I'm trying to run soju over tor via torsocks
.
I can connect normally to libera.chat using SASL EXTERNAL.
As suggested by the libera.chat docs, I have tor mapping the libera .onion service to palladium.libera.chat
. And soju is resolving to the correct virtual ipv4 address provided by tor. But after that, soju times out connecting:
Apr 30 21:51:11 irc-bouncer torsocks[2475]: 2024/04/30 21:51:11 user "foo": network "libera": waiting 3m53s before trying to reconnect to "ircs://palladium.libera.chat:6697"
Apr 30 21:55:04 irc-bouncer torsocks[2475]: 2024/04/30 21:55:04 user "foo": upstream "libera": connecting to TLS server at address "palladium.libera.chat:6697"
Apr 30 21:55:05 irc-bouncer torsocks[2475]: 2024/04/30 21:55:04 user "foo": upstream "libera": using TLS client certificate XXXXXXX
Apr 30 21:55:19 irc-bouncer torsocks[2475]: 2024/04/30 21:55:19 user "foo": network "libera": connection error to "ircs://palladium.libera.chat:6697": failed to connect: failed to dial "palladium.libera.chat:6697": dial tcp <nil>->X.X.X.X:6697: i/o >
I left off debugging there, so maybe (probably?) I'm missing something obvious.
For my current needs it would probably be sufficient to get torsocks
working, but it seems like the ideal scenario would be for soju to support connecting via SOCKS5 directly. Here is a similar feature request for ZNC.
Thanks in advance!
For completeness, here's my
torrc
:SocksPort 9050 NoPreferIPv6Automap VirtualAddrNetworkIPv4 10.192.0.0/10 AutomapHostsOnResolve 1 MapAddress palladium.libera.chat libera75jm6of4wxpxt4aynol3xjmbtxgfyjpu34ss4d7r7q2v5zrpyd.onion
I don't believe plumbing Tor/proxy support to each and every program that uses TCP is a good way forward. I would recommend setting up a system-wide transparent proxy instead (
TransPort
in Tor config), which makes Tor work similarly to VPNs.
Ah perfect, thanks! I missed that setting. That makes sense to me, and works better for me anyway.
I'd like SOCKS5 proxy support too. A system-wide transparent proxy is overkill for me, I just need it for Libera.
This would be useful to me as well. I'm running soju in a container and accessing it through wireguard. I would like it to route connections to irc networks over a non-tor socks proxy. its completely doable to get it to work, but I would need to either build redsocks or graftcp in my dockerfile and also mess with iptables. It would be much easier to just set a proxy in the config file. I'll probably modify the patch by Egor to connect to the right address and use that for now.