WebUI isn't working

[k0nsl]

Hi.

Thanks for creating this interesting project. I got to know it through the tor-relays list.

At any rate, I got it installed successfully on one of the boxes and it appears to interact with the tor service, as per:

root@jim:~/theonionbox/theonionbox# ./theonionbox.py
The Onion Box v1.0rc: WebInterface for Tor Relays
Failed to load configuration from 'theonionbox.cfg'
Operating with configuration from 'config/theonionbox.cfg'

[BOX] 2015-12-30 21:21:18 Launching The Onion Box!
[BOX] 2015-12-30 21:21:18 Trying to connect to Tor Relay on 127.0.0.1:9090.
[BOX] 2015-12-30 21:21:18 Connected...

My theonionbox.cfg looks like this:

root@jim:~/theonionbox/theonionbox# cat config/theonionbox.cfg
# Configuration File for TheOnionBox
[config]
protocol = 1

[TheOnionBox]
# Address of your Onion Box;
# probably should be '0.0.0.0' (preferred)
# or 'localhost', yet might be something
# else, eg when operating with several ip's:
# host = localhost
# listen on all interfaces
host = [redacted]

# To enable DEBUG mode
# debug = true

# Port for the Web Server
#8080 should be fine in most cases!
port = 9091

# The duration we accept between the delivery of the login_page
# and the request for login (in seconds)
login_ttl = 30

# Define the webserver used for serving the pages:
# This is the standard WSGIRefServer server
# Remark: This server cannot process IE requests!
# Thus: Don't use it if you expect clients operating with IE!
#server = default
# Enable this if you've CherryPy available
server = cherrypy
# Shall we operate with SSL?
# Note: To actually make this running, you have to create a valid ssl certificate first:
# So run e.g.
# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
#
# DON'T distribute this combined private/public key to clients!
# (see http://www.piware.de/2011/01/creating-an-https-server-in-python/#comment-11380)
ssl = no
# ssl = yes
#
# The file that holds the Certificate!
# ssl_certificate = server.pem
# The file that holds the Key!
# ssl_key = private_key.pem

# When a NTP server is provided
# we use it's time to compensate the server's clock
ntp_server = pool.ntp.org
# ntp_server = fritz.box

[TorRelay]
# Address of the Tor Relay
# Do NOT use 'localhost' but 127.0.0.1 to connect locally
tor_host = 127.0.0.1

# Control Port of the Tor Relay
tor_control_port = 9090

# Timeout when connecting to Tor's Control Port.
# Usually the connection should be established very quick;
# you may increase this if connecting to very remote systems.
# tor_control_timeout = 60

# The Number of Seconds we keep the connection to
# the Relay open after the last user disconnected
# Hint: The minimum reasonable TTL is > 30(s)
# eg. 1 day
# tor_ttl = 86400
# eg. 1 hour
# tor_ttl = 3600
# eg. forever
# tor_ttl = -1
tor_ttl = 30

# Switches to preserve the messages of the Relay
# Up to 400 messages (total) will be preserved
# The severity of these messages can be defined here
# There's one switch for ERR, WARN & NOTICE
# There's NO switch for INFO & DEBUG (as this would flood the memory without true value)
# Live - transmission of messages can be switched on/off in the client

# tor_preserve_ERR = no
tor_preserve_ERR = yes
# tor_preserve_WARN = no
tor_preserve_WARN = yes
# tor_preserve_NOTICE = no
tor_preserve_NOTICE = yes

host is set to my public facing IP address. When I try to access the WebUI it only says ERR_CONNECTION_REFUSED in Chromium. CherryPy is installed. It doesn't matter if I use CherryPy or the default, same problem.

I am running Debian 7 (wheezy). The firewall is set to allow this and any other relevant ports.

Did I overlook something completely obvious or what could the issue be? For now it's simply a guessing game for me :/

Best wishes, -k0nsl

[ralphwetzel]

Hi! First of all "Thank You" for providing feedback. Some comments that might help you:

• You could switch on the 'Debug Mode' via the config file to receive some further information on what's happening during program excecution:

# To enable DEBUG mode
debug = true

• With the debug mode switched on, you should receive something like this:

The Onion Box v1.0rc: WebInterface for Tor Relays
Operating with configuration from 'config\myonionbox.cfg'

[BOX] 2015-12-30 19:53:38 Launching The Onion Box!
[BOX] 2015-12-30 19:53:39 Trying to connect to Tor Relay on 192.168.178.28:9090.
[BOX] 2015-12-30 19:53:39 Connected...
Bottle v0.12.8 server starting up (using BoxCherryPyServer())...
Listening on http://localhost:8080/
Hit Ctrl-C to quit.

[BOX] 2015-12-30 19:53:37 Server Time aligned against Time from 'fritz.box'; adjusted delta: -2.06 seconds
[BOX] 2015-12-30 19:53:37 Operating with CherryPy!

... which might tell you the address of The Box:

Listening on http://localhost:8080/

NB: I'll add a message that prints this address to the log as well.

• The 'launch sequence' ends with the info

[BOX] 2015-12-30 19:53:37 Operating with CherryPy!

If you don't receive this, there's probably an issue...

• Have you tried setting

# listen on all interfaces
host = 0.0.0.0

for testing purposes. This should work usually...

Best regards, ralph

[k0nsl]

I followed your recommendations @ralphwetzel but it didn't help, I'm afraid.

Turning on debug didn't result in any other output than what was shown to me earlier, all it says (after circa 20 minutes of waiting):

root@jim:~/theonionbox/theonionbox# ./theonionbox.py
The Onion Box v1.0rc: WebInterface for Tor Relays
Failed to load configuration from 'theonionbox.cfg'
Operating with configuration from 'config/theonionbox.cfg'

[BOX] 2015-12-30 22:30:00 Launching The Onion Box!
[BOX] 2015-12-30 22:30:00 Trying to connect to Tor Relay on 127.0.0.1:9090.
[BOX] 2015-12-30 22:30:00 Connected...

Apart from following your recommendations I tried to set up a reverse proxy with nginx in the following format, all very simple:

server {
        listen   redacted:80;

        server_name redacted.domain.tld;

        access_log /dev/null;
        error_log /dev/null crit;

location / {
proxy_pass http://localhost:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
}

That didn't yield any positive results, either.

I will dig around more to see if I can get it to work.

Best wishes, -k0nsl

[k0nsl]

Oh, wait a second. The "problem" appears to be that it only listens on IPv6 and my ISP here at home doesn't support it and I've got no tunnel at the moment. But it only listens on IPv6:

tcp6       0      0 ::1:8080                :::*                    LISTEN

So now I have narrowed it down, I think. Is it possible to have it listen only on IPv4?

[k0nsl]

Okay, I got it working by setting host to 0.0.0.0 in theonionbox.cfg and using my nginx reverse proxy configuration posted above; I can now login and watch all the pertinent data. Another thing, upon launching theonionbox.py I had to push Q on my keyboard one time and it started the CherryPy server. Weird.

Here's a screencast of it running: https://i.knsl.org/theonionbox-test01_k0nsl.webm

Great stuff. Thanks again!

PS: Are you on IRC, on Freenode or elsewhere?

Best wishes, -k0nsl

[ralphwetzel]

Great to read that you made it running. Do you have any special proposal for changes so that things work more fluently next time? Greetings!

[k0nsl]

@ralphwetzel,

I will try to come up with suggestions later on. However, despite my initial "issues" (probably self-inflicted) the installation was painless. A smooth experience.

All in all I'm very pleased with the current procedure.

I may consider making another theme for it, based on “Semantic UI”. But only if time allows. I'm unsure if that would be a waste of time or not, seeing as it already looks fine to me.

[ralphwetzel]

@k0nsl , Freenode; same nick. Greetings & thanks for the cast! ralph