Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding security routines #42

Open
cmehay opened this issue May 15, 2020 · 6 comments
Open

Adding security routines #42

cmehay opened this issue May 15, 2020 · 6 comments
Assignees

Comments

@cmehay
Copy link
Owner

cmehay commented May 15, 2020

This ticket is open to discuss about adding security routines in this project.

Regarding #40, I'm starting to work on adding Vanguards in this project, and issuing a convenient way to run a hidden service with it.

Please feel free to add any useful resources to increase security and privacy for running hidden services.

@cmehay cmehay self-assigned this May 15, 2020
@cmehay cmehay mentioned this issue May 31, 2020
@onionltd
Copy link

onionltd commented Jun 1, 2020

Hey @cmehay, thanks for considering my open issue.

I personally don't think it's a good idea to embed vanguards in docker-tor-hidden-service image. Just looking at the WIP code #43, it's clear the complexity has gone up. Also, embedding it in the image I lost the ability to set different container settings (memory limits, logging etc) for Tor and Vanguards.

Is there a reason why you don't want to maintain vanguards as a separate docker image?

@cmehay
Copy link
Owner Author

cmehay commented Jun 1, 2020

This final image will give the ability to run Vanguards in the same container or in a separate one.

The goal is to be able to run Vanguards with just one env variable, but also to fine tune the settings if needed.

I figured out some file are missing in this commit, I added them.

For your last question, I like the idea to provide all needed tools in one single image, but one image does not mean one container to run, and it will be possible to setup complex network to isolate control port from hidden service network for instance.

@onionltd
Copy link

onionltd commented Jun 2, 2020

I like the idea to provide all needed tools in one single image, but one image does not mean one container to run

I didn't look at the code all that much, so correct me if I'm wrong. Are you saying that a single image will contain both Tor and Vanguards and depending on the container configuration, one or both processes will run?

If so, this is in "violation" of Docker best practices[1], adds unnecessary complexity and generally feels like a bad engineering, with all due respect.

[1] https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#decouple-applications

@cmehay
Copy link
Owner Author

cmehay commented Jun 2, 2020

I didn't look at the code all that much, so correct me if I'm wrong. Are you saying that a single image will contain both Tor and Vanguards and depending on the container configuration, one or both processes will run?

Yes, but it's not really a problem as long Vangards cannot work without accessing to tor data directory and not intended to work with something else than tor.

The goal of containerization is to embed a service prior than a binary, it's my goal when I started to work on this tor image, if I can add some binaries to provide a better service with less efforts for the user, it's good for me.

@onionltd
Copy link

onionltd commented Jun 3, 2020

Yes, but it's not really a problem as long Vangards cannot work without accessing to tor data directory and not intended to work with something else than tor.

True, vanguards requires access to the Tor's directory however Docker already has mechanisms for doing exactly that: volumes.

This is an example docker-compose.yaml I've been using it to successfully deploy your image together with https://github.com/onionltd/docker-vanguards:

  tor_hs:
    image: localhost/tor-hidden-service:v0.4.3.5
    restart: always
    environment:
      TOR_EXTRA_OPTIONS: |
        DataDirectory /var/lib/tor/hidden_service
        ControlPort 0.0.0.0:9051
        HashedControlPassword 16:AD24C66CB51CFF37600A296F5E2FDF51BA0BBFE19DB4D2786BF5FA7E5D
    volumes:
      - tor:/var/lib/tor/hidden_service/

  vanguards_hs:
    image: localhost/vanguards:latest
    restart: always
    environment:
      GLOBAL_CONTROL_IP: tor_hs
      GLOBAL_CONTROL_PORT: 9051
      GLOBAL_CONTROL_PASS: password1
      GLOBAL_ENABLE_VANGUARDS: "True"
      GLOBAL_ENABLE_BANDGUARDS: "True"
      GLOBAL_ENABLE_CBTVERIFY: "False"
      GLOBAL_ENABLE_RENDGUARD: "True"
      GLOBAL_CLOSE_CIRCUITS: "True"
      GLOBAL_ONE_SHOT_VANGUARDS: "False"
      GLOBAL_LOGLEVEL: NOTICE
      VANGUARDS_LAYER1_LIFETIME_DAYS: 0
      VANGUARDS_MAX_LAYER2_LIFETIME_HOURS: 1080
      VANGUARDS_MAX_LAYER3_LIFETIME_HOURS: 48
      VANGUARDS_MIN_LAYER2_LIFETIME_HOURS: 24
      VANGUARDS_MIN_LAYER3_LIFETIME_HOURS: 1
      VANGUARDS_NUM_LAYER1_GUARDS: 2
      VANGUARDS_NUM_LAYER2_GUARDS: 3
      VANGUARDS_NUM_LAYER3_GUARDS: 8
      BANGUARDS_CIRC_MAX_AGE_HOURS: 24
      BANGUARDS_CIRC_MAX_HSDESC_KILOBYTES: 30
      BANGUARDS_CIRC_MAX_MEGABYTES: 0
      BANGUARDS_CIRC_MAX_DISCONNECTED_SECS: 30
      BANGUARDS_CONN_MAX_DISCONNECTED_SECS: 15
      RENDGUARD_REND_USE_MAX_USE_TO_BW_RATIO: 5.0
      RENDGUARD_REND_USE_MAX_CONSENSUS_WEIGHT_CHURN: 1.0
      RENDGUARD_REND_USE_CLOSE_CIRCUITS_ON_OVERUSE: "True"
      RENDGUARD_REND_USE_GLOBAL_START_COUNT: 1000
      RENDGUARD_REND_USE_RELAY_START_COUNT: 100
      RENDGUARD_REND_USE_SCALE_AT_COUNT: 20000
    volumes:
      - tor:/var/lib/tor/hidden_service/
    depends_on:
      - tor_hs
volumes:
  tor:

@cmehay
Copy link
Owner Author

cmehay commented Jul 11, 2020

#44

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants