Skip to content

Latest commit

 

History

History
9 lines (7 loc) · 1.39 KB

README.md

File metadata and controls

9 lines (7 loc) · 1.39 KB

docker-cryptodog

This is the Docker Compose application that powers Cryptodog in development and production. It consists of the following services:

  • caddy: a Caddy instance that serves static files for the website and Cryptodog web application. It also provides a WebSocket endpoint that reverse-proxies requests to updog, which then reverse-proxies them to the ejabberd server.
  • debian-ejabberd: an ejabberd server. This is the backend for Cryptodog. It supports only XMPP anonymous authentication (no user registration) and makes no direct C2S/S2S XMPP connections; the only public access is through the WebSocket endpoint in the caddy service. We also patch ejabberd to disable the default behavior of granting room admin privileges to the first member of a room.
  • onion-service: a Tor daemon for Cryptodog's onion service.
  • updater: a simple Go program that automatically updates the website and web application from their signed releases on GitHub.
  • updog: a simple rate-limiting proxy, written in Go, that sits between Caddy and ejabberd. This was deemed necessary after malicious actors discovered they could crash ejabberd and freeze the web application by flooding the server with messages.