort := false }}
+							{{ end }}
+# Redirecting to {{ $containerOrReverseProxyName }}
+HiddenServicePort {{ $virtualPort }} {{ $containerNetwork.IP }}:{{ $port }}
+						{{ end }}
+					{{ end }}
+				{{ end }}
+			{{ end }}
+		{{ end }}
+	{{ end }}
+{{ end }}
+{{ end }}

Production/nginx.tmpl

@@ -216,8 +216,27 @@ upstream {{ $upstream_name }} {
 	{{ end }}
 {{ end }}
 }
+
+{{ $hiddenReverseProxy := trim (or (first (groupByKeys $containers "Env.HIDDENSERVICE_REVERSEPROXY")) "") }}
+{{ if (eq $hiddenReverseProxy "nginx")}}
+	{{ $hiddenHostName := trim (or (first (groupByKeys $containers "Env.HIDDENSERVICE_NAME")) "") }}
+	{{ $onionHost := read (printf "/var/lib/tor/hidden_services/%s/hostname" $hiddenHostName) }}
+	{{ if ne $onionHost "" }}
+server {
+	server_name {{ trim $onionHost }};
+	listen nginx:80 ;
+	access_log /var/log/nginx/access.log vhost;
+	location / {
+		proxy_pass http://{{ trim $upstream_name }};
+	}
+	{{ template "redirects" (dict "HostName" $host_name "Containers" $) }}
+}
+	{{ end }}
+{{ end }}
+
 {{ range $host, $containers := groupByMulti $containers "Env.VIRTUAL_HOST" "," }}
 {{ $host := trim $host }}
+{{ if ne $host "" }}
 {{ $default_host := or ($.Env.DEFAULT_HOST) "" }}
 {{ $default_server := index (dict $host "" $default_host "default_server") $host }}
 
@@ -424,7 +443,7 @@ server {
 	ssl_certificate_key /etc/nginx/certs/default.key;
 }
 {{ end }}
-
+{{ end }}
 {{ end }}
 {{ end }}
 {{ end }}

btcpay-setup.sh

@@ -74,11 +74,11 @@ if [ "$1" != "-i" ]; then
     return
 fi
 
-if [ -z "$BTCPAY_HOST" ]; then
+if [ -z "$BTCPAYGEN_CRYPTO1" ]; then
     if [ -f "/etc/profile.d/btcpay-env.sh" ]; then
         echo "This script must be run as root after running \"sudo su -\""
     else
-        echo "BTCPAY_HOST should not be empty"
+        echo "BTCPAYGEN_CRYPTO1 should not be empty"
     fi
     return
 fi
@@ -129,7 +129,7 @@ if [[ -f "$BTCPAY_HOST_SSHKEYFILE" ]]; then
     done
 fi
 
-if [[ "$BTCPAYGEN_REVERSEPROXY" == "nginx" ]]; then
+if [[ "$BTCPAYGEN_REVERSEPROXY" == "nginx" ]] && [[ "$BTCPAY_HOST" ]]; then
     DOMAIN_NAME="$(echo "$BTCPAY_HOST" | grep -P '(?=^.{4,253}$)(^(?:[a-zA-Z0-9](?:(?:[a-zA-Z0-9\-]){0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$)')"
     if [[ ! "$DOMAIN_NAME" ]]; then
         echo "BTCPAYGEN_REVERSEPROXY is set to nginx, so BTCPAY_HOST must be a domain name which point to this server (with port 80 and 443 open), but the current value of BTCPAY_HOST ('$BTCPAY_HOST') is not a valid domain name."

