tor icon indicating copy to clipboard operation
tor copied to clipboard
verified publisher icon dockur

Added a better Healthcheck logic

Open PhilIsHere opened this issue 3 months ago • 0 comments

Warning: This is just a proof of concept for now! It is not yet prod ready but I wanted to open up a discussion on this and ask people to TEST it. Maybe we could have, next to the Master Branch a Testing/Dev branch for these kind of things?

Hey!

The current health check, respectfully, kinda sucks. It only works in certain scenarios and doesn't really take into account the consent of the network. So I took the basic idea of the current Health check, see if our Relay is Working and if Tor considered it a Tor-Relay. The Goal for me was to:

  • Ensure that the Docker Health check takes into account the consent of the Tor-Network
  • I do not add any external dependencies in my binary
    • Standard Lib only!
  • The Tor-Container stays free of additional dependencies
    • This is done via a Multistage build
  • It stays fairly hassle free for the end user (this comes with a caveat I'll explain later).

The new shiny version of the Health check does the following:

  • Uses the Control Port to extract the Fingerprint of the Relay
    • We use the GETINFO-Command for that.
  • With this Fingerprint we do a simple API-Request to the /details endpoint of Onionoo
    • Within this we find loads of helpful information for the relay such as the running-Value or all of the flags a relay can have.
    • Mind you these are all information directly from the Network: We automatically know and ensure that, consensus-wise, our Docker Container does indeed what we want it to.

For now the logic is fairly simple. It only checks if the Relay is, consensus wise up and running. As I do not have a Guard Relay i was only able to test the Bare-Minimum myself. If there are any errors they will be returned within the main function as Code 1, therefore the Health check logic of Docker will interpret this as "unhealthy". If everything runs nicely we get Code 0, and Docker knows that everything is A-Okay :-)

Current Caveats: Currently I use a very, very insecure authentication method for the Control Port. My Excuse is, that by default I only use this within the Docker Container. The Control Port is bound to localhost (127.0.0.1), so using "password" is an excusable default. The Problem, and reason for this approach is: The Relay saves the Authentication method in the torrc file, hashed as S2K. So for this health check to even run we need to set a default.

But, again, I'm opening this PR because I want to put essentially everything here up for discussion.

PhilIsHere avatar Oct 26 '25 12:10 PhilIsHere