diff --git a/Dockerfile b/Dockerfile index 306a4a9..edac29d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,7 +15,7 @@ ARG USER="root" ARG SHELL_OPTS="set -e -o pipefail" ARG SERVICE_PORT="80" -ARG EXPOSE_PORTS="80 8118 9053 9050 9080" +ARG EXPOSE_PORTS="80 8118 9040 9050 9053 9080" ARG PHP_VERSION="system" ARG NODE_VERSION="system" ARG NODE_MANAGER="system" diff --git a/rootfs/tmp/etc/tor/hidden/default.conf b/rootfs/tmp/etc/tor/hidden/default.conf new file mode 100644 index 0000000..e69de29 diff --git a/rootfs/tmp/etc/tor/torrc b/rootfs/tmp/etc/tor/torrc index 91c1f06..318f613 100644 --- a/rootfs/tmp/etc/tor/torrc +++ b/rootfs/tmp/etc/tor/torrc @@ -1,5 +1,6 @@ -##### Configuration file for a typical Tor user +##### Configuration file RunAsDaemon 0 +HardwareAccel 1 ControlSocketsGroupWritable 1 CookieAuthentication 1 CookieAuthFileGroupReadable 1 @@ -9,19 +10,26 @@ HashedControlPassword 16:C30604D1D90F341360A14D9A1048C1DF4A3CA2411444E52EE5B954C DataDirectory /data/tor ControlSocket /run/tor/control.sock CookieAuthFile /run/tor/control.authcookie + ##### logging +LogMessageDomains 1 Log notice file /data/logs/tor/notice.log -##### This section is just for location-hidden services -HiddenServiceDir /data/tor/hidden_service/default -HiddenServicePort 80 127.0.0.1:80 - ##### Server -ControlPort 9051 +TransPort 9040 SOCKSPort 9050 +ControlPort 9051 HTTPTunnelPort 9080 +##### socks option +SafeSocks 0 +SocksTimeout 30 + ##### dns forwarder -DNSPort 9053 -AutomapHostsOnResolve 1 -AutomapHostsSuffixes .exit,.onion +%include /config/tor/conf.d/dns.conf + +##### hidden services +%include /config/tor/hidden/*.conf + +##### relay and bridge +%include /config/tor/relay/*.conf diff --git a/rootfs/usr/local/etc/docker/init.d/tor.sh b/rootfs/usr/local/etc/docker/init.d/tor.sh index 5d408e8..d5203fe 100755 --- a/rootfs/usr/local/etc/docker/init.d/tor.sh +++ b/rootfs/usr/local/etc/docker/init.d/tor.sh @@ -168,6 +168,9 @@ CMD_ENV="" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Per Application Variables or imports +TOR_DNS="${TOR_DNS:-yes}" +TOR_HIDDEN="${TOR_HIDDEN:-yes}" +TOR_BRIDGE="${TOR_BRIDGE:-yes}" RANDOM_NICK="$(head -n50 '/dev/random' | tr -dc 'a-zA-Z' | tr -d '[:space:]\042\047\134' | fold -w "32" | sed 's| ||g' | head -n 1)" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Custom commands to run before copying to /config @@ -235,9 +238,27 @@ __update_conf_files() { # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions - if [ "$TOR_BRIDGE" = "enabled" ] && ! grep -sq 'BridgeRelay' '/config/tor/torrc'; then - cat <>/config/tor/torrc -BridgeRelay 1 + if [ "$TOR_DNS" = "yes" ]; then + mkdir -p "/config/tor/conf.d" + cat <"/config/tor/conf.d/dns.conf" +DNSPort 9053 +AutomapHostsOnResolve 1 +AutomapHostsSuffixes .exit,.onion + +EOF + fi + if [ "$TOR_HIDDEN" = "yes" ]; then + mkdir -p "/config/tor/hidden" + cat <"/config/tor/hidden/default.conf" + HiddenServiceDir /data/tor/hidden_service/default + HiddenServicePort 80 127.0.0.1:80 + +EOF + fi + if [ "$TOR_BRIDGE" = "yes" ]; then + mkdir -p "/config/tor/relay" + cat <"/config/tor/relay/default.conf" +BridgeRelay ${TOR_RELAY:-1} ExtORPort auto Nickname ${TOR_NICK_NAME:-$RANDOM_NICK} ServerTransportPlugin obfs4 exec /usr/bin/lyrebird @@ -248,6 +269,7 @@ Exitpolicy accept *:* AccountingMax ${TOR_ACCOUNT_MAX:-1000} GBytes AccountingStart month 1 00:00 AddressDisableIPv6 0 + EOF fi # allow custom functions