From 7f0c91929ff416ccf35d30c4307f3b755ef0219c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Loun=C3=A8s=20Ksouri?= Date: Mon, 16 Aug 2021 20:42:34 +0200 Subject: [PATCH] Update samourai-server app to v1.10.1 (#901) Co-authored-by: Luke Childs --- apps/registry.json | 8 +++---- apps/samourai-server/docker-compose.yml | 20 ++++++++++------ apps/samourai-server/mysql/mysql-dojo.cnf | 3 ++- apps/samourai-server/nginx/connect.conf | 22 ++++++++++++++++++ apps/samourai-server/nginx/connect/index.html | 12 ++++++---- .../nginx/connect/js/conf.template.js | 6 +++-- .../nginx/connect/js/script.js | 23 +++++++++++-------- apps/samourai-server/nginx/mainnet.conf | 8 ------- apps/samourai-server/nginx/nginx.conf | 1 - apps/samourai-server/nginx/testnet.conf | 8 ------- scripts/app | 3 +++ scripts/configure | 6 +++-- scripts/update/01-run.sh | 16 +++++++++++++ templates/.env-sample | 3 ++- templates/torrc-sample | 8 +++++-- 15 files changed, 97 insertions(+), 50 deletions(-) create mode 100644 apps/samourai-server/nginx/connect.conf diff --git a/apps/registry.json b/apps/registry.json index 0d7250f..5ab56c0 100644 --- a/apps/registry.json +++ b/apps/registry.json @@ -271,15 +271,15 @@ "id": "samourai-server", "category": "Wallet Servers", "name": "Samourai Server", - "version": "1.9.0", + "version": "1.10.1", "tagline": "Your private backing server for Samourai Wallet", - "description": "Samourai Server is an exclusive Umbrel app that runs Samourai Dojo and Whirlpool backing servers, and provides you easy step-by-step instructions to connect your Samourai Wallet to them. Samourai Wallet is unrivaled in transaction privacy, but its default configuration is still subject to network level privacy loss.\n\nBy default, Samourai Wallet will connect to its centrally controlled Dojo hosted in Iceland. By hosting your own Samourai Server, you can bypass its servers completely when using Samourai Wallet or Sentinel, and gain total financial sovereignty without any complexity.", + "description": "Samourai Server is an exclusive Umbrel app that runs Samourai Dojo and Whirlpool backing servers, and provides you easy step-by-step instructions to connect your Samourai Wallet to them. Samourai Wallet is unrivaled in transaction privacy, but its default configuration is still subject to network level privacy loss.\n\nBy default, Samourai Wallet will connect to its centrally controlled Dojo hosted in Iceland. By hosting your own Samourai Server, you can bypass its servers completely when using Samourai Wallet or Sentinel, and gain total financial sovereignty without any complexity.\n\nBundles Whirlpool CLI v0.10.11.", "developer": "Samourai", "website": "https://samouraiwallet.com", "dependencies": [ "bitcoind" ], - "repo": "https://github.com/louneskmt/umbrel-samourai-dojo/tree/v1.9.0-umbrel", + "repo": "https://github.com/louneskmt/umbrel-samourai-dojo/tree/v1.10.1-umbrel", "support": "https://t.me/SamouraiWallet", "port": 3005, "gallery": [ @@ -287,7 +287,7 @@ "2.jpg", "3.jpg" ], - "path": "/connect/", + "path": "", "defaultPassword": "" }, { diff --git a/apps/samourai-server/docker-compose.yml b/apps/samourai-server/docker-compose.yml index 3505446..5aa963b 100644 --- a/apps/samourai-server/docker-compose.yml +++ b/apps/samourai-server/docker-compose.yml @@ -22,7 +22,7 @@ services: ipv4_address: $APP_SAMOURAI_SERVER_DB_IP node: - image: louneskmt/dojo-nodejs:1.9.0@sha256:fbef514d55dd848e038f9852e5b5146f18675c7c207e6370fb9f54d0fd6eb6ce + image: louneskmt/dojo-nodejs:1.10.1@sha256:d1460df18df091837718fcd0a6d3850e2f1a4a49da5914a697648c40d5477184 