umbrel
umbrel copied to clipboard
Refactor Tor container volumes
This PR modifies volumes management for the Tor container: the whole tor
directory is now mounted into the container (instead of sub dirs and files one by one), and the data directory (containing hidden services data) is set accordingly to the new path.
w/ @lukechilds
Have you tested this?
I'm getting:
$ tor -f /data/torrc
Mar 06 10:16:34.140 [notice] Tor 0.4.4.7 running on Linux with Libevent 2.1.8-stable, OpenSSL 1.1.1d, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A.
Mar 06 10:16:34.141 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
Mar 06 10:16:34.147 [notice] Read configuration file "/data/torrc".
Mar 06 10:16:34.156 [warn] You have a ControlPort set to accept connections from a non-local address. This means that programs not running on your computer can reconfigure your Tor. That's pretty bad, since the controller protocol isn't encrypted! Maybe you should just listen on 127.0.0.1 and use a tool like stunnel or ssh to encrypt remote connections to your control port.
Mar 06 10:16:34.164 [notice] You configured a non-loopback address '10.21.21.11:9050' for SocksPort. This allows everybody on your local network to use your machine as a proxy. Make sure this is what you wanted.
Mar 06 10:16:34.164 [warn] You have a ControlPort set to accept connections from a non-local address. This means that programs not running on your computer can reconfigure your Tor. That's pretty bad, since the controller protocol isn't encrypted! Maybe you should just listen on 127.0.0.1 and use a tool like stunnel or ssh to encrypt remote connections to your control port.
Mar 06 10:16:34.164 [notice] Opening Socks listener on 10.21.21.11:9050
Mar 06 10:16:34.165 [notice] Opened Socks listener on 10.21.21.11:9050
Mar 06 10:16:34.165 [notice] Opening Control listener on 10.21.21.11:29051
Mar 06 10:16:34.165 [notice] Opened Control listener on 10.21.21.11:29051
Mar 06 10:16:34.000 [warn] Error creating directory /var/lib/tor/web: Permission denied
Mar 06 10:16:34.000 [warn] Error loading rendezvous service keys
Mar 06 10:16:34.000 [err] set_options(): Bug: Acting on config options left us in a broken state. Dying. (on Tor 0.4.4.7 )
Mar 06 10:16:34.000 [err] Reading config failed--see warnings above.
Nope @lukechilds, I couldn't test it yet as my umbrel-dev was crashing.
You need to execute the configure
script before, as I edited the torrc
sample file to change the DataDirectory
option. Have you done this before testing out?
@louneskmt just a heads up that if you don't have explicit individual approval by all the contributors to this repository to publish your modified source code ("Adapted Material"), you are officially in violation of the license of this project and you can be sued: https://github.com/getumbrel/umbrel/issues/291