Decentralized, Anonymous, Object Storage
Join the discussion in
#orc on our Rocket.Chat!
The Onion Routed Cloud. ORC is a decentralized, anonymous, object storage platform owned and operated by allies in defense of human rights and opposition to censorship.
Using Docker (Recommended)
Just install Docker and run the commands below:
docker pull orcproject/orc mkdir ~/.config/orcd docker run -it -v ~/.config/orcd:/root/.config/orcd orcproject/orc --reset-passphrase
This will generate the configuration files and encrypted private keys and exit. Now you can run the ORC daemon, supplying it with these files and publishing the web interface port to the host (if you wish to access it locally):
docker run -it -p 127.0.0.1:9089:9089 -v ~/.config/orcd:/root/.config/orcd orcproject/orc
You must run the container with the
--interactive flag so you can set
and/or input your passphrase. There is also a command line option for
that will non-interactively read the passphrase from a file,
you wish you run the container non-interactively. This is useful for running a
node in the cloud remotely and letting it restart automatically if it exits or
echo 'MySecurePassphrase' > ~/.config/orcd/passwd docker run \ --restart always \ --volume ~/.config/orcd:/root/.config/orcd \ --publish 127.0.0.1:9089:9089 \ --tty --detach \ orcproject/orc --passphrase /root/.config/orcd/passwd
Then you can access your node via it's authenticated onion service using
Tor Browser. Note
that in order to run the container detached with automatic restarts, you cannot
--interactive flag and must use the
--passphrase method shown
above. Consult the Docker documentation for details on different options.
npm install -g @orcproject/orc orcd
On first run, ORC will generate a fresh configuration and setup the data
directory. Modify the created configuration at
desired (see the Configuration Guide) and send
SIGINT to the process
Ctrl+C). Once you are satisfied with your configuration, run ORC again.
Once started, you can setup your node through the Web UI which is accessible
via both a local port and onion address printed to the console when running
orcd. You can also use the guide for Using the REST API to interact with you
node if you are a developer or advanced user! You can watch your logs with
tail -f ~/.config/orcd/orcd.log.
ORC works on an explicit trust model. By default, ORC will only trust unknown nodes for discovering peers, retreiving public objects, and storing object metadata. If you want to store objects, you must establish trust with other nodes. This is done explicity by all parties who trust each other. Run ORC with your friends, other activists, or complementary organizations.
Each node is identified by the hash of their public key. You'll see this on
every log line under the
name property. For example,
b605647afc146760fc15ef7cd59720f1ee7d82e1. To establish trust with a friend,
each of you must provide your identity to each other out of band (we recommend
using Ricochet). Once you've exchanged identity keys,
add a trust policy to your configuration file.
For every node you wish to add to your storage grid, each must add a policy
like the above which says "allow
to store and retrieve shards. You can also add new trusted peers using the
web interface. See the Configuration Guide for more information.
If you are a press organization or activist group and would like help getting setup with ORC, please reach out to us by email at
counterpoint[at]disroot.org- we'd love to assist you!
Automatic Security Updates
When running the ORC server installation with Docker, you can configure your node to periodically check for updates and automatically download the latest image and restart your node to make sure you are always running the latest stable release. Since you already have Docker installed, pull the image for Watchtower and run it.
docker pull v2tec/watchtower docker run -d --name watchtower -v /var/run/docker.sock:/var/run/docker.sock v2tec/watchtower
Now, Watchtower will check for the latest stable images for running containers and automatically update them.
git clone https://gitlab.com/orcproject/orc cd orc npm install npm start
This will volume mount the the appropriate directories for development, and
then boots up a complete sandboxed ORC network, including a complete sandboxed
Tor network and once bootstrapped, binds ports
14089 to the host for full end-to-end testing using 5 nodes in
a trusted grid. Each of these nodes can be controlled in your web browser by
visiting their respective ports. The passphrase for each running node is:
Simulation for accessing the web interfaces.
The development container does not persist state between
runs. Note that stable releases are tagged and the
master branch may contain
unstable or bleeding-edge code. Happy hacking!
ORC - Distributed Anonymous Cloud Copyright (C) 2017 Counterpoint Hackerspace, Ltd. Copyright (C) 2017 Gordon Hall This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.