simple-monerod-docker
simple-monerod-docker copied to clipboard
sethforprivacy
Unable to send transaction(s) to tor - no available outbound connections
Transaction initiated via Exodus Mobile Wallet connected to fully synced Monero Node reverse proxied via Caddy (separate container) hosted within Debian LXC on Proxmox using docker is not sent to the Blockchain. What did I miss?
docker logs monerod
2025-02-13 22:06:04.323 W Unable to send transaction(s) to tor - no available outbound connections
monerod status executed within container
2025-02-13 23:24:44.054 I Monero 'Fluorine Fermi' (v0.18.3.4-release) Height: 3347069/3347069 (100.0%) on mainnet, not mining, net hash 4.22 GH/s, v16, 63(out)+0(in) connections, uptime 0d 0h 33m 50s
docker-compose.yml in line with monerosuite
name: monero-suite
services:
monerod:
image: ghcr.io/sethforprivacy/simple-monerod:latest
restart: unless-stopped
container_name: monerod
volumes:
- bitmonero:/home/monero/.bitmonero
ports:
- 18080:18080
- 18089:18089
depends_on:
tor-proxy:
condition: service_started
healthcheck:
test: curl --fail http://localhost:18081/get_height || exit 1
interval: 60s
timeout: 5s
retries: 10
start_period: 40s
command:
- --rpc-restricted-bind-ip=0.0.0.0
- --rpc-restricted-bind-port=18089
- --rpc-bind-ip=0.0.0.0
- --rpc-bind-port=18081
- --confirm-external-bind
- --enable-dns-blocklist
- --check-updates=disabled
- --max-log-files=3
- --max-log-file-size=1048576
- --no-igd
- --out-peers=64
- --limit-rate-down=1048576
- --prune-blockchain
- --public-node
- --no-zmq
- --tx-proxy=tor,127.0.0.1:9150,32
- --add-priority-node=xwvz3ekocr3dkyxfkmgm2hvbpzx2ysqmaxgter7znnqrhoicygkfswid.onion:18083
- --add-priority-node=4pixvbejrvihnkxmduo2agsnmc3rrulrqc7s3cbwwrep6h6hrzsibeqd.onion:18083
- --add-priority-node=zbjkbsxc5munw3qusl7j2hpcmikhqocdf4pqhnhtpzw5nt5jrmofptid.onion:18083
- --add-priority-node=plowsof3t5hogddwabaeiyrno25efmzfxyro2vligremt7sxpsclfaid.onion:18083
- --add-priority-node=plowsoffjexmxalw73tkjmf422gq6575fc7vicuu4javzn2ynnte6tyd.onion:18083
- --add-priority-node=qz43zul2x56jexzoqgkx2trzwcfnr6l3hbtfcfx54g4r3eahy3bssjyd.onion:18083
- --add-peer=xwvz3ekocr3dkyxfkmgm2hvbpzx2ysqmaxgter7znnqrhoicygkfswid.onion:18083
- --add-peer=4pixvbejrvihnkxmduo2agsnmc3rrulrqc7s3cbwwrep6h6hrzsibeqd.onion:18083
- --add-peer=zbjkbsxc5munw3qusl7j2hpcmikhqocdf4pqhnhtpzw5nt5jrmofptid.onion:18083
- --add-peer=plowsof3t5hogddwabaeiyrno25efmzfxyro2vligremt7sxpsclfaid.onion:18083
- --add-peer=plowsoffjexmxalw73tkjmf422gq6575fc7vicuu4javzn2ynnte6tyd.onion:18083
- --add-peer=qz43zul2x56jexzoqgkx2trzwcfnr6l3hbtfcfx54g4r3eahy3bssjyd.onion:18083
moneroblock:
image: sethsimmons/moneroblock:latest
restart: unless-stopped
container_name: moneroblock
ports:
- 31312:31312
command:
- --daemon
- monerod:18089
tor-proxy:
image: ghcr.io/peterdavehello/tor-socks-proxy:latest
container_name: tor-proxy
restart: unless-stopped
ports:
- 9150:9150
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
restart: unless-stopped
environment:
WATCHTOWER_CLEANUP: true
WATCHTOWER_POLL_INTERVAL: 3600
volumes:
- /var/run/docker.sock:/var/run/docker.sock
autoheal:
image: willfarrell/autoheal:latest
container_name: autoheal
restart: unless-stopped
environment:
AUTOHEAL_CONTAINER_LABEL: all
volumes:
- /var/run/docker.sock:/var/run/docker.sock
volumes:
bitmonero: {}
I'd bet it's this line causing you problems:
- --tx-proxy=tor,127.0.0.1:9150,32
Localhost when using containers refers to the container's own localhost, not the hosts. It should work if you change the line to this, though I've never tested Tor proxying within a Docker Compose setup like this before:
- --tx-proxy=tor,tor-proxy:9150,32
You also shouldn't need to expose port 9150 for the tor-proxy service, and definitely shouldn't expose it to the entire host.
I tried replacing 127.0.0.1 with tor-proxy resulting in the following within docker logs monerod
2025-02-14 13:08:42.926 I Initializing p2p server...
2025-02-14 13:08:42.928 I Deinitializing core...
2025-02-14 13:08:42.946 I Stopping cryptonote protocol...
2025-02-14 13:08:42.946 I Cryptonote protocol stopped successfully
2025-02-14 13:08:42.947 E Exception in main! Failed to initialize p2p server.
