Run proxy and control port on Umbrel Tor

3 years ago · 17014579ee
5 changed files with 28 additions and 29 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,30 +1,29 @@
 version: '3.7'

 services:
-        umbrel_tor:
+        tor:
+                container_name: tor
                image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c
                user: toruser
                restart: on-failure
                volumes:
                    - ${PWD}/tor/torrc-umbrel:/etc/tor/torrc
                    - ${PWD}/tor/data:/var/lib/tor/
+                ports:
+                  - "127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT"
                networks:
                    default:
-                        ipv4_address: $UMBREL_TOR_IP
-        tor:
-                container_name: tor
+                        ipv4_address: $TOR_PROXY_IP
+        app_tor:
                image: lncm/tor:0.4.5.7@sha256:a83e0d9fd1a35adf025f2f34237ec1810e2a59765988dce1dfb222ca8ef6583c
                user: toruser
                restart: on-failure
                volumes:
-                    - ${PWD}/tor/torrc:/etc/tor/torrc
+                    - ${PWD}/tor/torrc-apps:/etc/tor/torrc
                    - ${PWD}/tor/data:/var/lib/tor/
-                    - ${PWD}/tor/run:/var/run/tor/
-                ports:
-                  - "127.0.0.1:$TOR_PROXY_PORT:$TOR_PROXY_PORT"
                networks:
                    default:
-                        ipv4_address: $TOR_PROXY_IP
+                        ipv4_address: $APPS_TOR_IP
        nginx:
                container_name: nginx
                image: nginx:1.17.8@sha256:380eb808e2a3b0dd954f92c1cae2f845e6558a15037efefcabc5b4e03d666d03
--- a/scripts/configure
+++ b/scripts/configure
@ -71,7 +71,7 @@ echo
 NGINX_CONF_FILE="./templates/nginx.conf"
 BITCOIN_CONF_FILE="./templates/bitcoin.conf"
 LND_CONF_FILE="./templates/lnd.conf"
-TOR_CONF_FILE="./templates/torrc"
+APPS_TOR_CONF_FILE="./templates/torrc-apps"
 UMBREL_TOR_CONF_FILE="./templates/torrc-umbrel"
 ELECTRS_CONF_FILE="./templates/electrs.toml"
 ENV_FILE="./templates/.env"
@ -81,7 +81,7 @@ ENV_FILE="./templates/.env"
 [[ -f "$NGINX_CONF_FILE" ]] && rm -f "$NGINX_CONF_FILE"
 [[ -f "$BITCOIN_CONF_FILE" ]] && rm -f "$BITCOIN_CONF_FILE"
 [[ -f "$LND_CONF_FILE" ]] && rm -f "$LND_CONF_FILE"
-[[ -f "$TOR_CONF_FILE" ]] && rm -f "$TOR_CONF_FILE"
+[[ -f "$APPS_TOR_CONF_FILE" ]] && rm -f "$APPS_TOR_CONF_FILE"
 [[ -f "$UMBREL_TOR_CONF_FILE" ]] && rm -f "$UMBREL_TOR_CONF_FILE"
 [[ -f "$ELECTRS_CONF_FILE" ]] && rm -f "$ELECTRS_CONF_FILE"
 [[ -f "$ENV_FILE" ]] && rm -f "$ENV_FILE"
@ -90,7 +90,7 @@ ENV_FILE="./templates/.env"
 [[ -f "./templates/nginx-sample.conf" ]] && cp "./templates/nginx-sample.conf" "$NGINX_CONF_FILE"
 [[ -f "./templates/bitcoin-sample.conf" ]] && cp "./templates/bitcoin-sample.conf" "$BITCOIN_CONF_FILE"
 [[ -f "./templates/lnd-sample.conf" ]] && cp "./templates/lnd-sample.conf" "$LND_CONF_FILE"
-[[ -f "./templates/torrc-sample" ]] && cp "./templates/torrc-sample" "$TOR_CONF_FILE"
+[[ -f "./templates/torrc-apps-sample" ]] && cp "./templates/torrc-apps-sample" "$APPS_TOR_CONF_FILE"
 [[ -f "./templates/torrc-umbrel-sample" ]] && cp "./templates/torrc-umbrel-sample" "$UMBREL_TOR_CONF_FILE"
 [[ -f "./templates/electrs-sample.toml" ]] && cp "./templates/electrs-sample.toml" "$ELECTRS_CONF_FILE"
 [[ -f "./templates/.env-sample" ]] && cp "./templates/.env-sample" "$ENV_FILE"
@ -125,7 +125,7 @@ LND_REST_PORT="8080"
 ELECTRUM_IP="10.21.21.10"
 ELECTRUM_PORT="50001"
 TOR_PROXY_IP="10.21.21.11"
-UMBREL_TOR_IP="10.21.21.47"
+APPS_TOR_IP="10.21.21.47"
 TOR_PROXY_PORT="9050"