docker-compose-generator/docker-fragments/opt-add-tor.yml

@@ -0,0 +1,119 @@
+version: "3"
+
+services:
+
+  btcpayserver:
+    environment:
+      HIDDENSERVICE_NAME: BTCPayServer
+      HIDDENSERVICE_REVERSEPROXY: nginx
+      BTCPAY_TORRCFILE: /usr/local/etc/tor/torrc-2
+      BTCPAY_SOCKSENDPOINT: tor:9050
+    volumes:
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+      - "tor_torrcdir:/usr/local/etc/tor/"
+
+  woocommerce:
+    environment:
+      HIDDENSERVICE_NAME: WooCommerce
+      WOOCOMMERCE_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/WooCommerce/hostname
+    volumes:
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+
+  bitcoind:
+    environment:
+      BITCOIN_EXTRA_ARGS: |
+        onion=tor:9050
+    volumes:
+    - "tor_datadir:/home/tor/.tor"
+    links:
+    - tor
+
+  nginx:
+    volumes:
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+  nginx-gen:
+    volumes:
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+
+  tor:
+    restart: unless-stopped
+    image: btcpayserver/tor:0.3.5.8
+    container_name: tor
+    environment:
+      TOR_PASSWORD: btcpayserver
+      TOR_ADDITIONAL_CONFIG: /usr/local/etc/tor/torrc-2
+      TOR_EXTRA_ARGS: |
+        CookieAuthentication 1
+    expose:
+      - "9050" # SOCKS
+      - "9051" # Tor Control
+    volumes:
+      - "tor_datadir:/home/tor/.tor"
+      - "tor_torrcdir:/usr/local/etc/tor"
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+
+  clightning_bitcoin:
+    environment:
+      HIDDENSERVICE_NAME: c-lightning
+      HIDDENSERVICE_PORT: 9735
+      LIGHTNINGD_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/c-lightning/hostname
+      LIGHTNINGD_OPT: |
+        proxy=tor:9050
+    volumes:
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+    links:
+      - tor
+  clightning_litecoin:
+    environment:
+      HIDDENSERVICE_NAME: c-lightning-ltc
+      HIDDENSERVICE_PORT: 9736
+      LIGHTNINGD_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/c-lightning-ltc/hostname
+      LIGHTNINGD_OPT: |
+        proxy=tor:9050
+    volumes:
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+    links:
+      - tor
+
+  tor-gen:
+    restart: unless-stopped
+    image: btcpayserver/docker-gen:0.7.5
+    container_name: tor-gen
+    volumes:
+      - "/var/run/docker.sock:/tmp/docker.sock:ro"
+      - "./torrc.tmpl:/etc/docker-gen/templates/torrc.tmpl:ro"
+      - "tor_torrcdir:/usr/local/etc/tor"
+    entrypoint: /usr/local/bin/docker-gen -notify-sighup tor -watch -wait 5s:30s /etc/docker-gen/templates/torrc.tmpl /usr/local/etc/tor/torrc-2
+    links:
+      - tor
+
+  lnd_bitcoin:
+    environment:
+      HIDDENSERVICE_NAME: lnd
+      HIDDENSERVICE_PORT: 9735
+      LND_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/lnd/hostname
+      LND_EXTRA_ARGS: |
+        tor.socks=tor:9050
+    links:
+      - tor
+    volumes:
+      - "tor_datadir:/home/tor/.tor"
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+
+  lnd_litecoin:
+    environment:
+      HIDDENSERVICE_NAME: lnd-ltc
+      HIDDENSERVICE_PORT: 9736
+      LND_HIDDENSERVICE_HOSTNAME_FILE: /var/lib/tor/hidden_services/lnd-ltc/hostname
+      LND_EXTRA_ARGS: |
+        tor.socks=tor:9050
+    links:
+      - tor
+    volumes:
+      - "tor_datadir:/home/tor/.tor"
+      - "tor_servicesdir:/var/lib/tor/hidden_services"
+
+volumes:
+    tor_datadir:
+    tor_torrcdir:
+    tor_servicesdir:

docker-compose-generator/docker-fragments/opt-add-woocommerce.yml

@@ -2,7 +2,7 @@ version: '3'
 
 services:
   woocommerce:
-    image: btcpayserver/docker-woocommerce:3.0.5
+    image: btcpayserver/docker-woocommerce:3.0.6-2
     environment:
       WOOCOMMERCE_HOST: ${WOOCOMMERCE_HOST}
       WORDPRESS_DB_HOST: mariadb