From ac6d311ada4cbc0557d1c56bd61d81a543d7f767 Mon Sep 17 00:00:00 2001 From: Miraty Date: Sun, 29 Jan 2023 23:16:58 +0100 Subject: [PATCH] Use unix sockets for Onion=>nginx connections --- DOCS/configuration.md | 4 ++-- config.ini | 2 +- pg-act/ht/add-onion.php | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/DOCS/configuration.md b/DOCS/configuration.md index 10d757c..718c218 100644 --- a/DOCS/configuration.md +++ b/DOCS/configuration.md @@ -214,9 +214,9 @@ Network port where nginx listens. The common default port is `443`. IP address where nginx listens. May be the same as `ipv6_address` and `ipv4_address`, or `[::]` and `0.0.0.0` to listen on every address available. -### `internal_onion_http_port` +### `http_onion_socket` -The port of `[::1]` set in Tor and nginx configuration files when creating an Onion service. +Filesystem path to the unix socket created by nginx and listening for incoming Onion services connections. (Used in Tor and nginx configuration files when creating an Onion service.) ### `user_quota_testing`, `user_quota_approved` diff --git a/config.ini b/config.ini index 277cfd2..7d499c8 100644 --- a/config.ini +++ b/config.ini @@ -72,7 +72,7 @@ public_sftp_port = 2022 https_port = 42443 ipv6_listen_address = "::1" ipv4_listen_address = "127.0.0.1" -internal_onion_http_port = 9080 +http_onion_socket = "/run/servnest/nginx.sock" user_quota_testing = 20971520 user_quota_approved = 209715200 diff --git a/pg-act/ht/add-onion.php b/pg-act/ht/add-onion.php index 3bce480..bf39f61 100644 --- a/pg-act/ht/add-onion.php +++ b/pg-act/ht/add-onion.php @@ -7,7 +7,7 @@ rateLimit(); // Add Tor config $torConf = 'HiddenServiceDir ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['id'] . '/' . $_POST['dir'] . '/ -HiddenServicePort 80 [::1]:' . CONF['ht']['internal_onion_http_port'] . ' +HiddenServicePort 80 unix:' . CONF['ht']['http_onion_socket'] . ' '; if (file_put_contents(CONF['ht']['tor_config_path'] . '/' . $_SESSION['id'] . '/' . $_POST['dir'], $torConf) === false) output(500, 'Failed to write new Tor configuration.'); @@ -28,7 +28,7 @@ addSite($_SESSION['id'], $_POST['dir'], $onion, 'onion'); // Add Nginx config $nginxConf = 'server { - listen [::1]:' . CONF['ht']['internal_onion_http_port'] . '; + listen unix:' . CONF['ht']['http_onion_socket'] . '; server_name ' . $onion . '; root ' . CONF['ht']['ht_path'] . '/' . $_SESSION['id'] . '/' . $_POST['dir'] . ';