Migrate hidden service definitions from torrc to their own file

This should reduce problems during tor package upgrades

Migrate hidden service definitions from torrc to their own file
98c0b563 · Bob Mottram · 771d0573 · 98c0b563 · 98c0b563
Commit 98c0b563 authored 6 years ago by Bob Mottram
--- a/src/freedombone-upgrade
+++ b/src/freedombone-upgrade
@@ -95,6 +95,7 @@ if [ -d "$PROJECT_DIR" ]; then
        fi

        #rebuild_exim_with_socks
+        torrc_migrate
        nodejs_upgrade
        apt-get -yq -t stretch-backports install certbot
        email_install_tls

--- a/src/freedombone-utils-onion
+++ b/src/freedombone-utils-onion
@@ -31,6 +31,30 @@ TOR_MAX_TRAFFIC_PER_MONTH_GB=10

 USE_V2_ONION_ADDRESS=
 HIDDEN_SERVICE_PATH='/var/lib/tor/hidden_service_'
+ONION_SERVICES_FILE=/etc/torrc.d/freedombone
+
+function torrc_migrate {
+    if [ -f $ONION_SERVICES_FILE ]; then
+        return
+    fi
+    systemctl stop tor
+
+    mkdir /etc/torrc.d
+
+    grep "HiddenServiceDir\|HiddenServiceVersion\|HiddenServicePort" /etc/tor/torrc | grep -v "#HiddenServiceDir" >> $ONION_SERVICES_FILE
+
+    if ! grep "HiddenServiceVersion" $ONION_SERVICES_FILE; then
+        return
+    fi
+
+    if grep -q "#%include /etc/torrc.d" /etc/tor/torrc; then
+        sed -i 's|#%include /etc/torrc.d|%include /etc/torrc.d|g' /etc/tor/torrc
+    else
+        echo "%include /etc/torrc.d" >> /etc/tor/torrc
+    fi
+
+    systemctl restart tor
+}

 function add_email_hostname {
    extra_email_hostname="$1"
@@ -80,17 +104,17 @@ function remove_onion_service {
    nick="$3"

    if [ ${#nick} -gt 0 ]; then
-        sed -i "/stealth ${nick}/d" /etc/tor/torrc
+        sed -i "/stealth ${nick}/d" $ONION_SERVICES_FILE
    fi
-    sed -i "/hidden_service_${onion_service_name}/,+1 d" /etc/tor/torrc
-    sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" /etc/tor/torrc
-    sed -i "/127.0.0.1:${onion_service_port_to}/d" /etc/tor/torrc
+    sed -i "/hidden_service_${onion_service_name}/,+1 d" $ONION_SERVICES_FILE
+    sed -i "/hidden_service_${onion_service_name}_mobile/,+1 d" $ONION_SERVICES_FILE
+    sed -i "/127.0.0.1:${onion_service_port_to}/d" $ONION_SERVICES_FILE
    if [ "$3" ]; then
-        sed -i "/127.0.0.1:${3}/d" /etc/tor/torrc
+        sed -i "/127.0.0.1:${3}/d" $ONION_SERVICES_FILE
        if [ "$4" ]; then
-            sed -i "/127.0.0.1:${4}/d" /etc/tor/torrc
+            sed -i "/127.0.0.1:${4}/d" $ONION_SERVICES_FILE
            if [ "$5" ]; then
-                sed -i "/127.0.0.1:${5}/d" /etc/tor/torrc
+                sed -i "/127.0.0.1:${5}/d" $ONION_SERVICES_FILE
            fi
        fi
    fi
@@ -123,16 +147,16 @@ function add_onion_service {
        USE_V2_ONION_ADDRESS=
        exit 877367
    fi
-    if ! grep -q "hidden_service_${onion_service_name}" /etc/tor/torrc; then
-        echo "HiddenServiceDir ${HIDDEN_SERVICE_PATH}${onion_service_name}/" >> /etc/tor/torrc
+    if ! grep -q "hidden_service_${onion_service_name}" $ONION_SERVICES_FILE; then
+        echo "HiddenServiceDir ${HIDDEN_SERVICE_PATH}${onion_service_name}/" >> $ONION_SERVICES_FILE
        if [ ! $USE_V2_ONION_ADDRESS ]; then
-            echo 'HiddenServiceVersion 3' >> /etc/tor/torrc
+            echo 'HiddenServiceVersion 3' >> $ONION_SERVICES_FILE
        else
-            echo 'HiddenServiceVersion 2' >> /etc/tor/torrc
+            echo 'HiddenServiceVersion 2' >> $ONION_SERVICES_FILE
        fi
-        echo "HiddenServicePort ${onion_service_port_from} 127.0.0.1:${onion_service_port_to}" >> /etc/tor/torrc
+        echo "HiddenServicePort ${onion_service_port_from} 127.0.0.1:${onion_service_port_to}" >> $ONION_SERVICES_FILE
        if [ ${#onion_stealth_name} -gt 0 ]; then
-            echo "HiddenServiceAuthorizeClient stealth ${onion_stealth_name}" >> /etc/tor/torrc
+            echo "HiddenServiceAuthorizeClient stealth ${onion_stealth_name}" >> $ONION_SERVICES_FILE
        fi
    fi

@@ -295,6 +319,14 @@ function install_tor {
    sed -i "s|#AccountingMax.*|AccountingMax $TOR_MAX_TRAFFIC_PER_MONTH_GB GBytes|g" /etc/tor/torrc
    sed -i "s|AccountingMax.*|AccountingMax $TOR_MAX_TRAFFIC_PER_MONTH_GB GBytes|g" /etc/tor/torrc

+    if [ ! -d /etc/torrc.d ]; then
+        mkdir /etc/torrc.d
+    fi
+    sed -i 's|#%include /etc/torrc.d|%include /etc/torrc.d|g' /etc/tor/torrc
+    if ! grep -q '%include /etc/torrc.d' /etc/tor/torrc; then
+        echo '%include /etc/torrc.d' >> /etc/tor/torrc
+    fi
+
    mark_completed "${FUNCNAME[0]}"
 }