|
2 months ago | |
---|---|---|
example-config | 3 months ago | |
scripts | 2 months ago | |
subscriber | 3 months ago | |
tor | 3 months ago | |
.env.example | 3 months ago | |
.gitignore | 2 months ago | |
README.md | 2 months ago | |
backup.tar.gz | 2 months ago | |
docker-compose.yml | 2 months ago |
This is a Docker Compose project for assembling a service to receive TORch notifications from remote nodes and store them for access via RESTful interface.
It is composed of the following micro-services:
Create an .env
file based on .env.example
in the project root
CONFIG_DIR: points to the local configuration directory for the broker and torchsub micro-services (you will create this in the next step)
BROKER_MQTT_PORT: (suggested: 1883) must match the port that you configured mosquitto to listen for MQTT on
BROKER_MQTTS_PORT: (suggested: 8883) must match the port that you configured mosquitto to listen for MQTTS on
HTTP_PORT: the port that you would like Torchsub to listen on for incoming HTTP-REST requests for client connection info
Create the local configuration directory pointed to by .env
Create Mosquitto configuration files
Create a mosquitto.conf
based on the example
Add applicable ca.crt
, key and/or broker certificate files as applicable for the mosquitto configuration
Create a torch-sub.conf
per the torch-subscriber-simple project
ca.crt
, key and/or broker certificate files as applicable for the torch-sub.conf
configurationRun docker-compose up -d
from the project directory to launch the services
Get the Tor onion hostname of your newly launched TORch node monitor
[email protected]:~$ docker-compose exec tor svc-hostname
*****
* Service Onion Hostname: 24xb3hb2pajid44ugroua2ndvpipvmuw6pfjrivlbupxhpwbugfhdeqd.onion
*****
Configure any remote TORch agent instances with the above onion hostname by editing their torch.conf
files
Set BrokerHost
to the Tor onion hostname
Set BrokerPort
to the Mosquitto MQTT broker port you used above (ex. 1883
)
You should set RequiredCertificate
to false
because torch-agent won't be able to match the broker's certificate to the Tor onion hostname
Be sure to match the Topic
with the pattern you told Torchsub to subscribe to when you configured Torchsub using torch-sub.conf
above
# Example TORch Agent torch.conf configuration
[tor]
ControllerPort = 9051
[ssh]
Port = 22
[mqtt]
BrokerHost = 7v4jfonpcvvv4cy32po3uwqr56hvjag6ljpauennshecmzv4deq27lyd.onion
BrokerPort = 1883
ClientID = vagrant
Topic = torch/vagrant/wake
RequireCertificate = false
CaFile = ca.crt
CertFile = vagrant.crt
KeyFile = vagrant.key
.env
file above:[email protected]:~$ curl http://localhost:7700/clients
{"vagrant": {"clientId": "vagrant", "timestamp": "23-Oct-2020 (09:35:12.282901)", "onionAddress": "xbkcb3a47s6swrohdzcsuq6iwix3qjsn6mf77dkxywxgxucynhotglyd.onion", "sshPort": 22}}
[email protected]:~$ torify ssh [email protected].onion
The authenticity of host 'xbkcb3a47s6swrohdzcsuq6iwix3qjsn6mf77dkxywxgxucynhotglyd.onion (127.42.42.0)' can't be established.
ECDSA key fingerprint is SHA256:WSLn8lruVwPfqw5vmeZgZeTrulxboDKdJnnFMKiEGv8.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added 'xbkcb3a47s6swrohdzcsuq6iwix3qjsn6mf77dkxywxgxucynotglyd.onion' (ECDSA) to the list of known hosts.
[email protected].onion's password:
Last login: Fri Oct 23 09:34:22 2020 from 10.0.2.2
[email protected]:~$