search

shermand100 / PiNodeXMR

Monero Node for Single Board Computers with Web Interface and additional tools pre-configured. Self Installing.
GNU General Public License v3.0
219 stars 41 forks source link

Private Node over Tor with RPC over LAN #41

Closed ChiefGyk3D closed 3 years ago

ChiefGyk3D commented 3 years ago

I think there should be an option for Tor Nodes to run without a Tor-ified wallet being needed. For example some of us maybe want it only locally available for ourselves. I modified it to do so and works perfectly find by binding it to $Device_IP but status isn't displaying, but logs and such work otherwise.

shermand100 commented 3 years ago

And yeah I agree. This would allow LAN Monero GUI to broadcast over tor through PiNodeXMR. As I said in the telegram chat I'm reworking the Web UI to be fully customisable but this should be default behaviour so long as the binding rules are met and Monero doesn't kick up a fuss. I've found tor bindings temperamental with conflicts in the past when experimenting.

Are you saying you just changed the RPC-BIND-IP=127.0.0.0.1 to $DEVICE_IP?

shermand100 commented 3 years ago

So there's been quite a few little "touches" that have taken place behind the scenes with these issues that have been fixed. This is the first one though that has a direct influence on how someone operates their node. So I've quietly updated PiNodeXMR to v4.21.04 and will announce once this is all in the Armbian branch too.

RPC IP has been changed to $DEVICE_IP annonymous_inbound has been changed to 127.0.0.1 HiddenService config now routes P2P and RPC (not just RPC) so tor seeding from a PiNodeXMR should be possible.

https://github.com/monero-ecosystem/PiNode-XMR/commit/e67a58a4ec1c3681bce0014d2aec1d81c845a07a

shermand100 commented 3 years ago

Well that was another horrible fight with tor. The new issue this caused was that the /etc/tor/torrc settings for hiddenService redirections (ie :18081 redirects to 127.0.0.1:18081), is broken by the above merge as RPC is now on 192.168.x.xxx local ip not 127.0.0.1.

The issue to solve was how to tell tor to redirect to hostname -I.

I spent several hours trying to use the tor docs that states it's possible to pass cli arguments which would be able to resolve the call to hostname -I and add that to the tor systemd service exec. But damn I just wasn't getting anywhere. Just one error after another. tor didn't like it.

So this is the solution. A single line overwrite of line 73 in torrc followed by a restart of tor. This has been worked into the tor installer script and the updater script.

The foreseen issue is that a user who's router allocated local IPs to PiNodeXMR via DHCP with a lease time will not have external access via hiddenService if a IP lease expires and so changes. Static local addresses should be used for tor.

shermand100 commented 3 years ago

Final Fix https://github.com/monero-ecosystem/PiNode-XMR/commit/21437171edde172a796cc6c05932c0e122a24e94