EDIT: I noted that monerosuite has a dedicated github page and will raise the issue there. Thanks for your pointers.
In this scenario, the tor-proxy domain might not be resolved. I’m not certain why, but it could be a DNS issue. Therefore, you need to add your container’s IP address to the option. It’s likely that your container initially attempted to resolve the domain through a Tor DNS but failed because there’s no corresponding record. This is a possible scenario. The localhost IP address won’t be helpful because there’s no service running on port 9050 on the container’s localhost.
This is exactly what I am witnessing. I am the author of Monero Suite and It's hard to find a good solution to proxy all traffic from the monerod service to a tor service. You can not use the tor proxy container's name, as monerod won't start, as it can not resolve the hostname to an ip address. If somebody has another idea on how to route the traffic through tor please let me know.
Does this mean that setting the container IP of tor-proxy within monerod commands will allow tx-only connections? If yes, can a container IP be hardcoded?
E.g. like so:
name: monero-suite
services:
monerod:
image: ghcr.io/sethforprivacy/simple-monerod:latest
restart: unless-stopped
container_name: monerod
volumes:
- bitmonero:/home/monero/.bitmonero
ports:
- 18080:18080
- 18089:18089
depends_on:
tor-proxy:
condition: service_started
healthcheck:
test: curl --fail http://localhost:18081/get_height || exit 1
interval: 60s
timeout: 5s
retries: 10
start_period: 40s
command:
- --rpc-restricted-bind-ip=0.0.0.0
- --rpc-restricted-bind-port=18089
- --rpc-bind-ip=0.0.0.0
- --rpc-bind-port=18081
- --confirm-external-bind
- --enable-dns-blocklist
- --check-updates=disabled
- --max-log-files=3
- --max-log-file-size=1048576
- --no-igd
- --out-peers=64
- --limit-rate-down=1048576
- --prune-blockchain
- --public-node
- --no-zmq
- --tx-proxy=tor,192.168.100.10:9150,32
- --add-priority-node=xwvz3ekocr3dkyxfkmgm2hvbpzx2ysqmaxgter7znnqrhoicygkfswid.onion:18083
- --add-priority-node=4pixvbejrvihnkxmduo2agsnmc3rrulrqc7s3cbwwrep6h6hrzsibeqd.onion:18083
- --add-priority-node=zbjkbsxc5munw3qusl7j2hpcmikhqocdf4pqhnhtpzw5nt5jrmofptid.onion:18083
- --add-priority-node=plowsof3t5hogddwabaeiyrno25efmzfxyro2vligremt7sxpsclfaid.onion:18083
- --add-priority-node=plowsoffjexmxalw73tkjmf422gq6575fc7vicuu4javzn2ynnte6tyd.onion:18083
- --add-priority-node=qz43zul2x56jexzoqgkx2trzwcfnr6l3hbtfcfx54g4r3eahy3bssjyd.onion:18083
- --add-peer=xwvz3ekocr3dkyxfkmgm2hvbpzx2ysqmaxgter7znnqrhoicygkfswid.onion:18083
- --add-peer=4pixvbejrvihnkxmduo2agsnmc3rrulrqc7s3cbwwrep6h6hrzsibeqd.onion:18083
- --add-peer=zbjkbsxc5munw3qusl7j2hpcmikhqocdf4pqhnhtpzw5nt5jrmofptid.onion:18083
- --add-peer=plowsof3t5hogddwabaeiyrno25efmzfxyro2vligremt7sxpsclfaid.onion:18083
- --add-peer=plowsoffjexmxalw73tkjmf422gq6575fc7vicuu4javzn2ynnte6tyd.onion:18083
- --add-peer=qz43zul2x56jexzoqgkx2trzwcfnr6l3hbtfcfx54g4r3eahy3bssjyd.onion:18083
networks:
monero_suite_net:
moneroblock:
image: sethsimmons/moneroblock:latest
restart: unless-stopped
container_name: moneroblock
ports:
- 31312:31312
command:
- --daemon
- monerod:18089
networks:
monero_suite_net:
tor-proxy:
image: ghcr.io/peterdavehello/tor-socks-proxy:latest
container_name: tor-proxy
restart: unless-stopped
ports:
- 9150:9150
networks:
monero_suite_net:
ipv4_address: 192.168.100.10
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
restart: unless-stopped
environment:
WATCHTOWER_CLEANUP: 'true'
WATCHTOWER_POLL_INTERVAL: 3600
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
monero_suite_net:
autoheal:
image: willfarrell/autoheal:latest
container_name: autoheal
restart: unless-stopped
environment:
AUTOHEAL_CONTAINER_LABEL: all
volumes:
- /var/run/docker.sock:/var/run/docker.sock
networks:
monero_suite_net:
volumes:
bitmonero: {}
networks:
monero_suite_net:
driver: bridge
ipam:
config:
- subnet: 192.168.100.0/24
Does this mean that setting the container IP of tor-proxy within monerod commands will allow tx-only connections? If yes, can a container IP be hardcoded?
E.g. like so:
...
Yes, this should work, though it may not be convenient for everyone. Another possible approach is to expose port 9050 to the host (which you have done by the way) and have the Monero container connect to the host IP, but I believe your method is better.
It appears to be a long-standing issue. Here is a workaround proposed in an issue created by this repository owner.
https://github.com/monero-project/monero/issues/7963#issuecomment-1263614900