commit c0ccb2c9dd08b9159b32c3fe28c52864e9f056dd
parent 0a123b6bdc6506ba9f441774a9339baf70ab7a7a
Author: Petar Yotsev <petar@yotsev.xyz>
Date: Tue, 14 Dec 2021 13:43:41 +0000
Add tor hidden service support
Diffstat:
3 files changed, 39 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
@@ -4,7 +4,8 @@ mmv - minimal mailserver virtual
mmv is a script for setting up a personal email server on OpenBSD using
virtual users. It allows one to host email for multiple domains on the
-same server.
+same server. It also sets up a tor hidden service by default so that one
+can fetch email from public WiFi anonymously.
WARNING: The script is still in development and liable to drastic
changes with no backwards compatibility.
@@ -48,7 +49,7 @@ And change a password with `mpasswd`.
# Troubleshooting
-If the script fails to sign the tls certificate, it's likely that
+If the script fails to sign the TLS certificate, it's likely that
OpenSMTPD and Dovecot will show up as failed. In most cases just getting
the certificate will fix them because they are just failing to load
them.
diff --git a/files/torrc.diff b/files/torrc.diff
@@ -0,0 +1,17 @@
+*** torrc.def 2021-12-14 13:20:57.257968529 +0000
+--- torrc.mod 2021-12-14 13:20:52.464519077 +0000
+***************
+*** 75,82 ****
+--- 75,86 ----
+ #HiddenServiceDir /var/tor/other_hidden_service/
+ #HiddenServicePort 80 127.0.0.1:80
+ #HiddenServicePort 22 127.0.0.1:22
+
++ HiddenServiceDir /etc/mail/hidden-service/
++ HiddenServicePort 587 127.0.0.1:587
++ HiddenServicePort 993 127.0.0.1:993
++
+ ################ This section is just for relays #####################
+ #
+ ## See https://www.torproject.org/docs/tor-doc-relay for details.
+
diff --git a/mmv b/mmv
@@ -165,6 +165,18 @@ success "Configured rspamd" ||
failure "Failed to configure rspamd"
#
+# tor hidden service
+#
+
+patch /etc/tor/torrc files/torrc.diff
+
+rcctl enable tor &&
+rcctl start tor &&
+
+success "Configured tor, see address from /etc/mail/hidden-service/hostname" ||
+failure "Failed to configure tor"
+
+#
# dns
#
@@ -185,6 +197,9 @@ echo "$domain. IN MX 0 $maildom." > /etc/mail/dns/$domain/mx &&
success "Wrote relevant dns records in /etc/mail/dns/$domain/" ||
failure "Failed to write relevant dns records in /etc/mail/dns/$domain/"
+#
+# setup admin account
+#
# TODO: does .forward work with virtual users?
[ $firstuse = "true" ] &&
@@ -197,6 +212,10 @@ Choose a password for the \"admin\" user." &&
madduser $domain admin
+#
+# final status
+#
+
[ $failed = "false" ] &&
success "Done!" ||
failure"Installation incomplete, check the errors and correct them!"