Skip to content

Commit

Permalink
fix: limit CRD description fields to 80 chars (fixes #57)
Browse files Browse the repository at this point in the history
fix: tor-controller manager path moved to /app/manager
fix: README typos
  • Loading branch information
bugfest committed Jul 27, 2023
1 parent 79564d3 commit f274e4c
Show file tree
Hide file tree
Showing 17 changed files with 8,692 additions and 16,866 deletions.
4 changes: 3 additions & 1 deletion Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ IMG_DAEMON ?= tor-daemon:latest
IMG_DAEMON_MANAGER ?= tor-daemon-manager:latest
IMG_ONIONBALANCE_MANAGER ?= tor-onionbalance-manager:latest

GEN_CRD_PARAMS=:maxDescLen=80

# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
ENVTEST_K8S_VERSION = 1.22

Expand Down Expand Up @@ -45,7 +47,7 @@ help: ## Display this help.

.PHONY: manifests
manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
$(CONTROLLER_GEN) rbac:roleName=manager-role crd webhook paths="./..." output:crd:artifacts:config=config/crd/bases
$(CONTROLLER_GEN) rbac:roleName=manager-role crd$(GEN_CRD_PARAMS) webhook paths="./..." output:crd:artifacts:config=config/crd/bases
hack/remove-containers-requirement.sh config/crd/bases

.PHONY: generate
Expand Down
17 changes: 9 additions & 8 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ Check [install section](#install) bellow for more information.
- [Bring your own secret](#bring-your-own-secret)
- [Enable Onion Service protection with Authorization Clients](#enable-onion-service-protection-with-authorization-clients)
- [Custom settings for Tor daemon](#custom-settings-for-tor-daemon)
- [Specifiying Tor network bridges](#specifiying-tor-network-bridges)
- [Specifying Tor network bridges](#specifying-tor-network-bridges)
- [Specify Pod Template Settings](#specify-pod-template-settings)
- [OnionBalancedService Pod Template](#onionbalancedservice-pod-template)
- [Using with nginx-ingress](#using-with-nginx-ingress)
Expand Down Expand Up @@ -106,12 +106,12 @@ Roadmap / TODO
--------------

- Tor daemon management via socket (e.g: config reload)
- Manage Tor Server fingerpting (ed25519_master_id_secret_key, secret_id_key) and automatic family and nickname management
- Manage Tor Server fingerprinting (ed25519_master_id_secret_key, secret_id_key) and automatic family and nickname management
- Tor relays:
- Non exit: Bridge, Snowflake, Middle/Guard
- Exit relay: Tor Exit
- Tor-Istio plugin/extension to route pod egress traffic thru Tor
- Automated Vanguards Tor Addon deploy/setup
- Automated Vanguards Tor Add-on deploy/setup

Install
-------
Expand Down Expand Up @@ -144,7 +144,7 @@ Resources

***Tor***: Tor instance you can use to route traffic to/thru Tor network

**OnionService**: Exposes a set of k8s services using as a Tor Hidden Service. By default it generates a random .onion adress
**OnionService**: Exposes a set of k8s services using as a Tor Hidden Service. By default it generates a random .onion address

**OnionBalancedService**: Exposes a set of k8s services using [Onionbalance](https://gitlab.torproject.org/tpo/core/onionbalance.git). It creates multiple backends providing some sort of HA. Users connect to the OnionBalancedService address and the requests are managed by one of the registered backends.

