From 9345d27d6a4e143d0f2a9205ef31bc8ec938034f Mon Sep 17 00:00:00 2001
From: Duncan X Simpson <duncan@k7dxs.net>
Date: Tue, 15 Dec 2020 22:36:34 -0700
Subject: [PATCH 1/5] Compare uid not username in create_dirs()

---
 src/utils/createdirs.py | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/utils/createdirs.py b/src/utils/createdirs.py
index d0590bf4..b56eaa93 100644
--- a/src/utils/createdirs.py
+++ b/src/utils/createdirs.py
@@ -4,8 +4,6 @@ Create required Onionr directories
 """
 import os
 import stat
-from pwd import getpwuid
-from getpass import getuser
 
 from . import identifyhome
 import filepaths
@@ -27,10 +25,6 @@ import onionrexceptions
 home = identifyhome.identify_home()
 
 
-def find_owner(filename):
-    return getpwuid(os.stat(filename).st_uid).pw_name
-
-
 def create_dirs():
     """Create onionr data-related directories in
     order of the hardcoded list below,
@@ -41,7 +35,7 @@ def create_dirs():
         if not os.path.exists(path):
             os.makedirs(path)
         else:
-            if getuser() != find_owner(path):
+            if os.getuid() != os.stat(path).st_uid:
                 raise onionrexceptions.InsecureDirectoryUsage(
                     "Directory " + path +
                     " already exists and is not owned by the same user")
@@ -54,4 +48,4 @@ def create_dirs():
         try:
             db()
         except FileExistsError:
-            pass
\ No newline at end of file
+            pass

From 2dc11303d78dac8df8197ebc7b8a77777bb56083 Mon Sep 17 00:00:00 2001
From: Duncan X Simpson <duncan@k7dxs.net>
Date: Mon, 14 Dec 2020 23:20:27 -0700
Subject: [PATCH 2/5] Docker improvements

- Create run-onionr-node.sh to parse env and supply args to run-onionr-node.py
- Dockerfile:
  - Run onionr by default rather than bash
  - Run as unprivileged user by default instead of root
  - Use /app for all code
  - Specify python 3.7 (3.8 fails to build cffi)
  - Use apt-get rather than apt (apt's CLI is not stable)
  - Slight reformatting and consolidation
---
 .dockerignore      |  3 +++
 Dockerfile         |  7 ++++---
 run-onionr-node.sh | 51 ++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 58 insertions(+), 3 deletions(-)
 create mode 100755 run-onionr-node.sh

diff --git a/.dockerignore b/.dockerignore
index b45826ec..27001b70 100755
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,3 +1,6 @@
 onionr/data/**/*
 onionr/data
 MY-RUN.sh
+Dockerfile
+.dockerignore
+.git
diff --git a/Dockerfile b/Dockerfile
index c8e93527..12953ac1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,12 +1,12 @@
 FROM python:3.7
+EXPOSE 8080
 
 USER root
 
 RUN mkdir /app
 WORKDIR /app
 
-ENV PORT=8080
-EXPOSE 8080
+ENV ONIONR_DOCKER=true
 
 #Install needed packages
 RUN apt-get update && apt-get install -y tor locales
@@ -26,5 +26,6 @@ VOLUME /app/data/
 #Default to running as nonprivileged user
 RUN chmod g=u -R /app
 USER 1000
+ENV HOME=/app
 
