Repository: osminogin/docker-tor-simple Branch: master Commit: b327b516952c Files: 12 Total size: 10.6 KB Directory structure: gitextract_ugz5nn32/ ├── .github/ │ └── workflows/ │ ├── build.yml │ ├── updater.yml │ └── version.yml ├── .gitignore ├── Dockerfile ├── LICENSE ├── Makefile ├── README.md ├── VERSION ├── contrib/ │ └── tor.service ├── docker-compose.yml └── hooks/ └── build ================================================ FILE CONTENTS ================================================ ================================================ FILE: .github/workflows/build.yml ================================================ name: build images on: push: branches: - master jobs: buildx: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - uses: docker/login-action@v1 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - id: build_args run: | echo '::set-output name=BUILD_DATE::$(date +'%Y-%m-%dT%H:%M:%S')' echo '::set-output name=VERSION::$(head -1 VERSION)' - name: Set up Docker Buildx uses: crazy-max/ghaction-docker-buildx@v1 with: buildx-version: latest qemu-version: latest - name: Run Buildx run: | DOCKER_IMAGE=osminogin/tor-simple docker buildx create --use --name build --node build --driver-opt network=host docker buildx build \ --platform linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64 \ --output "type=image,push=true" \ --tag ${DOCKER_IMAGE}:latest \ --tag ${DOCKER_IMAGE}:${{ steps.build_args.outputs.VERSION }} \ --build-arg VERSION=${{ steps.build_args.outputs.VERSION }} \ --build-arg BUILD_DATE=${{ steps.build_args.outputs.BUILD_DATE }} \ --build-arg VCS_REF=${GITHUB_SHA::8} \ . - name: Inspect Image run: | docker buildx imagetools inspect osminogin/tor-simple:latest ================================================ FILE: .github/workflows/updater.yml ================================================ name: Latest version on: schedule: - cron: "30 2 * * *" jobs: check: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Get remote package data uses: wei/curl@master with: args: --silent "https://pkgs.alpinelinux.org/package/edge/community/x86_64/tor" --output ./package_data.html - name: Cut version from package data run: | remote_version=$(grep -A 3 -i version ./package_data.html | sed -E 's#.*>([0-9\.]+)-r[0-9]+#\1#g' | tail -1 | sed 's/^[ \t]*//;s/[ \t]*$//') echo "##[set-output name=version;]$remote_version" id: package_version - name: Check remote version with local run: | grep -q ${{ steps.package_version.outputs.version }} VERSION ================================================ FILE: .github/workflows/version.yml ================================================ name: latest version on: schedule: - cron: '20 1 * * *' push: branches: - master jobs: check: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Get remote package data uses: wei/curl@master with: args: --silent "https://pkgs.alpinelinux.org/package/edge/community/x86_64/tor" --output package_data.html - name: Check remote version with local run: | grep -A 3 -i version package_data.html | sed -E 's#.*>([^>-]+).*#\1#g' | tail -1 | grep -q $(cat VERSION) ================================================ FILE: .gitignore ================================================ .idea/ ================================================ FILE: Dockerfile ================================================ FROM alpine:edge ARG TARGETPLATFORM ARG BUILDPLATFORM ARG BUILD_DATE ARG VCS_REF ARG VERSION LABEL maintainer="osintsev@gmail.com" \ org.label-schema.license="MIT" \ org.label-schema.build-date=$BUILD_DATE \ org.label-schema.name="Tor network client (daemon)" \ org.label-schema.description="Tor network client (daemon) with simple usage" \ org.label-schema.url="https://www.torproject.org" \ org.label-schema.vcs-url="https://github.com/osminogin/docker-tor-simple" \ org.label-schema.vcs-ref=$VCS_REF \ org.label-schema.usage="https://github.com/osminogin/docker-tor-simple#getting-started" \ org.label-schema.docker.cmd="docker run -d --rm --publish 127.0.0.1:9050:9050 --name tor osminogin/tor-simple" \ org.label-schema.schema-version="1.0" \ org.label-schema.version=$VERSION RUN apk add --no-cache curl tor && \ sed "1s/^/SocksPort 0.0.0.0:9050\n/" /etc/tor/torrc.sample > /etc/tor/torrc EXPOSE 9050 HEALTHCHECK --interval=60s --timeout=15s --start-period=20s \ CMD curl -x socks5h://127.0.0.1:9050 'https://check.torproject.org/api/ip' | grep -qm1 -E '"IsTor"\s*:\s*true' VOLUME ["/var/lib/tor"] USER tor CMD ["tor"] ================================================ FILE: LICENSE ================================================ Copyright (c) 2015-2023 Vladimir Osintsev Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================ FILE: Makefile ================================================ PROJECT_NAME ?= tor VERSION ?= $(strip $(shell cat VERSION)) GIT_COMMIT = $(strip $(shell git rev-parse --short HEAD)) DOCKER_IMAGE ?= osminogin/tor-simple DOCKER_TAG ?