Expand Down Expand Up @@ -206,7 +206,7 @@ example-onion-service cfoj4552cvq7fbge6k22qmkun3jl37oz273hndr7ktvoahnqg5kdnzqd

**Note**: you can also the alias `onion` or `os` to interact with these resources. Example: `kubectl get onion`

This service should now be accessable from any tor client,
This service should now be accessible from any tor client,
for example [Tor Browser](https://www.torproject.org/projects/torbrowser.html.en):


Expand Down Expand Up @@ -339,10 +339,10 @@ Tor Controller CRDs allows adding extra parameters that will be passed to the To
- Onion Services: use `spec.extraConfig` field
- Onion Balanced Services: use `spec.template.extraConfig` field

Specifiying Tor network bridges
Specifying Tor network bridges
-------------------------------

Prerequisite: bridges information. You can get obfs4 bridges visiting https://bridges.torproject.org/bridges/?transport=obfs4
Prerequisite: bridges information. You can get `obfs4` bridges visiting https://bridges.torproject.org/bridges/?transport=obfs4

Tor daemon instance [example](./hack/sample/tor-custom-config-bridges.yaml). Set the `config` field with the following content:
1. Enable bridges adding the line `UseBridges 1`
Expand Down Expand Up @@ -461,7 +461,7 @@ If you want to serve HTTP stuff, you may want to pair it with
nginx-ingress or some other ingress controller.

To do this, first install nginx-ingress normally. Then point an onion service
to yor nginx-ingress' controller (find it with `kubectl get svc`), for example:
to your nginx-ingress' controller (find it with `kubectl get svc`), for example:

```yaml
apiVersion: tor.k8s.torproject.org/v1alpha2
Expand Down Expand Up @@ -655,6 +655,7 @@ Versions
| 0.1.10 | 0.8.0 | 0.4.6.10 | |
| 0.1.11 | 0.9.0 | 0.4.7.13 | Obfs4-0.0.14 |
| 0.1.12 | 0.9.1 | 0.4.7.13 | Obfs4-0.0.14 |
| 0.1.13 | 0.9.1 | 0.4.7.13 | Obfs4-0.0.14 |

References
----------
Expand Down
2 changes: 1 addition & 1 deletion apis/tor/v1alpha1/onionservice_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ type SecretReference struct {
// OnionServiceStatus defines the observed state of OnionService.
type OnionServiceStatus struct {
Hostname string `json:"hostname"`
TargetClusterIP string `json:"targetClusterIp"`
TargetClusterIP string `json:"targetClusterIP"`
}

// +kubebuilder:object:root=true
Expand Down
2 changes: 1 addition & 1 deletion apis/tor/v1alpha2/onionbalancedservice_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ type OnionBalancedServiceStatus struct {
Hostname string `json:"hostname,omitempty"`

// +optional
TargetClusterIP string `json:"targetClusterIp,omitempty"`
TargetClusterIP string `json:"targetClusterIP,omitempty"`

// +optional
Backends map[string]OnionServiceStatus `json:"backends,omitempty"`
Expand Down
2 changes: 1 addition & 1 deletion apis/tor/v1alpha2/onionservice_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ type OnionServiceStatus struct {
Hostname string `json:"hostname,omitempty"`

// +optional
TargetClusterIP string `json:"targetClusterIp,omitempty"`
TargetClusterIP string `json:"targetClusterIP,omitempty"`
}

// +kubebuilder:resource:shortName={"onion","os"}
Expand Down
2 changes: 1 addition & 1 deletion charts/tor-controller/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.12
version: 0.1.13

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
4 changes: 2 additions & 2 deletions charts/tor-controller/README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# tor-controller

![Version: 0.1.11](https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.9.0](https://img.shields.io/badge/AppVersion-0.9.0-informational?style=flat-square)
![Version: 0.1.13](https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.9.1](https://img.shields.io/badge/AppVersion-0.9.1-informational?style=flat-square)

Tor hidden services controller for kubernetes

Expand Down Expand Up @@ -36,4 +36,4 @@ Tor hidden services controller for kubernetes
| upgradeRollout | bool | `true` | Automatically rollout controller deployment after upgrade |

----------------------------------------------
Autogenerated from chart metadata using [helm-docs v1.6.0](https://github.com/norwoodj/helm-docs/releases/v1.6.0)
Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)
Loading

0 comments on commit f274e4c

Please sign in to comment.