-CMD ["bash", "./onionr.sh"]
+CMD ["bash", "./run-onionr-node.sh"]
diff --git a/run-onionr-node.sh b/run-onionr-node.sh
new file mode 100755
index 00000000..42f37565
--- /dev/null
+++ b/run-onionr-node.sh
@@ -0,0 +1,51 @@
+#!/bin/sh
+set -x
+ORIG_ONIONR_RUN_DIR=`pwd`
+export ORIG_ONIONR_RUN_DIR
+cd "$(dirname "$0")"
+
+if [[ -n "$ONIONR_DOCKER" ]]; then
+	[[ -f "/privkey" ]] && privkey_opt="--private-key /privkey"
+	[[ -n "$ONIONR_ONBOARDING" ]] || ONIONR_ONBOARDING=0
+	[[ -n "$ONIONR_OPEN_UI" ]] || ONIONR_OPEN_UI=0
+	[[ -n "$ONIONR_RANDOM_LOCALHOST_IP" ]] || ONIONR_RANDOM_LOCALHOST_IP=0
+	[[ -n "$ONIONR_BIND_ADDRESS" ]] || ONIONR_BIND_ADDRESS=0.0.0.0
+	[[ -n "$ONIONR_PORT" ]] || ONIONR_PORT=8080
+fi
+
+[[ -n "$ONIONR_PRIVATE_KEY_FILE" ]] && privkey_opt="--private-key $ONIONR_PRIVATE_KEY_FILE"
+[[ -n "$ONIONR_USE_BOOTSTRAP_FILE" ]] && bootstrap_opt="--use-bootstrap-file $ONIONR_USE_BOOTSTRAP_FILE"
+[[ -n "$ONIONR_SHOW_STATS" ]] && show_stats_opt="--show-stats $ONIONR_SHOW_STATS"
+[[ -n "$ONIONR_ONBOARDING" ]] && onboarding_opt="--onboarding $ONIONR_ONBOARDING"
+[[ -n "$ONIONR_SECURITY_LEVEL" ]] && security_level_opt="--security-level $ONIONR_SECURITY_LEVEL"
+[[ -n "$ONIONR_OPEN_UI" ]] && open_ui_opt="--open-ui $ONIONR_OPEN_UI"
+[[ -n "$ONIONR_RANDOM_LOCALHOST_IP" ]] && random_localhost_ip_opt="--random-localhost-ip $ONIONR_RANDOM_LOCALHOST_IP"
+[[ -n "$ONIONR_USE_TOR" ]] && use_tor_opt="--use-tor $ONIONR_USE_TOR"
+[[ -n "$ONIONR_ANIMATED_BACKGROUND" ]] && animated_background_opt="--animated-background $ONIONR_ANIMATED_BACKGROUND"
+[[ -n "$ONIONR_KEEP_LOG" ]] && keep_log_opt="--keep-log-on-exit $ONIONR_KEEP_LOG"
+[[ -n "$ONIONR_USE_UPLOAD_MIXING" ]] && use_upload_mixing_opt="--use-upload-mixing $ONIONR_USE_UPLOAD_MIXING"
+[[ -n "$ONIONR_DEV_MODE" ]] && dev_mode_opt="--dev-mode $ONIONR_DEV_MODE"
+[[ -n "$ONIONR_DISABLE_PLUGIN_LIST" ]] && disable_plugin_list_opt=" --disable-plugin-list $ONIONR_DISABLE_PLUGIN_LIST"
+[[ -n "$ONIONR_STORE_PLAINTEXT" ]] && store_plaintext_opt="--store-plaintext $ONIONR_STORE_PLAINTEXT"
+[[ -n "$ONIONR_BIND_ADDRESS" ]] && bind_address_opt="--bind-address $ONIONR_BIND_ADDRESS"
+[[ -n "$ONIONR_PORT" ]] && port_opt="--port $ONIONR_PORT"
+
+
+python3 run-onionr-node.py \
+	$privkey_opt \
+	$bootstrap_opt \
+	$show_stats_opt \
+	$onboarding_opt \
+	$security_level_opt \
+	$open_ui_opt \
+	$random_localhost_ip_opt \
+	$use_tor_opt \
+	$animated_background_opt \
+	$keep_log_opt \
+	$use_upload_mixing_opt \
+	$dev_mode_opt \
+	$disable_plugin_list_opt \
+	$store_plaintext_opt \
+	$bind_address_opt \
+	$port_opt \
+	"$@"

From d7bcd2b4a82a8b7ac08a84c7e01d29d2ad747082 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Wed, 30 Dec 2020 17:58:21 +0000
Subject: [PATCH 3/5] Bump pip-tools from 5.4.0 to 5.5.0

Bumps [pip-tools](https://github.com/jazzband/pip-tools) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/jazzband/pip-tools/releases)
- [Changelog](https://github.com/jazzband/pip-tools/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jazzband/pip-tools/compare/5.4.0...5.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 requirements-dev.in  |  2 +-
 requirements-dev.txt | 10 +++-------
 2 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/requirements-dev.in b/requirements-dev.in
index 88f9db9b..c1bc5f92 100644
--- a/requirements-dev.in
+++ b/requirements-dev.in
@@ -1,3 +1,3 @@
 pdoc3==0.9.1
-pip-tools==5.4.0
+pip-tools==5.5.0
 helium==3.0.5
diff --git a/requirements-dev.txt b/requirements-dev.txt
index 8bb6e5e8..3cf414a1 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -56,18 +56,14 @@ markupsafe==1.1.1 \
 pdoc3==0.9.1 \
     --hash=sha256:e1848d5485b8dd4662272f83bb5f7df4a68e0a5d76c87be30327977777168894 \
     # via -r requirements-dev.in
-pip-tools==5.4.0 \
-    --hash=sha256:a4d3990df2d65961af8b41dacc242e600fdc8a65a2e155ed3d2fc18a5c209f20 \
-    --hash=sha256:b73f76fe6464b95e41d595a9c0302c55a786dbc54b63ae776c540c04e31914fb \
+pip-tools==5.5.0 \
+    --hash=sha256:10841c1e56c234d610d0466447685b9ea4ee4a2c274f858c0ef3c33d9bd0d985 \
+    --hash=sha256:cb0108391366b3ef336185097b3c2c0f3fa115b15098dafbda5e78aef70ea114 \
     # via -r requirements-dev.in
 selenium==3.141.0 \
     --hash=sha256:2d7131d7bc5a5b99a2d9b04aaf2612c411b03b8ca1b1ee8d3de5845a9be2cb3c \
     --hash=sha256:deaf32b60ad91a4611b98d8002757f29e6f2c2d5fcaf202e1c9ad06d6772300d \
     # via helium
-six==1.14.0 \
-    --hash=sha256:236bdbdce46e6e6a3d61a337c0f8b763ca1e8717c03b369e87a7ec7ce1319c0a \
-    --hash=sha256:8f3cd2e254d8f793e7f3d6d9df77b92252b52637291d0f0da013c76ea2724b6c \
-    # via pip-tools
 urllib3==1.25.9 \
     --hash=sha256:3018294ebefce6572a474f0604c2021e33b3fd8006ecd11d62107a5d2a963527 \
     --hash=sha256:88206b0eb87e6d677d424843ac5209e3fb9d0190d0ee169599165ec25e9d9115 \

