mirror of
https://codeberg.org/pluja/kycnot.me
synced 2024-12-27 08:09:29 -05:00
add security headers, and add tor and i2p containers
This commit is contained in:
parent
effece1749
commit
928d4a420b
@ -19,8 +19,12 @@ services:
|
||||
container_name: kycnotme-website
|
||||
build: ./src
|
||||
networks:
|
||||
caddy: {}
|
||||
default: {}
|
||||
caddy:
|
||||
aliases:
|
||||
- "website"
|
||||
default:
|
||||
aliases:
|
||||
- "website"
|
||||
volumes:
|
||||
- ./src/frontend/templates:/app/frontend/templates
|
||||
env_file:
|
||||
@ -28,6 +32,10 @@ services:
|
||||
labels:
|
||||
caddy: "${WEB_DOMAIN}"
|
||||
caddy.reverse_proxy: "{{upstreams 4488}}"
|
||||
caddy.header.Referrer-Policy: "no-referrer"
|
||||
caddy.header.Strict-Transport-Security: "max-age=31536000; includeSubdomains; preload;"
|
||||
caddy.encode: zstd gzip
|
||||
caddy.header.Onion-Location: ${ONION_ADDRESS}.onion{path}
|
||||
|
||||
pocketbase:
|
||||
image: spectado/pocketbase:latest
|
||||
@ -51,3 +59,33 @@ services:
|
||||
interval: 5s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
|
||||
tor:
|
||||
build:
|
||||
context: ./docker/tor/
|
||||
profiles: ["tor"]
|
||||
container_name: kycnotme-tor
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
caddy: {}
|
||||
volumes:
|
||||
- ./docker/tor/data:/var/lib/tor
|
||||
labels:
|
||||
caddy: ${ONION_ADDRESS}
|
||||
caddy.reverse_proxy: "website:4488"
|
||||
|
||||
i2pd:
|
||||
build:
|
||||
context: ./docker/i2p/
|
||||
profiles: ["i2p"]
|
||||
container_name: kycnotme-i2p
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
caddy: {}
|
||||
#ports:
|
||||
# - ":14447" # socks
|
||||
volumes:
|
||||
- ./docker/i2p/data:/root/.i2pd
|
||||
labels:
|
||||
caddy: ${I2P_ADDRESS}
|
||||
caddy.reverse_proxy: "website:4488"
|
||||
|
10
docker/i2p/Dockerfile
Normal file
10
docker/i2p/Dockerfile
Normal file
@ -0,0 +1,10 @@
|
||||
FROM alpine:latest
|
||||
|
||||
RUN apk --update --no-cache add i2pd && rm -rf /var/cache/apk/*
|
||||
|
||||
COPY i2pd.conf /i2p/i2pd.conf
|
||||
COPY tunnels.conf /i2p/tunnels.conf
|
||||
|
||||
#EXPOSE 14447
|
||||
|
||||
ENTRYPOINT ["i2pd", "--conf=/i2p/i2pd.conf"]
|
12
docker/i2p/i2pd.conf
Normal file
12
docker/i2p/i2pd.conf
Normal file
@ -0,0 +1,12 @@
|
||||
ipv4 = true
|
||||
ipv6 = false
|
||||
|
||||
bandwidth = P
|
||||
|
||||
daemon = false
|
||||
|
||||
tunconf = /i2p/tunnels.conf
|
||||
|
||||
log = file
|
||||
logfile = /i2p/log
|
||||
logclftime = true
|
11
docker/i2p/tunnels.conf
Normal file
11
docker/i2p/tunnels.conf
Normal file
@ -0,0 +1,11 @@
|
||||
[KYCNotMeServer]
|
||||
type = http
|
||||
host = caddy
|
||||
port = 80
|
||||
keys = KYCNotMe.dat
|
||||
|
||||
#[SOCKS]
|
||||
#type = socks
|
||||
#address = localhost
|
||||
#port = 14447
|
||||
#keys = SOCKS.dat
|
7
docker/tor/Dockerfile
Normal file
7
docker/tor/Dockerfile
Normal file
@ -0,0 +1,7 @@
|
||||
FROM alpine:latest
|
||||
|
||||
RUN apk --update --no-cache add tor && rm -rf /var/cache/apk/*
|
||||
|
||||
COPY torrc /etc/torrc
|
||||
|
||||
ENTRYPOINT ["/usr/bin/tor", "--hush", "-f", "/etc/torrc"]
|
9
docker/tor/torrc
Normal file
9
docker/tor/torrc
Normal file
@ -0,0 +1,9 @@
|
||||
HiddenServiceDir /var/lib/tor/hidden_service/
|
||||
HiddenServicePort 80 caddy:80
|
||||
BridgeRelay 0
|
||||
ExitRelay 0
|
||||
Log notice stderr
|
||||
DataDirectory /var/lib/tor
|
||||
RunAsDaemon 0
|
||||
SOCKSPort 0
|
||||
SafeLogging 1
|
28
score.md
Normal file
28
score.md
Normal file
@ -0,0 +1,28 @@
|
||||
# What makes a good non-kyc service?
|
||||
|
||||
1. Accepts at least one anonymous payment method:
|
||||
- Bitcoin
|
||||
- Cash
|
||||
- Monero (even better)
|
||||
|
||||
|
||||
2. KYC Level
|
||||
0. BEST
|
||||
1. ACCEPTABLE
|
||||
2. NOT GOOD
|
||||
3. BAD
|
||||
|
||||
3. Verified
|
||||
1. Better if it is
|
||||
|
||||
4. TosReviews
|
||||
1. As few as possible warnings.
|
||||
|
||||
5. Onion available
|
||||
1. Good to have
|
||||
|
||||
6. Attributes
|
||||
- GOOD: bonus
|
||||
- INFO: nothing
|
||||
- WARNING: penalty
|
||||
- BAD: penalty
|
Loading…
Reference in New Issue
Block a user