= latest # Build Docker image build: docker_build docker_tag output # Build and push Docker image release: docker_tag docker_push output default: build docker_build: @docker build \ --compress \ --force-rm \ --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \ --build-arg VCS_REF=$(GIT_COMMIT) \ --build-arg VERSION=$(VERSION) \ --tag $(DOCKER_IMAGE):$(VERSION) . buildx: # TODO: Copy logic from docker file docker_tag: docker tag $(DOCKER_IMAGE):$(VERSION) $(DOCKER_IMAGE):$(DOCKER_TAG) docker_push: docker push $(DOCKER_IMAGE):$(DOCKER_TAG) docker push $(DOCKER_IMAGE):$(VERSION) run: @echo 'Starting container $(DOCKER_IMAGE):$(DOCKER_TAG)' @docker run --publish 9050:9050 -i $(DOCKER_IMAGE):$(DOCKER_TAG) output: @echo Docker Image: $(DOCKER_IMAGE):$(DOCKER_TAG) .PHONY: release output run docker_build docker_push default build buildx ================================================ FILE: README.md ================================================ # docker-tor-simple [![build images](https://github.com/osminogin/docker-tor-simple/workflows/build%20images/badge.svg)](https://github.com/osminogin/docker-tor-simple/actions?query=workflow%3A%22build+images%22) [![](https://images.microbadger.com/badges/version/osminogin/tor-simple.svg)](https://microbadger.com/images/osminogin/tor-simple) [![latest version](https://github.com/osminogin/docker-tor-simple/actions/workflows/version.yml/badge.svg)](https://github.com/osminogin/docker-tor-simple/actions?query=workflow%3A%22latest+version%22) [![](https://img.shields.io/docker/stars/osminogin/tor-simple.svg)](https://hub.docker.com/r/osminogin/tor-simple) [![](https://images.microbadger.com/badges/image/osminogin/tor-simple.svg)](https://microbadger.com/images/osminogin/tor-simple) [![License: MIT](https://img.shields.io/badge/license-MIT-black.svg)](https://github.com/osminogin/docker-tor-simple/blob/master/LICENSE) **Smallest minimal docker container for Tor network proxy daemon.** Suitable for relay, exit node or hidden service modes with SOCKSv5 proxy enabled. It works well as a single self-contained container or in cooperation with other containers (like `nginx`) for organizing complex hidden services on the Tor network. The image is based on great Alpine Linux distribution so it is has extremely low size (about 8 MB). Service uses latest available version of [Tor package](https://pkgs.alpinelinux.org/package/edge/community/x86_64/tor) from [Edge repo](https://wiki.alpinelinux.org/wiki/Edge). ## Port * `9050` SOCKSv5 (without auth) ## Volumes * `/var/lib/tor` data dir. ## Getting started ### Installation Automated builds of the image are available on [Docker Hub](https://hub.docker.com/r/osminogin/tor-simple/) and is the recommended method of installation. ```bash docker pull osminogin/tor-simple ``` Alternatively you can build the image yourself. ```bash export PROJECT_NAME=tor-node # docker image name make build DOCKER_IMAGE=$PROJECT_NAME ``` ### Quickstart ```bash export PROJECT_NAME=tor-local # changing default name make build DOCKER_IMAGE=$PROJECT_NAME make run # or with docker-compose ... docker-compose up # or altenativly run docker directly ... docker run --publish 127.0.0.1:9050:9050 -i $PROJECT_NAME ``` After start Tor proxy available on `localhost:9050` **Warning! Don't bind SOCKSv5 port 9050 to public network addresses if you don't know exactly what you are doing (is much better bind to `localhost` as in the example above)**. ## Advanced usage You can copy original tor config from container, modify and mount them back inside. Changing the configuration file is required for running Tor as exit node, relay or bridge. For some operation modes you need to expose additional ports (9001, 9030, 9051). ```bash # Copy config from running container docker cp tor:/etc/tor/torrc $HOME/torrc # ... modify torrc and run again # Start more complex example with updated config docker run --rm --name tor \ --publish 127.0.0.1:9050:9050 \ --expose 9001 --publish 9001:9001 \ # ORPort --expose 9030 --publish 9030:9030 \ --expose 9051 --publish 9051:9051 \ --volume $HOME/torrc:/etc/tor/torrc:ro \ osminogin/tor-simple ``` ## Unit file for systemd #### tor.service ```ini [Unit] Description=Tor service Wants=network-online.target Requires=docker.service After=docker.service network.target network-online.target [Service] TimeoutStartSec=0 Restart=always RestartSec=10s ExecStartPre=/usr/bin/docker pull osminogin/tor-simple ExecStart=/usr/bin/docker run --rm --name tor -p 127.0.0.1:9050:9050 osminogin/tor-simple ExecStop=/usr/bin/docker stop tor [Install] WantedBy=multi-user.target ``` ## Examples Example webserver deployment config with microservice architecture to setup Tor hidden service. #### docker-compose.yml ```yaml version: '3.7' services: tor-node: image: osminogin/tor-simple restart: always depends_on: - nginx nginx: image: nginx restart: always ``` ## License See [LICENSE](https://github.com/osminogin/docker-tor-simple/blob/master/LICENSE) ================================================ FILE: VERSION ================================================ 0.4.9.5 ================================================ FILE: contrib/tor.service ================================================ [Unit] Description=Tor daemon Wants=network-online.target Requires=docker.service After=docker.service network.target network-online.target [Service] TimeoutStartSec=0 Restart=always RestartSec=15s ExecStartPre=/usr/bin/docker pull osminogin/tor-simple ExecStart=/usr/bin/docker run --rm --name tor -p 127.0.0.1:9050:9050 osminogin/tor-simple ExecStop=/usr/bin/docker stop tor [Install] WantedBy=multi-user.target ================================================ FILE: docker-compose.yml ================================================ version: '3' services: tor: build: . restart: always ports: - 127.0.0.1:9050:9050 volumes: - tor-data:/var/lib/tor volumes: tor-data: driver: local ================================================ FILE: hooks/build ================================================ #!/bin/sh make build && make release