From ba8b9b49ed5f2db294b2ecb077641b70f32e3751 Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Sat, 16 Jan 2021 20:31:06 +0000
Subject: [PATCH 4/5] Bump pdoc3 from 0.9.1 to 0.9.2

Bumps [pdoc3](https://github.com/pdoc3/pdoc) from 0.9.1 to 0.9.2.
- [Release notes](https://github.com/pdoc3/pdoc/releases)
- [Changelog](https://github.com/pdoc3/pdoc/blob/master/CHANGELOG)
- [Commits](https://github.com/pdoc3/pdoc/compare/0.9.1...0.9.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 requirements-dev.in  | 2 +-
 requirements-dev.txt | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements-dev.in b/requirements-dev.in
index c1bc5f92..4c0d2439 100644
--- a/requirements-dev.in
+++ b/requirements-dev.in
@@ -1,3 +1,3 @@
-pdoc3==0.9.1
+pdoc3==0.9.2
 pip-tools==5.5.0
 helium==3.0.5
diff --git a/requirements-dev.txt b/requirements-dev.txt
index 3cf414a1..51fef1db 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -53,8 +53,8 @@ markupsafe==1.1.1 \
     --hash=sha256:e249096428b3ae81b08327a63a485ad0878de3fb939049038579ac0ef61e17e7 \
     --hash=sha256:e8313f01ba26fbbe36c7be1966a7b7424942f670f38e666995b88d012765b9be \
     # via mako
-pdoc3==0.9.1 \
-    --hash=sha256:e1848d5485b8dd4662272f83bb5f7df4a68e0a5d76c87be30327977777168894 \
+pdoc3==0.9.2 \
+    --hash=sha256:9df5d931f25f353c69c46819a3bd03ef96dd286f2a70bb1b93a23a781f91faa1 \
     # via -r requirements-dev.in
 pip-tools==5.5.0 \
     --hash=sha256:10841c1e56c234d610d0466447685b9ea4ee4a2c274f858c0ef3c33d9bd0d985 \

From 513b758c7a229294d7fd4eb17adf11df777921db Mon Sep 17 00:00:00 2001
From: Kevin Froman <beardog@mailbox.org>
Date: Fri, 22 Jan 2021 18:55:58 +0000
Subject: [PATCH 5/5] removed process info from run-onionr-node script

---
 run-onionr-node.py | 34 ----------------------------------
 1 file changed, 34 deletions(-)

diff --git a/run-onionr-node.py b/run-onionr-node.py
index 15fd581e..58415634 100755
--- a/run-onionr-node.py
+++ b/run-onionr-node.py
@@ -9,10 +9,8 @@ from subprocess import DEVNULL
 import ujson
 from psutil import Popen
 from psutil import Process
-import psutil
 
 import sys
-import curses
 
 script_dir = os.path.dirname(os.path.realpath(__file__))
 sys.path.append(script_dir + '/src/')
@@ -23,36 +21,6 @@ from etc import onionrvalues
 sub_script = script_dir + '/' + onionrvalues.SCRIPT_NAME
 
 
-def show_info(p: Process):
-    def pbar(window):
-        window.addstr(8, 10, "Onionr statistics")
-        window.addstr(9, 10, "-" * 17)
-        curses.curs_set(0)
-        while True:
-            threads = p.num_threads()
-            open_files = len(p.open_files())
-            cpu_percent = p.cpu_percent()
-            block_count = len(blockmetadb.get_block_list())
-            for proc in p.children(recursive=True):
-                threads += proc.num_threads()
-                cpu_percent += proc.cpu_percent()
-                try:
-                    open_files += len(proc.open_files())
-                except psutil.AccessDenied:
-                    pass
-            cpu_percent = cpu_percent * 100
-            window.addstr(11, 10, f"Threads: {threads}")
-            window.addstr(10, 10, f"Open files: {open_files}")
-            window.addstr(12, 10, f"CPU: {cpu_percent}%")
-            window.addstr(13, 10, f"Blocks: {block_count}")
-            window.refresh()
-            sleep(0.5)
-    sleep(15)
-    curses.wrapper(pbar)
-    while True:
-        sleep(1)
-
-
 parser = argparse.ArgumentParser()
 
 parser.add_argument(
@@ -179,6 +147,4 @@ else:
     p = Popen([sub_script, 'start'], stdout=DEVNULL)
 
 p = p.children()[0]
-if args.show_stats:
-    Thread(target=show_info, args=[p], daemon=True).start()
 p.wait()