init: true restart: on-failure command: "/home/node/app/wait-for-it.sh db:3306 --timeout=720 --strict -- /home/node/app/restart.sh" @@ -30,9 +30,10 @@ services: environment: # GLOBAL COMMON_BTC_NETWORK: $BITCOIN_NETWORK - DOJO_NODEJS_VERSION_TAG: 1.9.0 - TOR_PROXY_IP: $TOR_PROXY_IP - TOR_PROXY_PORT: $TOR_PROXY_PORT + DOJO_NODEJS_VERSION_TAG: 1.10.1 + NET_DOJO_TOR_IPV4: $TOR_PROXY_IP + NET_DOJO_TOR_PORT: $TOR_PROXY_PORT + NET_DOJO_MYSQL_IPV4: $APP_SAMOURAI_SERVER_DB_IP # MYSQL MYSQL_DATABASE: samourai-main @@ -85,12 +86,13 @@ services: ipv4_address: $APP_SAMOURAI_SERVER_NODE_IP whirlpool: - image: louneskmt/whirlpool:0.10.10@sha256:0914a0784a59819d55605e45b595b2715e5d1ed9b5aa5cd58db0fb068d8f6367 + image: louneskmt/whirlpool:0.10.11@sha256:a7cfb9e287aa5f2e4137a5d2fdddbfd348624e24e7dd7bed7fa0f4e2e22734d5 init: true restart: on-failure user: "1000:1000" command: - "--listen" + - "--cli.apiKey=$SAMOURAI_SERVER_WHIRLPOOL_API_KEY" - "--cli.api.http-enable=true" - "--cli.api.http-port=$APP_SAMOURAI_SERVER_WHIRLPOOL_PORT" - "--cli.tor=true" @@ -120,15 +122,19 @@ services: - ${APP_DATA_DIR}/nginx/wait-for:/wait-for - ${APP_DATA_DIR}/nginx/nginx.conf:/etc/nginx/nginx.conf - ${APP_DATA_DIR}/nginx/${BITCOIN_NETWORK}.conf:/etc/nginx/sites-enabled/dojo.conf + - ${APP_DATA_DIR}/nginx/connect.conf:/etc/nginx/sites-enabled/connect.conf - ${APP_DATA_DIR}/nginx/connect:/var/www/connect environment: COMMON_BTC_NETWORK: $BITCOIN_NETWORK - DOJO_HIDDEN_SERVICE: $APP_HIDDEN_SERVICE + DOJO_LOCAL_PORT: $APP_SAMOURAI_SERVER_DOJO_PORT + DOJO_HIDDEN_SERVICE: $SAMOURAI_SERVER_DOJO_HIDDEN_SERVICE WHIRLPOOL_HIDDEN_SERVICE: $SAMOURAI_SERVER_WHIRLPOOL_HIDDEN_SERVICE NODE_PREFIX_SUPPORT: support NODE_ADMIN_KEY: $SAMOURAI_SERVER_NODE_ADMIN_KEY + WHIRLPOOL_API_KEY: $SAMOURAI_SERVER_WHIRLPOOL_API_KEY ports: - - "$APP_SAMOURAI_SERVER_PORT:80" + - "$APP_SAMOURAI_SERVER_DOJO_PORT:80" + - "$APP_SAMOURAI_SERVER_CONNECT_PORT:8081" depends_on: - node networks: diff --git a/apps/samourai-server/mysql/mysql-dojo.cnf b/apps/samourai-server/mysql/mysql-dojo.cnf index 056d386..8409219 100644 --- a/apps/samourai-server/mysql/mysql-dojo.cnf +++ b/apps/samourai-server/mysql/mysql-dojo.cnf @@ -1,10 +1,11 @@ [mysqld] sql_mode="NO_ENGINE_SUBSTITUTION" +transaction_isolation=READ-COMMITTED performance_schema=off innodb_buffer_pool_size=128M innodb_buffer_pool_chunk_size=16M key_buffer_size=8M tmp_table_size=1M -max_connections=20 +max_connections=80 sort_buffer_size=1M query_cache_size=8M diff --git a/apps/samourai-server/nginx/connect.conf b/apps/samourai-server/nginx/connect.conf new file mode 100644 index 0000000..9cf5a44 --- /dev/null +++ b/apps/samourai-server/nginx/connect.conf @@ -0,0 +1,22 @@ +# Connect UI Configuration +server { + listen 8081; + server_name _; + + root /var/www/connect; + index index.html; + + # Proxy pairing endpoint to dojo api + location /v2/support/pairing { + proxy_pass http://node:8080/support/pairing; + } + + location /test/v2/support/pairing { + proxy_pass http://node:8080/support/pairing; + } + + # Server Connect UI static files + location / { + try_files $uri $uri/ =404; + } +} diff --git a/apps/samourai-server/nginx/connect/index.html b/apps/samourai-server/nginx/connect/index.html index bbbf0da..4d4586c 100644 --- a/apps/samourai-server/nginx/connect/index.html +++ b/apps/samourai-server/nginx/connect/index.html @@ -59,7 +59,7 @@
Advanced

- If you need to access the Dojo Maintenance Tool, click here. + If you need to access the Dojo Maintenance Tool, click here.

