updated README.md and entrypoint.sh
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
f23603d791
commit
d882277df7
2 changed files with 69 additions and 16 deletions
53
README.md
53
README.md
|
@ -1,3 +1,52 @@
|
|||
# tor
|
||||
# [Tor Hidden Service Proxy](https://git.sp-codes.de/sp-services/hidden-service)
|
||||
|
||||
Hidden Service Proxy
|
||||
[![Build Status](https://ci.sp-codes.de/api/badges/sp-services/hidden-service/status.svg)](https://ci.sp-codes.de/sp-services/hidden-service) [![License](https://img.shields.io/badge/license-AGPL--3.0-purple)](#license) [![Docker Pulls](https://img.shields.io/docker/pulls/spcodes/hidden-service)](https://hub.docker.com/r/spcodes/hidden-service)
|
||||
|
||||
A Tor Hidden Service Proxy for any application. Used e.g. by [searx.sp-codes.de](https://searx.sp-codes.de) at [searxbi3f73mmdeb.onion](http://searxbi3f73mmdeb.onion/)
|
||||
|
||||
## Usage
|
||||
|
||||
To run your app as a hidden service you need to provide the private key in the `PRIVATE_KEY` and the host which should be proxied in the `REDIRECT` environment variables. For example:
|
||||
|
||||
```
|
||||
version: '3.4'
|
||||
|
||||
services:
|
||||
myservice:
|
||||
image: nginx
|
||||
networks:
|
||||
- mynet
|
||||
|
||||
tor:
|
||||
image: spcodes/hidden-service
|
||||
networks:
|
||||
- mynet
|
||||
depends_on:
|
||||
- myservice
|
||||
environment:
|
||||
REDIRECT: "myservice:80"
|
||||
PRIVATE_KEY: |
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
...
|
||||
-----END RSA PRIVATE KEY-----
|
||||
|
||||
networks:
|
||||
mynet:
|
||||
driver: 'bridge'
|
||||
|
||||
```
|
||||
|
||||
To generate the private key you can use [strm/tor-hiddenservice-nginx](https://github.com/opsxcq/docker-tor-hiddenservice-nginx) like this:
|
||||
|
||||
```
|
||||
docker run -it --rm -v $(pwd)/web:/web \
|
||||
strm/tor-hiddenservice-nginx generate <pattern>
|
||||
```
|
||||
|
||||
As pattern, you can provide a regex to generate the name of your hidden service. For more details see https://github.com/opsxcq/docker-tor-hiddenservice-nginx
|
||||
|
||||
## License
|
||||
|
||||
[![GNU AGPLv3 Image](https://www.gnu.org/graphics/agplv3-155x51.png)](https://www.gnu.org/licenses/agpl-3.0)
|
||||
|
||||
This project is Free Software: It is licensed under GNU AGPL v3 (See [LICENSE](LICENSE) for more information).
|
||||
|
|
|
@ -1,19 +1,23 @@
|
|||
#!/bin/bash
|
||||
|
||||
echo '[+] Starting tor'
|
||||
|
||||
cat > /etc/tor/torrc << EOF
|
||||
DataDirectory /tmp/tor
|
||||
HiddenServiceDir /web/
|
||||
Log notice stdout
|
||||
EOF
|
||||
|
||||
if [[ -n "${PRIVATE_KEY}" && -n "${REDIRECT}" ]]; then
|
||||
echo "[+] Starting the listener at port ${LISTEN_PORT:-80}, redirecting to ${REDIRECT}"
|
||||
echo "${PRIVATE_KEY}" > /web/private_key
|
||||
cat >> /etc/tor/torrc << EOF
|
||||
HiddenServicePort ${LISTEN_PORT:-80} ${REDIRECT}
|
||||
EOF
|
||||
if [[ -z "${PRIVATE_KEY}" ]]; then
|
||||
echo 'PRIVATE_KEY missing'
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ -z "${REDIRECT}" ]]; then
|
||||
echo 'REDIRECT missing'
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "Starting tor listener at port ${LISTEN_PORT:-80}, redirecting to ${REDIRECT}"
|
||||
echo "${PRIVATE_KEY}" > /web/private_key
|
||||
cat >> /etc/tor/torrc << EOF
|
||||
Log notice stdout
|
||||
DataDirectory /tmp/tor
|
||||
HiddenServiceDir /web/
|
||||
HiddenServicePort ${LISTEN_PORT:-80} ${REDIRECT}
|
||||
HiddenServiceVersion 3
|
||||
EOF
|
||||
|
||||
tor -f /etc/tor/torrc
|
||||
|
|
Reference in a new issue