Merge branch 'pr/630' into Release-0.13.0

Ride-The-Lightning · Aug 14, 2022 · 76cd5f3 · 76cd5f3
1 parent 05aa2d8
commit 76cd5f3
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 35 deletions.
diff --git a/.github/docs/RTL_SSL_setup.md b/.github/docs/RTL_SSL_setup.md
@@ -1,23 +1,25 @@
 ### Setup https access for RTL
 
-Forward the ports 80 and 3002 on the router to the device running RTL.  
+Forward the ports 80 and 3002 on the router to the device running RTL.
 Allow the ports through the firewall of the device.
 
 Install Nginx:
 https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
+On Debian based distros:
+    $> sudo apt install nginx
 
-Install certbot to acquire the ssl certificate:
-https://certbot.eff.org
+nginx default config file is at /etc/nginx/nginx.conf. You will need it.
 
+Install, if needed, openssl
+On Debian based distros:
+    $> sudo apt install openssl
 
-Add the following line at the very top of nginx.conf: 
-load_module /usr/lib/nginx/modules/ngx_stream_module.so;
+Create a self certificate with openssl
+    $> openssl req -newkey rsa:4096 -x509 -sha512 -days 365 -nodes -out /path/to/some/folder/rtl-cert.crt -keyout /path/to/some/folder/rtl-cert.key 
 
 
 Sample configuration to be inserted in the nginx.conf (adjust the path and filename of your certificate and key):
 
-
-
     stream {
             upstream RTL {
                     server 127.0.0.1:3000;
@@ -27,13 +29,15 @@ Sample configuration to be inserted in the nginx.conf (adjust the path and filen
                     listen 3002 ssl;
                     proxy_pass RTL;
 
-                    ssl_certificate /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem;
-                    ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;
+                    ssl_certificate /path/to/some/folder/rtl-cert.crt;
+                    ssl_certificate_key /path/to/some/folder/rtl-cert.key;
                     ssl_session_cache shared:SSL:1m;
                     ssl_session_timeout 4h;
-                    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+                    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # this line works for me with only TLSv1.2
                     ssl_prefer_server_ciphers on;
             }
     }
 
 Restart Nginx with the new configuration and connect to RTL over https on the port 3002.
+On Debian based distros:
+    $> sudo systemctl restart nginx
diff --git a/.github/docs/RTL_TOR_setup.md b/.github/docs/RTL_TOR_setup.md
@@ -4,39 +4,34 @@ This guide will allow you to remotely connect to RTL over Tor. This can work on
 
 #### Server Setup 
 Install Tor on the same local machine as RTL. see the tor project wiki [here](https://trac.torproject.org/projects/tor/wiki)
+On Debian based distros:
+    $> sudo apt install tor
 
-Edit the `torrc` configuration file, and add the following lines:
+Edit `/etc/tor/torrc` (Debian based distro) configuration file, and add the following lines:
 ```
-HiddenServiceDir /var/db/tor/rtl/
-HiddenServiceVersion 2
-HiddenServiceAuthorizeClient stealth mydevice
+HiddenServiceDir /var/lib/tor/rtl-service-v3/
+HiddenServiceVersion 3
 HiddenServicePort 3000 127.0.0.1:3000
 ```
-Change `/var/db/tor/rtl/` to any directory you want to store the hidden service credentials. 
-Change `mydevice` to anything you want. 
+Change `/var/lib/tor/rtl-service-v3/` to any directory you want to store the hidden service credentials. 
 
 Save the changes to the `torrc` file and restart tor.
-
-View the contents of the file `/var/db/tor/rtl/hostname`. It will show an onion address, an authentication password(cookie), and the associated `mydevice` label.
-
+    $> sudo systemctl restart tor
+    or sometimes:
+    $> sudo systemctl daemon-reload    
+
+View the contents of the file `/var/lib/tor/rtl-service-v3/hostname`. You need to be root. It will show an onion address. This is your address.
+On Debian based distro:
+    $> su -c "cat /var/lib/tor/rtl-service-v3/hostname"
+
 #### Client setup: Android
 
-Download Orbot for android (add their repos to F-Droid here: https://guardianproject.info/fdroid/
-
-Open orbot. Click the `⋮`, select `hidden services ˃`, select `Client cookies`.
-
-Press the + button on the lower right. Type in the the onion address and secret cookie you revealed in file `/var/lnd/tor/rtl/hostname`.
+Install Tor browser (or any other compatible browser) for Android from the app store
 
-Go back to orbot's main screen, and select the gear icon under `tor enabled apps`. 
-Add your favorite tor compatible browser (I use brave) `Brave`, then press back. 
-Click `stop` on the big onion logo. Exit orbot and reopen it. 
-Turn on `VPN Mode`. Start your connection to the tor network by clicking on the big onion (if it has not automatically connected already)
+Open the tor enabled browser and type in the onion address (example `z1234567890abc.onion:3000`) 
+Only you have access to this website! All traffic in the tor enabled browser will go over Tor (which is slower than clearnet). 
 
-Now open the tor enabled browser and type in the onion address (example `z1234567890abc.onion:3000`) 
-Only you have access to this website! All traffic in the brave browser will go over Tor (which is slower than clearnet). 
-To go back to clearnet browsing, turn off VPN mode in Orbot.
-
-#### Client setup: Windows Tor Browser
+#### Client setup: Windows Tor Browser (not updated)
 
 Download and install Tor Browser for windows: https://www.torproject.org/download/
 
@@ -50,5 +45,3 @@ HidServAuth 1234567890abcdefg.onion abcdef01234567890+/K mydevice
 Save and exit. 
 
 Now open Tor Browser, type in the `1234567890abcdefg.onion:3000` address!
-
-