From 64b67b08cb08365f73796ca43fda90cf2b3968b9 Mon Sep 17 00:00:00 2001 From: Benjamin Dweck Date: Thu, 22 Oct 2020 10:13:31 +0200 Subject: [PATCH] Added Dcoker Tor test harness --- docker-tor/Dockerfile | 13 +++++++++++++ docker-tor/README.md | 29 +++++++++++++++++++++++++++++ docker-tor/agent-conf/agent.crt | 21 +++++++++++++++++++++ docker-tor/agent-conf/agent.key | 27 +++++++++++++++++++++++++++ docker-tor/agent-conf/ca.crt | 23 +++++++++++++++++++++++ docker-tor/agent-conf/torch.conf | 16 ++++++++++++++++ docker-tor/torch-agent.wrapper.sh | 12 ++++++++++++ 7 files changed, 141 insertions(+) create mode 100644 docker-tor/Dockerfile create mode 100644 docker-tor/README.md create mode 100644 docker-tor/agent-conf/agent.crt create mode 100644 docker-tor/agent-conf/agent.key create mode 100644 docker-tor/agent-conf/ca.crt create mode 100644 docker-tor/agent-conf/torch.conf create mode 100755 docker-tor/torch-agent.wrapper.sh diff --git a/docker-tor/Dockerfile b/docker-tor/Dockerfile new file mode 100644 index 0000000..6031487 --- /dev/null +++ b/docker-tor/Dockerfile @@ -0,0 +1,13 @@ +FROM ubuntu + +RUN apt update && \ + apt install -y sudo ssh tor curl python3-all + +COPY dist/torch-agent_*_all.deb . +RUN apt install -y ./torch-agent_*_all.deb + +COPY docker-tor/torch-agent.wrapper.sh /usr/bin/torch-agent.wrapper.sh + +VOLUME [ "/etc/torch" ] + +ENTRYPOINT [ "torch-agent.wrapper.sh" ] diff --git a/docker-tor/README.md b/docker-tor/README.md new file mode 100644 index 0000000..9d04597 --- /dev/null +++ b/docker-tor/README.md @@ -0,0 +1,29 @@ +# Tor Test Harness for TORch Agent + +This is a Docker container for running the current development version of TORch Agent in an environment with a local Tor Proxy (without having to install and configure Tor on the development machine itself) + +## Preparation + +1. Build a Debian package from the current development version of TORch Agent + +```bash +python -m venv venv && source venv/bin/activate +pip3 install -r requirements.txt +./build-deb.sh +``` + +2. Build the Docker image + +```bash +docker build -f docker-tor/Dockerfile -t torch-agent . +``` + +3. Configure `torch-agent` by editing [`agent-conf/torch.conf`](./agent-conf/torch.conf) + + * Be sure to update the onion hostname of the broker with the one you wish to test with + +4. Launch the Docker container + +```bash +docker run -it --rm -v "$(pwd)/docker-tor/agent-conf:/etc/torch" torch-agent +``` diff --git a/docker-tor/agent-conf/agent.crt b/docker-tor/agent-conf/agent.crt new file mode 100644 index 0000000..b58e5d3 --- /dev/null +++ b/docker-tor/agent-conf/agent.crt @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDhDCCAmwCFFfe134gzLKm3ieNbeoxCvOhwsGxMA0GCSqGSIb3DQEBCwUAMIGE +MQswCQYDVQQGEwJVUzELMAkGA1UECAwCTlkxETAPBgNVBAcMCE5ldyBZb3JrMRUw +EwYDVQQKDAxFeGFtcGxlIEluYy4xHDAaBgNVBAMME2NhLm1xdHQuZXhhbXBsZS5j +b20xIDAeBgkqhkiG9w0BCQEWEWFkbWluQGV4YW1wbGUuY29tMB4XDTIwMTAwNjEx +MDQxMVoXDTMwMTAwNDExMDQxMVoweDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5Z +MREwDwYDVQQHDAhOZXcgWW9yazEVMBMGA1UECgwMRXhhbXBsZSBJbmMuMRAwDgYD +VQQDDAd2YWdyYW50MSAwHgYJKoZIhvcNAQkBFhFhZG1pbkBleGFtcGxlLmNvbTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBR3WYBUoSM9taDBWn8MSU3 +WW7z9EmutaWRKlNCf8rAVXrEGf3shtBb6MWdRjAKHcBDZaTtmW6o0XoXkKdGeWcm +6X0o4TwaROPE7HR8OtKsmPTxQ09gKfkwB+sb8+fIPrKq6VLWiSJqvc6RbZvoKXIa +WU/BV4q3HG9MvFB2AMNx9pmzLeeP/m323pAEU28oR/kGvuDJHSLO3cNd1U5ZKFFt +J1hHYugKM3uHlyQ44ozu6l2AexGgIYjA5/y1D/RuWaybdpppLS3RerhKDrvTkwWD +UALgTdxHnIT90NFCtGsZTzwmbqs/ibq1NtkHGiS0tGhJjftIiPJZfuNArVsoYF0C +AwEAATANBgkqhkiG9w0BAQsFAAOCAQEAeOEgOA8dJZGo/bT+2vnKm7VnJYrNgAax +B/X2kG3vLiayFgPYarQq8AjlqQCr8Dm1EqbUtnAhzSbQTX+v3oQBd7sRdlwfTYKa +bFEjhMeXhBgp/bWobq9FcwAL02wsAZh/gcbHAVrIwWmb42sbHTmrWY2jgJbX65jg +ameIn9p1j2CSJnC4Ju3B+btaCmksHI6uhuJVef/+pL53hs1z5MfehNvJaBkUzsya +nYAiCvrEQIzKlxROdBApZeQs0WFv0ktu6itzA3YsCMct1p3TNGwDUZ+cQqkTPhkB +KNT0VcmDNdavD59WsEfrgZe5/DXY+Q1yHzGmaq70y0U6SgTfOsslmQ== +-----END CERTIFICATE----- diff --git a/docker-tor/agent-conf/agent.key b/docker-tor/agent-conf/agent.key new file mode 100644 index 0000000..9e71686 --- /dev/null +++ b/docker-tor/agent-conf/agent.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAsFHdZgFShIz21oMFafwxJTdZbvP0Sa61pZEqU0J/ysBVesQZ +/eyG0FvoxZ1GMAodwENlpO2ZbqjReheQp0Z5ZybpfSjhPBpE48TsdHw60qyY9PFD +T2Ap+TAH6xvz58g+sqrpUtaJImq9zpFtm+gpchpZT8FXirccb0y8UHYAw3H2mbMt +54/+bfbekARTbyhH+Qa+4MkdIs7dw13VTlkoUW0nWEdi6Aoze4eXJDjijO7qXYB7 +EaAhiMDn/LUP9G5ZrJt2mmktLdF6uEoOu9OTBYNQAuBN3EechP3Q0UK0axlPPCZu +qz+JurU22QcaJLS0aEmN+0iI8ll+40CtWyhgXQIDAQABAoIBAQCYYtiHbYMk3jQD +p49JT1YmRRT9aMhr2hxR8Ql0lheeYuY9yThxljfZ4mVmTYw4vrWB0n4JsfQWiL8q +1y0E9Uq9lQrdSjSH3mhFto9qCWhJZjR4FgBHnOQJ4rIlR65gV1eg0UgAeTxiS4Cq +BFSIF3mijRU9ces4DxP7OYXTwHjecLQXWzsENhlcowTCYOfxLM/8YvVRCv2cxPJh +/TL3qn1LD5/15lUb58+SqNAOREGACB+YG6rFShvUrxkq3ShtZdPUOzM5z+9xS8yO +Uh2aZDmxtMB6GnYbQNhfM274i71aVhf0++7s8VsiVo3C61+qKIYcX0LK8t2PnQ1H +cFn20hKhAoGBANfyLB5T+nZUGBysZSe76SoZUFWM0OsLixLq0+CqHvnTmIVMLQpv +k8RV2/g7rKCcaKghSENI2gwWy+EDfVGi/nGc+uJ+n4FX92F98MmmzFvuQXOp1AuY +Qvqr2XquFu5B6Jz5aOniOMHHSRl9JmZOLc+rs7COH7s/o5OPBT+1OpHJAoGBANEG +HBnAuxZ0XJtB7TvA9wW3GCRidCisRH8rG0cN4dE3UuCC+DQq1AV03NwM6pycwz15 +ljpkb+WtbE6iKG3sfj3vWhwkakcEnJKXGCVbKmMXI0L2sMnQB4bJ4TtXGDRJlLKg +XuwBsEmN8pM8IqRmnSpTrVbpCo4vZ/29c8l9+YP1AoGAcgIBGOHtUZuEP18k6J1k +tD05FHGLuwwVGJ+xzOMEB5GW7IkTHndZ5EYQJDYdJY5uEpW/uQY1WDyQ1vMornkH +LKRcMEf5nif7CxWaklvleIOJOq9mq9hvRDiGUSaoJJHXZUioAxLUNDoqdbKFG24a +8ZENBSGDzzACBF11v/TGP0ECgYEAp+WCeOUo4jaBlGx2RIMRaNPTXpZ+u5T0SDm1 +5XMvKkCIH7LT8ANe3ysppM/zO+1nnl+l3i2C/Dg7QUZbt0A5f0JdXTGa9IStx8n6 +KTd7arDRMB67jr+86/YJJwMkfAuGl5zd4jDRC6Qrbzzkjq2mHLOuDpuOUPufSl/9 +O6Im5GkCgYA4zFE3ztSV6nq5EH3A7VmAsLiyRXBJfOlLXIBApv46/t4ivS4C3Esu +8LR+Vvx2XLWkpkrm9kR1wIutNx6x1pRkSGDKyRXn5+cU4A2Lw9y2BbwDhj+WiHkM +zCuL+8l2px2f3K1YPE3oGWHZZJScDwa03yjVzrSPDr766XBtH7W4vg== +-----END RSA PRIVATE KEY----- diff --git a/docker-tor/agent-conf/ca.crt b/docker-tor/agent-conf/ca.crt new file mode 100644 index 0000000..8e79f74 --- /dev/null +++ b/docker-tor/agent-conf/ca.crt @@ -0,0 +1,23 @@ +-----BEGIN CERTIFICATE----- +MIID6zCCAtOgAwIBAgIUQJye5MbZVMpOpu87TmmlN/KOBj0wDQYJKoZIhvcNAQEL +BQAwgYQxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJOWTERMA8GA1UEBwwITmV3IFlv +cmsxFTATBgNVBAoMDEV4YW1wbGUgSW5jLjEcMBoGA1UEAwwTY2EubXF0dC5leGFt +cGxlLmNvbTEgMB4GCSqGSIb3DQEJARYRYWRtaW5AZXhhbXBsZS5jb20wHhcNMjAx +MDA2MTA1OTE4WhcNMzAxMDA0MTA1OTE4WjCBhDELMAkGA1UEBhMCVVMxCzAJBgNV +BAgMAk5ZMREwDwYDVQQHDAhOZXcgWW9yazEVMBMGA1UECgwMRXhhbXBsZSBJbmMu +MRwwGgYDVQQDDBNjYS5tcXR0LmV4YW1wbGUuY29tMSAwHgYJKoZIhvcNAQkBFhFh +ZG1pbkBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ALVndltaj3SX1zuJB0F5woIMUZCHopkgiO027/qE10IgM6SN4lFhR7wR0B/9PXrf +zn1xTC63w9xd3GbnlJvcWhWbh/m1t2Qx2mIvOmoELY8wlY6/V6NzjSgju7mZi0u6 +aitU+LXINNuGS+JhVpc54QQ8M9o0jKlnNGnEmPjv6uhbNXx3f8lw3eqSr1ZqmpGd +UQVYKsNYBVzSqsnh/sn/KnGYn/nmpsKRWeLhoslJ3zDjaM/Y4NYol11nWFIPYCk5 +7rzzxES/WdWLLnZ2W59YCT54YOGFqXE7oYgReD+Og2YwnGVQQpDcvb2HyIZL/2pa +oC6avMo/eC8HbSxwUKCnj1cCAwEAAaNTMFEwHQYDVR0OBBYEFEC8a9l0rpIdUqCS +i4NJwXlqUoLeMB8GA1UdIwQYMBaAFEC8a9l0rpIdUqCSi4NJwXlqUoLeMA8GA1Ud +EwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAGzxJWZdVozskr5yie2uetpL +aAReCaHEdWudRN3wVW1Dpm2sE23x4VFiJ+Uow9k21GgtGUsAIFqRgb3/QO+ipODC +GRwZmVopkuOaHfCz+tO8xqjvGHCidhhhNFdR9uVkWHoPKsQsvap0SSk12KMtFBRo +3rmeQwPP4qEPFEwc2U0hCUMsIUvMSt3KrA/j+aMRzOXU7QIMFbcYEF1IaGJz1RMh +h1VCXaUlL2liVTWU4XgudB8rMOuETec7un9hzoBVOWHxXdRrGPaoN4+zWiLRCDXO +6wapOhkmTOXuZY/NcMMwTmdJKTEQBD6XIQamv91Ne2bT89LHpcp1LjbaCz+UAxg= +-----END CERTIFICATE----- diff --git a/docker-tor/agent-conf/torch.conf b/docker-tor/agent-conf/torch.conf new file mode 100644 index 0000000..8782db7 --- /dev/null +++ b/docker-tor/agent-conf/torch.conf @@ -0,0 +1,16 @@ +[tor] +ControllerPort = 9051 + +[ssh] +Port = 22 + +[mqtt] +BrokerHost = wmzin3o2dvd4h2iu4mrf4zqbvgscgi27kd5afzvhgchghjdpqk7cmaqd.onion +BrokerPort = 1883 +ClientID = myagent +Topic = torch/myagent/wake +RequireCertificate = false +CaFile = ca.crt +CertFile = agent.crt +KeyFile = agent.key + diff --git a/docker-tor/torch-agent.wrapper.sh b/docker-tor/torch-agent.wrapper.sh new file mode 100755 index 0000000..c7d30ae --- /dev/null +++ b/docker-tor/torch-agent.wrapper.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +tor & + +while ! curl -s --socks5 127.0.0.1:9050 'https://check.torproject.org/' | grep -qm1 Congratulations +do + sleep 3 +done + +sleep 3 + +torch-agent $1 $2 $3 $4