diff --git a/README.md b/README.md index 33727b1..ddceb58 100644 --- a/README.md +++ b/README.md @@ -1,23 +1,28 @@ # TORch Subscriber Docker Compose -This is a [Docker Compose](https://docs.docker.com/compose/) project for assembling a service to receive TORch notifications from remote clients and store them for access via RESTful interface. +This is a [Docker Compose](https://docs.docker.com/compose/) project for assembling a service to receive [TORch](https://git.rudefox.io/bj/torch-agent) notifications from remote nodes and store them for access via RESTful interface. It is composed of the following micro-services: * Tor proxy - for receving notifications from remote TORch clients via Tor * Broker - for managing publications and subscriptions * Torchsub - for receiving notifications, maintaining a database of the latest connection info for each remote note and serving them via HTTP -## Running +## Dependencies + +* Docker +* Docker Compose + +## Quick Start 1. Create an `.env` file based on [`.env.example`](.env.example) - * CONFIG_DIR: points to the local configuration directory for the broker and torchsub micro-services + * **CONFIG_DIR**: points to the local configuration directory for the broker and torchsub micro-services (you will create this in the next step) - * BROKER_MQTT_PORT: must match the port that you configured mosquitto to listen for MQTT on + * **BROKER_MQTT_PORT**: (suggested: 1883) must match the port that you configured mosquitto to listen for MQTT on - * BROKER_MQTTS_PORT: must match the port that you configured mosquitto to listen for MQTTS on + * **BROKER_MQTTS_PORT**: must match the port that you configured mosquitto to listen for MQTTS on - * HTTP_PORT: the port that you would like Torchsub to listen on for incoming HTTP-REST requests for client connection info + * **HTTP_PORT**: the port that you would like Torchsub to listen on for incoming HTTP-REST requests for client connection info 2. Create the local configuration directory pointed to by `.env` @@ -35,6 +40,8 @@ It is composed of the following micro-services: 4. Get the Tor onion hostname of your newly launched TORch node monitor + * Keep the onion hostname private + ```bash $ docker-compose exec tor svc-hostname ***** @@ -42,7 +49,7 @@ $ docker-compose exec tor svc-hostname ***** ``` -5. Configure any remote [TORch agent](https://git.rudefox.io/bj/torch-agent) instances with the above onion hostname by editing their `torch.conf` files +5. Configure any remote [TORch agent](https://git.rudefox.io/bj/torch-agent) instances with the above onion hostname by editing their `torch.conf` files (the idea is really to provision new nodes with this instances of TORch Agent configured with this onion hostname, so that when they boot they will phone home with Tor connection info) * Set `BrokerHost` to the Tor onion hostname @@ -71,3 +78,26 @@ CaFile = ca.crt CertFile = vagrant.crt KeyFile = vagrant.key ``` + +6. Check the latest client connection info using the RESTful interface on the port you specified in the `.env` file above: + +```bash +$ curl http://localhost:7700/clients +{"vagrant": {"clientId": "vagrant", "timestamp": "23-Oct-2020 (09:35:12.282901)", "onionAddress": "xbkcb3a47s6swrohdzcsuq6iwix3qjsn6mf77dkxywxgxucynhotglyd.onion", "sshPort": 22}} +``` + +7. You should be able to connect to this remote node using SSH through your local Tor proxy + +```bash +ubuntu@broker:~$ torify ssh vagrant@xbkcb3a47s6swrohdzcsuq6iwix3qjsn6mf77dkxywxgxucynhotglyd.onion + +The authenticity of host 'xbkcb3a47s6swrohdzcsuq6iwix3qjsn6mf77dkxywxgxucynhotglyd.onion (127.42.42.0)' can't be established. +ECDSA key fingerprint is SHA256:WSLn8lruVwPfqw5vmeZgZeTrulxboDKdJnnFMKiEGv8. +Are you sure you want to continue connecting (yes/no/[fingerprint])? yes +Warning: Permanently added 'xbkcb3a47s6swrohdzcsuq6iwix3qjsn6mf77dkxywxgxucynotglyd.onion' (ECDSA) to the list of known hosts. + +vagrant@xbkcb3a47s6swrohdzcsuq6iwix3qjsn6mf77dkxywxgxucynhotglyd.onion's password: + +Last login: Fri Oct 23 09:34:22 2020 from 10.0.2.2 +vagrant@ubuntu2004:~$ +```