From 6b113af7fe1c5ece37d6797c825d8adcefa04706 Mon Sep 17 00:00:00 2001 From: dd dd Date: Tue, 23 Jul 2024 21:26:04 +0200 Subject: [PATCH] Update private key handling and improve readme --- README.md | 18 +++++++++++++++--- cmd/exit/exit.go | 18 ++++++++++++++++-- docker-compose.yaml | 10 +++++----- exit/https.go | 2 ++ go.mod | 3 +++ go.sum | 8 ++++++++ 6 files changed, 49 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index e57bc94..dceb18f 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,9 @@ Running NWS using Docker is recommended. For instructions on running NWS on your ### Using Docker Compose +Please navigate to the `docker-compose.yaml` file and set the value of `NOSTR_PRIVATE_KEY` to your own private key. +Leaving it empty will generate a new private key on startup. + To set up using Docker Compose, run the following command: ``` docker compose up -d --build @@ -35,18 +38,27 @@ docker compose up -d --build This will start an example setup, including the entry node, exit node, and a backend service. +You can run the following commands to receive your nprofiles: + +```bash +docker logs exit-https 2>&1 | awk -F'profile=' '{if ($2) print $2}' | awk '{print $1} +``` +```bash +docker logs exit 2>&1 | awk -F'profile=' '{if ($2) print $2}' | awk '{print $1} +``` + ### Sending Requests to the Entry node -You can use the following command to send a request to the nprofile: +With the log information from the previous step, you can use the following command to send a request to the nprofile: ``` -curl -v -x socks5h://localhost:8882 http://nprofile1qqsp98rnlp7sn4xuf7meyec48njp2qyfch0jktwvfuqx8vdqgexkg8gpz4mhxw309ahx7um5wgkhyetvv9un5wps8qcqggauk8/v1/info --insecure +curl -v -x socks5h://localhost:8882 http://"$(docker logs exit 2>&1 | awk -F'profile=' '{if ($2) print $2}' | awk '{print $1}')"/v1/info --insecure ``` If the nprofile supports TLS, you can choose to connect using https scheme ``` -curl -v -x socks5h://localhost:8882 https://nprofile1qqstw2nc544vkl4760yeq9xt2yd0gthl4trm6ruvpukdthx9fy5xqjcpz4mhxw309ahx7um5wgkhyetvv9un5wps8qcqcelsf6/v1/info --insecure +curl -v -x socks5h://localhost:8882 https://"$(docker logs exit-https 2>&1 | awk -F'profile=' '{if ($2) print $2}' | awk '{print $1}')"/v1/info --insecure ``` When using https, the entry node can be used as a service, since the operator will not be able to see the request data. diff --git a/cmd/exit/exit.go b/cmd/exit/exit.go index 2700b02..fb71efa 100644 --- a/cmd/exit/exit.go +++ b/cmd/exit/exit.go @@ -1,8 +1,10 @@ package main import ( + "fmt" "github.com/asmogo/nws/config" "github.com/asmogo/nws/exit" + "github.com/nbd-wtf/go-nostr" "github.com/spf13/cobra" "log/slog" ) @@ -10,6 +12,11 @@ import ( var httpsPort int32 var httpTarget string +const ( + generateKeyMessage = "Generated new private key. Please update your configuration file with the new key, otherwise your key will be lost, once this application restarts." + startingReverseProxyMessage = "starting exit node with https reverse proxy" +) + func main() { rootCmd := &cobra.Command{Use: "exit", Run: startExitNode} rootCmd.Flags().Int32VarP(&httpsPort, "port", "p", 0, "port for the https reverse proxy") @@ -27,13 +34,20 @@ func startExitNode(cmd *cobra.Command, args []string) { if err != nil { panic(err) } - + if httpsPort != 0 { + cfg.BackendHost = fmt.Sprintf(":%d", httpsPort) + } + if cfg.NostrPrivateKey == "" { + // generate new private key + cfg.NostrPrivateKey = nostr.GeneratePrivateKey() + slog.Warn(generateKeyMessage, "key", cfg.NostrPrivateKey) + } // create a new gw server // and start it ctx := cmd.Context() exitNode := exit.NewExit(ctx, cfg) if httpsPort != 0 { - slog.Info("starting exit node with https reverse proxy", "port", httpsPort) + slog.Info(startingReverseProxyMessage, "port", httpsPort) go func() { err = exitNode.StartReverseProxy(httpTarget, httpsPort) if err != nil { diff --git a/docker-compose.yaml b/docker-compose.yaml index ba9b5f8..1780c34 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -32,7 +32,7 @@ services: nostr: environment: - NOSTR_RELAYS=ws://nostr-relay:8080 - - NOSTR_PRIVATE_KEY=003632642b6df1bb7f150c25aae079d590e6cfcceca924304154fbc2a3a938e3 + - NOSTR_PRIVATE_KEY= - BACKEND_HOST=mint:3338 exit-https: build: @@ -44,13 +44,13 @@ services: nostr: environment: - NOSTR_RELAYS=ws://nostr-relay:8080 - - NOSTR_PRIVATE_KEY=213632642b6df1bb7f150c25aae079d590e6cfcceca924304154fbc2a3a938e3 - - BACKEND_HOST=localhost:4443 - proxy: + - NOSTR_PRIVATE_KEY= + - BACKEND_HOST=:4443 + entry: build: context: . dockerfile: cmd/proxy/Dockerfile - container_name: proxy + container_name: entry ports: - 8882:8882 networks: diff --git a/exit/https.go b/exit/https.go index 5c1f62e..549c688 100644 --- a/exit/https.go +++ b/exit/https.go @@ -12,6 +12,7 @@ import ( "github.com/asmogo/nws/protocol" "github.com/nbd-wtf/go-nostr" "github.com/nbd-wtf/go-nostr/nip04" + "log/slog" "math/big" "net/http" "net/http/httputil" @@ -59,6 +60,7 @@ func (e *Exit) StartReverseProxy(httpTarget string, port int32) error { } cert = *certificate } else { + slog.Info("found certificate event", "certificate", ev.Content) // load private key from file privateKeyEvent := e.pool.QuerySingle(ctx, e.config.NostrRelays, nostr.Filter{ Authors: []string{e.publicKey}, diff --git a/go.mod b/go.mod index c045448..cc628cf 100644 --- a/go.mod +++ b/go.mod @@ -9,6 +9,7 @@ require ( github.com/nbd-wtf/go-nostr v0.30.2 github.com/puzpuzpuz/xsync/v3 v3.0.2 github.com/samber/lo v1.45.0 + github.com/spf13/cobra v1.8.1 github.com/stretchr/testify v1.9.0 golang.org/x/net v0.23.0 ) @@ -23,9 +24,11 @@ require ( github.com/gobwas/httphead v0.1.0 // indirect github.com/gobwas/pool v0.2.1 // indirect github.com/gobwas/ws v1.2.0 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect github.com/tidwall/gjson v1.14.4 // indirect github.com/tidwall/match v1.1.1 // indirect github.com/tidwall/pretty v1.2.0 // indirect diff --git a/go.sum b/go.sum index d2bac6d..b9fae80 100644 --- a/go.sum +++ b/go.sum @@ -25,6 +25,7 @@ github.com/btcsuite/websocket v0.0.0-20150119174127-31079b680792/go.mod h1:ghJtE github.com/btcsuite/winsvc v1.0.0/go.mod h1:jsenWakMcC0zFBFurPLEAyrnc/teJEM1O46fmI40EZs= github.com/caarlos0/env/v11 v11.0.0 h1:ZIlkOjuL3xoZS0kmUJlF74j2Qj8GMOq3CDLX/Viak8Q= github.com/caarlos0/env/v11 v11.0.0/go.mod h1:2RC3HQu8BQqtEK3V4iHPxj0jOdWdbPpWJ6pOueeU1xM= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v0.0.0-20171005155431-ecdeabc65495/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= @@ -58,6 +59,8 @@ github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jessevdk/go-flags v0.0.0-20141203071132-1679536dcc89/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= @@ -83,8 +86,13 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/puzpuzpuz/xsync/v3 v3.0.2 h1:3yESHrRFYr6xzkz61LLkvNiPFXxJEAABanTQpKbAaew= github.com/puzpuzpuz/xsync/v3 v3.0.2/go.mod h1:VjzYrABPabuM4KyBh1Ftq6u8nhwY5tBPKP9jpmh0nnA= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/samber/lo v1.45.0 h1:TPK85Y30Lv9Jh8s3TrJeA94u1hwcbFA9JObx/vT6lYU= github.com/samber/lo v1.45.0/go.mod h1:RmDH9Ct32Qy3gduHQuKJ3gW1fMHAnE/fAzQuf6He5cU= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=