Admin key: @@ -76,11 +76,13 @@

  • Install Tor on your computer.
  • Download and install Whirlpool GUI.
    • -
  • Select: Advanced: remote CLI.
    • +
  • Select: “Advanced: remote CLI”.
  • Enter "" (without quotes) in “CLI address”.
  • Tor proxy should now auto enable and set itself to “socks5://127.0.0.1:9050”.
    • -
  • Click connect.
    • +
  • Click “Configure API key?”.
    • +
  • Enter "" (without quotes) in “API key”.
    • +
  • Click “Connect”.
  • Click QR code icon to scan a QR code from Samourai Wallet on your phone.
  • Open Samourai Wallet on your phone.
  • Go Settings > Transactions > Experimental > Pair to Whirlpool GUI. Show the QR code on your @@ -94,8 +96,8 @@

    Note: You'll need to open Whirlpool GUI and re-enter your password to continue mixing after restarting or updating your Umbrel.

    - - + + diff --git a/apps/samourai-server/nginx/connect/js/conf.template.js b/apps/samourai-server/nginx/connect/js/conf.template.js index 0b8f661..a8a38ce 100644 --- a/apps/samourai-server/nginx/connect/js/conf.template.js +++ b/apps/samourai-server/nginx/connect/js/conf.template.js @@ -1,5 +1,7 @@ +var dojoLocalPort = "$DOJO_LOCAL_PORT"; var dojoHiddenService = "$DOJO_HIDDEN_SERVICE"; -var whirlpoolHiddenService = "http://$WHIRLPOOL_HIDDEN_SERVICE"; +var whirlpoolHiddenService = "$WHIRLPOOL_HIDDEN_SERVICE"; var bitcoinNetwork = "$COMMON_BTC_NETWORK"; var dojoAdminKey = "$NODE_ADMIN_KEY"; -var supportPrefix = "$NODE_PREFIX_SUPPORT"; +var whirlpoolApiKey = "$WHIRLPOOL_API_KEY"; +var dojoSupportPrefix = "$NODE_PREFIX_SUPPORT"; diff --git a/apps/samourai-server/nginx/connect/js/script.js b/apps/samourai-server/nginx/connect/js/script.js index cec272a..ed08107 100644 --- a/apps/samourai-server/nginx/connect/js/script.js +++ b/apps/samourai-server/nginx/connect/js/script.js @@ -1,8 +1,16 @@ -document.getElementById('dojo-admin-key').innerText = dojoAdminKey; +let dojoHost = `${window.location.hostname}:${dojoLocalPort}`; +const dojoBaseRoute = bitcoinNetwork == "testnet" ? "test/v2" : "v2"; + +if(window.location.hostname.endsWith(".onion")) { + dojoHost = dojoHiddenService; +} -var baseRoute = bitcoinNetwork == "testnet" ? "test/v2" : "v2"; +document.getElementById('dojo-admin-key').innerText = dojoAdminKey; +document.getElementById('whirlpool-api-key').innerText = whirlpoolApiKey; +document.getElementById('whirlpool-hidden-service').innerText = `http://${whirlpoolHiddenService}`; +document.getElementById('dmt-link').setAttribute("href", `http://${dojoHost}/admin/`); -fetch(`http://${window.location.host}/${baseRoute}/auth/login`, { +fetch(`http://${dojoHost}/${dojoBaseRoute}/auth/login`, { method: 'POST', headers: new Headers({ 'Content-Type': 'application/x-www-form-urlencoded' @@ -11,7 +19,7 @@ fetch(`http://${window.location.host}/${baseRoute}/auth/login`, { }) .then(response => response.json()) .then(data => { - fetch(`http://${window.location.host}/${baseRoute}/${supportPrefix}/pairing`, { + fetch(`http://${window.location.host}/${dojoBaseRoute}/${dojoSupportPrefix}/pairing`, { method: 'GET', headers: new Headers({ 'Authorization': 'Bearer ' + data.authorizations.access_token, @@ -19,9 +27,8 @@ fetch(`http://${window.location.host}/${baseRoute}/auth/login`, { }) }) .then(response => response.json()) - .then(data => { - var pairingInfo = data; - pairingInfo.pairing.url = `http://${dojoHiddenService}/${baseRoute}`; + .then(pairingInfo => { + pairingInfo.pairing.url = `http://${dojoHiddenService}/${dojoBaseRoute}`; const qrcodeSvg = new QRCode({ content: JSON.stringify(pairingInfo), @@ -33,7 +40,5 @@ fetch(`http://${window.location.host}/${baseRoute}/auth/login`, { ecl: "M", }).svg(); document.querySelector('.qr-contents').innerHTML = qrcodeSvg; - - document.getElementById('whirlpool-hidden-service').innerText = `${whirlpoolHiddenService}`; }); }); diff --git a/apps/samourai-server/nginx/mainnet.conf b/apps/samourai-server/nginx/mainnet.conf index ba2ae1b..032011f 100644 --- a/apps/samourai-server/nginx/mainnet.conf +++ b/apps/samourai-server/nginx/mainnet.conf @@ -21,13 +21,6 @@ server { proxy_send_timeout 600; send_timeout 600; - # Connection details page - location /connect { - alias /var/www/connect; - index index.html; - try_files $uri $uri/ =404; - } - # Proxy WebSocket connections first location /v2/inv { proxy_pass http://websocket; @@ -71,4 +64,3 @@ server { add_header Content-Type application/json; } } - diff --git a/apps/samourai-server/nginx/nginx.conf b/apps/samourai-server/nginx/nginx.conf index 0261baf..81fb408 100644 --- a/apps/samourai-server/nginx/nginx.conf +++ b/apps/samourai-server/nginx/nginx.conf @@ -42,4 +42,3 @@ http { include /etc/nginx/sites-enabled/*.conf; } - diff --git a/apps/samourai-server/nginx/testnet.conf b/apps/samourai-server/nginx/testnet.conf index 7bd968a..dd9b100 100644 --- a/apps/samourai-server/nginx/testnet.conf +++ b/apps/samourai-server/nginx/testnet.conf @@ -21,13 +21,6 @@ server { proxy_send_timeout 600; send_timeout 600; - # Connection details page - location /connect { - alias /var/www/connect; - index index.html; - try_files $uri $uri/ =404; - } - # Proxy WebSocket connections first location /test/v2/inv { proxy_pass http://websocket; @@ -76,4 +69,3 @@ server { add_header Content-Type application/json; } } - diff --git a/scripts/app b/scripts/app index adb1fd0..38faaab 100755 --- a/scripts/app +++ b/scripts/app @@ -120,11 +120,14 @@ compose() { # App specific env vars # Note: Hardcoding app specific env vars is a short term solution. Long term # these values will be registered in an apps manifest and generated dynamically. + local dojo_hidden_service_file="${UMBREL_ROOT}/tor/data/app-${app}-dojo/hostname" local whirlpool_hidden_service_file="${UMBREL_ROOT}/tor/data/app-${app}-whirlpool/hostname" + export SAMOURAI_SERVER_DOJO_HIDDEN_SERVICE="$(cat "${dojo_hidden_service_file}" 2>/dev/null || echo "notyetset.onion")" export SAMOURAI_SERVER_WHIRLPOOL_HIDDEN_SERVICE="$(cat "${whirlpool_hidden_service_file}" 2>/dev/null || echo "notyetset.onion")" export SAMOURAI_SERVER_NODE_API_KEY=$(derive_entropy "env-${app_entropy_identifier}-NODE_API_KEY") export SAMOURAI_SERVER_NODE_ADMIN_KEY=$(derive_entropy "env-${app_entropy_identifier}-NODE_ADMIN_KEY") export SAMOURAI_SERVER_NODE_JWT_SECRET=$(derive_entropy "env-${app_entropy_identifier}-NODE_JWT_SECRET") + export SAMOURAI_SERVER_WHIRLPOOL_API_KEY=$(derive_entropy "env-${app_entropy_identifier}-WHIRLPOOL_API_KEY") docker-compose \ --env-file "${env_file}" \ diff --git a/scripts/configure b/scripts/configure index 3ff2dbe..e20f99f 100755 --- a/scripts/configure +++ b/scripts/configure @@ -150,7 +150,8 @@ APP_MEMPOOL_PORT="3006" APP_MEMPOOL_API_IP="10.21.21.27" APP_MEMPOOL_DB_IP="10.21.21.28" APP_SAMOURAI_SERVER_IP="10.21.21.22" -APP_SAMOURAI_SERVER_PORT="3005" +APP_SAMOURAI_SERVER_DOJO_PORT="3009" +APP_SAMOURAI_SERVER_CONNECT_PORT="3005" APP_SAMOURAI_SERVER_WHIRLPOOL_IP="10.21.21.23" APP_SAMOURAI_SERVER_WHIRLPOOL_PORT="8898" APP_SAMOURAI_SERVER_DB_IP="10.21.21.24" @@ -339,7 +340,8 @@ for template in "${NGINX_CONF_FILE}" "${BITCOIN_CONF_FILE}" "${LND_CONF_FILE}" " sed -i "s//${APP_MEMPOOL_DB_IP}/g" "${template}" sed -i "s//${APP_MEMPOOL_API_IP}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_IP}/g" "${template}" - sed -i "s//${APP_SAMOURAI_SERVER_PORT}/g" "${template}" + sed -i "s//${APP_SAMOURAI_SERVER_DOJO_PORT}/g" "${template}" + sed -i "s//${APP_SAMOURAI_SERVER_CONNECT_PORT}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_WHIRLPOOL_IP}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_WHIRLPOOL_PORT}/g" "${template}" sed -i "s//${APP_SAMOURAI_SERVER_DB_IP}/g" "${template}" diff --git a/scripts/update/01-run.sh b/scripts/update/01-run.sh index e92525c..0e836a1 100755 --- a/scripts/update/01-run.sh +++ b/scripts/update/01-run.sh @@ -194,6 +194,22 @@ rsync --archive \ "$UMBREL_ROOT"/.umbrel-"$RELEASE"/ \ "$UMBREL_ROOT"/ +# Handle updating static assets for samourai-server app +samourai_app_dir="${UMBREL_ROOT}/apps/samourai-server/nginx" +samourai_data_dir="${UMBREL_ROOT}/app-data/samourai-server/nginx" +if [[ -d "${samourai_app_dir}" ]] && [[ -d "${samourai_data_dir}" ]]; then + echo "Found samourai-server install, attempting to update static assets and nginx configuration..." + rsync --archive --verbose "${samourai_app_dir}/" "${samourai_data_dir}" +fi + +# Handle hidden service migration for samourai-server app +samourai_app_dojo_tor_dir="${UMBREL_ROOT}/tor/data/app-samourai-server" +samourai_app_new_dojo_tor_dir="${UMBREL_ROOT}/tor/data/app-samourai-server-dojo" +if [[ -d "${samourai_app_dojo_tor_dir}" ]] && [[ ! -d "${samourai_app_new_dojo_tor_dir}" ]]; then + echo "Found samourai-server install, attempting to migrate dojo hidden service directory..." + mv "${samourai_app_dojo_tor_dir}/" "${samourai_app_new_dojo_tor_dir}" +fi + # Fix permissions echo "Fixing permissions" find "$UMBREL_ROOT" -path "$UMBREL_ROOT/app-data" -prune -o -exec chown 1000:1000 {} + diff --git a/templates/.env-sample b/templates/.env-sample index 87f085e..0623074 100644 --- a/templates/.env-sample +++ b/templates/.env-sample @@ -53,7 +53,8 @@ APP_MEMPOOL_PORT= APP_MEMPOOL_DB_IP= APP_MEMPOOL_API_IP= APP_SAMOURAI_SERVER_IP= -APP_SAMOURAI_SERVER_PORT= +APP_SAMOURAI_SERVER_DOJO_PORT= +APP_SAMOURAI_SERVER_CONNECT_PORT= APP_SAMOURAI_SERVER_WHIRLPOOL_IP= APP_SAMOURAI_SERVER_WHIRLPOOL_PORT= APP_SAMOURAI_SERVER_DB_IP= diff --git a/templates/torrc-sample b/templates/torrc-sample index e594c7d..1b841d3 100644 --- a/templates/torrc-sample +++ b/templates/torrc-sample @@ -77,10 +77,14 @@ HiddenServicePort 80 : HiddenServiceDir /var/lib/tor/app-mempool HiddenServicePort 80 : -# samourai-server Hidden Service -HiddenServiceDir /var/lib/tor/app-samourai-server +# samourai-server dojo Hidden Service +HiddenServiceDir /var/lib/tor/app-samourai-server-dojo HiddenServicePort 80 :80 +# samourai-server connect Hidden Service +HiddenServiceDir /var/lib/tor/app-samourai-server +HiddenServicePort 80 :8081 + # samourai-server whirlpool Hidden Service HiddenServiceDir /var/lib/tor/app-samourai-server-whirlpool HiddenServicePort 80 :