diff --git a/.dockerignore b/.dockerignore index b45826ec..27001b70 100755 --- a/.dockerignore +++ b/.dockerignore @@ -1,3 +1,6 @@ onionr/data/**/* onionr/data MY-RUN.sh +Dockerfile +.dockerignore +.git diff --git a/Dockerfile b/Dockerfile index c8e93527..12953ac1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,12 @@ FROM python:3.7 +EXPOSE 8080 USER root RUN mkdir /app WORKDIR /app -ENV PORT=8080 -EXPOSE 8080 +ENV ONIONR_DOCKER=true #Install needed packages RUN apt-get update && apt-get install -y tor locales @@ -26,5 +26,6 @@ VOLUME /app/data/ #Default to running as nonprivileged user RUN chmod g=u -R /app USER 1000 +ENV HOME=/app -CMD ["bash", "./onionr.sh"] +CMD ["bash", "./run-onionr-node.sh"] diff --git a/run-onionr-node.sh b/run-onionr-node.sh new file mode 100755 index 00000000..42f37565 --- /dev/null +++ b/run-onionr-node.sh @@ -0,0 +1,51 @@ +#!/bin/sh +set -x +ORIG_ONIONR_RUN_DIR=`pwd` +export ORIG_ONIONR_RUN_DIR +cd "$(dirname "$0")" + +if [[ -n "$ONIONR_DOCKER" ]]; then + [[ -f "/privkey" ]] && privkey_opt="--private-key /privkey" + [[ -n "$ONIONR_ONBOARDING" ]] || ONIONR_ONBOARDING=0 + [[ -n "$ONIONR_OPEN_UI" ]] || ONIONR_OPEN_UI=0 + [[ -n "$ONIONR_RANDOM_LOCALHOST_IP" ]] || ONIONR_RANDOM_LOCALHOST_IP=0 + [[ -n "$ONIONR_BIND_ADDRESS" ]] || ONIONR_BIND_ADDRESS=0.0.0.0 + [[ -n "$ONIONR_PORT" ]] || ONIONR_PORT=8080 +fi + +[[ -n "$ONIONR_PRIVATE_KEY_FILE" ]] && privkey_opt="--private-key $ONIONR_PRIVATE_KEY_FILE" +[[ -n "$ONIONR_USE_BOOTSTRAP_FILE" ]] && bootstrap_opt="--use-bootstrap-file $ONIONR_USE_BOOTSTRAP_FILE" +[[ -n "$ONIONR_SHOW_STATS" ]] && show_stats_opt="--show-stats $ONIONR_SHOW_STATS" +[[ -n "$ONIONR_ONBOARDING" ]] && onboarding_opt="--onboarding $ONIONR_ONBOARDING" +[[ -n "$ONIONR_SECURITY_LEVEL" ]] && security_level_opt="--security-level $ONIONR_SECURITY_LEVEL" +[[ -n "$ONIONR_OPEN_UI" ]] && open_ui_opt="--open-ui $ONIONR_OPEN_UI" +[[ -n "$ONIONR_RANDOM_LOCALHOST_IP" ]] && random_localhost_ip_opt="--random-localhost-ip $ONIONR_RANDOM_LOCALHOST_IP" +[[ -n "$ONIONR_USE_TOR" ]] && use_tor_opt="--use-tor $ONIONR_USE_TOR" +[[ -n "$ONIONR_ANIMATED_BACKGROUND" ]] && animated_background_opt="--animated-background $ONIONR_ANIMATED_BACKGROUND" +[[ -n "$ONIONR_KEEP_LOG" ]] && keep_log_opt="--keep-log-on-exit $ONIONR_KEEP_LOG" +[[ -n "$ONIONR_USE_UPLOAD_MIXING" ]] && use_upload_mixing_opt="--use-upload-mixing $ONIONR_USE_UPLOAD_MIXING" +[[ -n "$ONIONR_DEV_MODE" ]] && dev_mode_opt="--dev-mode $ONIONR_DEV_MODE" +[[ -n "$ONIONR_DISABLE_PLUGIN_LIST" ]] && disable_plugin_list_opt=" --disable-plugin-list $ONIONR_DISABLE_PLUGIN_LIST" +[[ -n "$ONIONR_STORE_PLAINTEXT" ]] && store_plaintext_opt="--store-plaintext $ONIONR_STORE_PLAINTEXT" +[[ -n "$ONIONR_BIND_ADDRESS" ]] && bind_address_opt="--bind-address $ONIONR_BIND_ADDRESS" +[[ -n "$ONIONR_PORT" ]] && port_opt="--port $ONIONR_PORT" + + +python3 run-onionr-node.py \ + $privkey_opt \ + $bootstrap_opt \ + $show_stats_opt \ + $onboarding_opt \ + $security_level_opt \ + $open_ui_opt \ + $random_localhost_ip_opt \ + $use_tor_opt \ + $animated_background_opt \ + $keep_log_opt \ + $use_upload_mixing_opt \ + $dev_mode_opt \ + $disable_plugin_list_opt \ + $store_plaintext_opt \ + $bind_address_opt \ + $port_opt \ + "$@" diff --git a/src/utils/createdirs.py b/src/utils/createdirs.py index d0590bf4..b56eaa93 100644 --- a/src/utils/createdirs.py +++ b/src/utils/createdirs.py @@ -4,8 +4,6 @@ Create required Onionr directories """ import os import stat -from pwd import getpwuid -from getpass import getuser from . import identifyhome import filepaths @@ -27,10 +25,6 @@ import onionrexceptions home = identifyhome.identify_home() -def find_owner(filename): - return getpwuid(os.stat(filename).st_uid).pw_name - - def create_dirs(): """Create onionr data-related directories in order of the hardcoded list below, @@ -41,7 +35,7 @@ def create_dirs(): if not os.path.exists(path): os.makedirs(path) else: - if getuser() != find_owner(path): + if os.getuid() != os.stat(path).st_uid: raise onionrexceptions.InsecureDirectoryUsage( "Directory " + path + " already exists and is not owned by the same user") @@ -54,4 +48,4 @@ def create_dirs(): try: db() except FileExistsError: - pass \ No newline at end of file + pass