 # Apps
@ -247,8 +247,8 @@ fi
 # Update RPC, P2P and ZMQ Ports
 sed -i "s/rpcport=<port>/rpcport=$BITCOIN_RPC_PORT/g;" "$BITCOIN_CONF_FILE"
 sed -i "s/port=<port>/port=$BITCOIN_P2P_PORT/g;" "$BITCOIN_CONF_FILE"
-sed -i "s/<bitcoin-rpc-port>/$BITCOIN_RPC_PORT/g;" "$TOR_CONF_FILE"
-sed -i "s/<bitcoin-p2p-port>/$BITCOIN_P2P_PORT/g;" "$TOR_CONF_FILE"
+sed -i "s/<bitcoin-rpc-port>/$BITCOIN_RPC_PORT/g;" "$APPS_TOR_CONF_FILE"
+sed -i "s/<bitcoin-p2p-port>/$BITCOIN_P2P_PORT/g;" "$APPS_TOR_CONF_FILE"
 sed -i "/daemon_rpc_addr/s/<port>/$BITCOIN_RPC_PORT/g;" "$ELECTRS_CONF_FILE"
 sed -i "s/BITCOIN_RPC_PORT=<port>/BITCOIN_RPC_PORT=$BITCOIN_RPC_PORT/g;" "$ENV_FILE"
 sed -i "s/BITCOIN_P2P_PORT=<port>/BITCOIN_P2P_PORT=$BITCOIN_P2P_PORT/g;" "$ENV_FILE"
@ -267,7 +267,7 @@ sed -i "s/BITCOIN_RPC_PASS=<password>/BITCOIN_RPC_PASS=$BITCOIN_RPC_PASS/g;" "$E
 sed -i "s/BITCOIN_NETWORK=<network>/BITCOIN_NETWORK=$BITCOIN_NETWORK/g;" "$ENV_FILE"

 # Add Tor password
-sed -i "s/HashedControlPassword <password>/HashedControlPassword $TOR_HASHED_PASSWORD/g;" "$TOR_CONF_FILE"
+sed -i "s/HashedControlPassword <password>/HashedControlPassword $TOR_HASHED_PASSWORD/g;" "$APPS_TOR_CONF_FILE"
 sed -i "s/torpassword=<password>/torpassword=$TOR_PASSWORD/g;" "$BITCOIN_CONF_FILE"
 sed -i "s/tor.password=<password>/tor.password=$TOR_PASSWORD/g;" "$LND_CONF_FILE"
 sed -i "s/TOR_PASSWORD=<password>/TOR_PASSWORD=$TOR_PASSWORD/g;" "$ENV_FILE"
@ -314,7 +314,7 @@ for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" "
  sed -i "s/<electrum-port>/${ELECTRUM_PORT}/g" "${template}"
  sed -i "s/<tor-proxy-ip>/${TOR_PROXY_IP}/g" "${template}"
  sed -i "s/<tor-proxy-port>/${TOR_PROXY_PORT}/g" "${template}"
-  sed -i "s/<umbrel-tor-ip>/${UMBREL_TOR_IP}/g" "${template}"
+  sed -i "s/<apps-tor-ip>/${APPS_TOR_IP}/g" "${template}"
  sed -i "s/<zmq-rawblock-port>/${BITCOIN_ZMQ_RAWBLOCK_PORT}/g;" "${template}"
  sed -i "s/<zmq-rawtx-port>/${BITCOIN_ZMQ_RAWTX_PORT}/g;" "${template}"
  sed -i "s/<zmq-hashblock-port>/${BITCOIN_ZMQ_HASHBLOCK_PORT}/g;" "${template}"
@ -388,7 +388,7 @@ done

 mv -f "$NGINX_CONF_FILE" "./nginx/nginx.conf"
 mv -f "$BITCOIN_CONF_FILE" "./bitcoin/bitcoin.conf"
-mv -f "$TOR_CONF_FILE" "./tor/torrc"
+mv -f "$APPS_TOR_CONF_FILE" "./tor/torrc-apps"
 mv -f "$UMBREL_TOR_CONF_FILE" "./tor/torrc-umbrel"
 mv -f "$ELECTRS_CONF_FILE" "./electrs/electrs.toml"
 mv -f "$ENV_FILE" "./.env"
--- a/templates/.env-sample
+++ b/templates/.env-sample
@ -26,7 +26,7 @@ TOR_PROXY_IP=<tor-proxy-ip>
 TOR_PROXY_PORT=<tor-proxy-port>
 TOR_PASSWORD=<password>
 TOR_HASHED_PASSWORD=<password>
-UMBREL_TOR_IP=<umbrel-tor-ip>
+APPS_TOR_IP=<apps-tor-ip>
 DOCKER_BINARY=<path>

 # Apps
--- a/templates/torrc-apps-sample
+++ b/templates/torrc-apps-sample
@ -1,11 +1,3 @@
-# Warning: it's not recommended to modify these files directly. Any
-# modifications you make can break the functionality of your umbrel. These files
-# are automatically reset with every Umbrel update.
-
-# Bind only to "<tor-proxy-ip>" which is the tor IP within the container
-SocksPort   <tor-proxy-ip>:<tor-proxy-port>
-ControlPort <tor-proxy-ip>:29051
-
 # Apps

 # btc-rpc-explorer Hidden Service
@ -104,5 +96,3 @@ HiddenServicePort 80 <app-vaultwarden-ip>:<app-vaultwarden-port>
 # code-server Hidden Service
 HiddenServiceDir /var/lib/tor/app-code-server
 HiddenServicePort 80 <app-code-server-ip>:8080
-
-HashedControlPassword <password>
--- a/templates/torrc-umbrel-sample
+++ b/templates/torrc-umbrel-sample
@ -1,3 +1,11 @@
+# Warning: it's not recommended to modify these files directly. Any
+# modifications you make can break the functionality of your umbrel. These files
+# are automatically reset with every Umbrel update.
+
+# Bind only to "<tor-proxy-ip>" which is the tor IP within the container
+SocksPort   <tor-proxy-ip>:<tor-proxy-port>
+ControlPort <tor-proxy-ip>:29051
+
 # Umbrel

 # Dashboard Hidden Service
@ -23,3 +31,5 @@ HiddenServicePort <lnd-rest-port> <lnd-ip>:<lnd-rest-port>
 # LND gRPC Hidden Service
 HiddenServiceDir /var/lib/tor/lnd-grpc
 HiddenServicePort <lnd-grpc-port> <lnd-ip>:<lnd-grpc-port>
+
+HashedControlPassword <password>