From d882277df7c69fdbcb7f008c4a955cbc9e9b1c91 Mon Sep 17 00:00:00 2001 From: samuel-p Date: Wed, 27 Jan 2021 23:32:19 +0100 Subject: [PATCH] updated README.md and entrypoint.sh --- README.md | 53 +++++++++++++++++++++++++++++++++++++++++++++++++-- entrypoint.sh | 32 +++++++++++++++++-------------- 2 files changed, 69 insertions(+), 16 deletions(-) diff --git a/README.md b/README.md index 24df503..af63d81 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,52 @@ -# tor +# [Tor Hidden Service Proxy](https://git.sp-codes.de/sp-services/hidden-service) -Hidden Service Proxy \ No newline at end of file +[![Build Status](https://ci.sp-codes.de/api/badges/sp-services/hidden-service/status.svg)](https://ci.sp-codes.de/sp-services/hidden-service) [![License](https://img.shields.io/badge/license-AGPL--3.0-purple)](#license) [![Docker Pulls](https://img.shields.io/docker/pulls/spcodes/hidden-service)](https://hub.docker.com/r/spcodes/hidden-service) + +A Tor Hidden Service Proxy for any application. Used e.g. by [searx.sp-codes.de](https://searx.sp-codes.de) at [searxbi3f73mmdeb.onion](http://searxbi3f73mmdeb.onion/) + +## Usage + +To run your app as a hidden service you need to provide the private key in the `PRIVATE_KEY` and the host which should be proxied in the `REDIRECT` environment variables. For example: + +``` +version: '3.4' + +services: + myservice: + image: nginx + networks: + - mynet + + tor: + image: spcodes/hidden-service + networks: + - mynet + depends_on: + - myservice + environment: + REDIRECT: "myservice:80" + PRIVATE_KEY: | + -----BEGIN RSA PRIVATE KEY----- + ... + -----END RSA PRIVATE KEY----- + +networks: + mynet: + driver: 'bridge' + +``` + +To generate the private key you can use [strm/tor-hiddenservice-nginx](https://github.com/opsxcq/docker-tor-hiddenservice-nginx) like this: + +``` +docker run -it --rm -v $(pwd)/web:/web \ + strm/tor-hiddenservice-nginx generate +``` + +As pattern, you can provide a regex to generate the name of your hidden service. For more details see https://github.com/opsxcq/docker-tor-hiddenservice-nginx + +## License + +[![GNU AGPLv3 Image](https://www.gnu.org/graphics/agplv3-155x51.png)](https://www.gnu.org/licenses/agpl-3.0) + +This project is Free Software: It is licensed under GNU AGPL v3 (See [LICENSE](LICENSE) for more information). diff --git a/entrypoint.sh b/entrypoint.sh index 78769d8..8f568b8 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,19 +1,23 @@ #!/bin/bash -echo '[+] Starting tor' - -cat > /etc/tor/torrc << EOF -DataDirectory /tmp/tor -HiddenServiceDir /web/ -Log notice stdout -EOF - -if [[ -n "${PRIVATE_KEY}" && -n "${REDIRECT}" ]]; then - echo "[+] Starting the listener at port ${LISTEN_PORT:-80}, redirecting to ${REDIRECT}" - echo "${PRIVATE_KEY}" > /web/private_key - cat >> /etc/tor/torrc << EOF -HiddenServicePort ${LISTEN_PORT:-80} ${REDIRECT} -EOF +if [[ -z "${PRIVATE_KEY}" ]]; then + echo 'PRIVATE_KEY missing' + exit 1 fi +if [[ -z "${REDIRECT}" ]]; then + echo 'REDIRECT missing' + exit 1 +fi + +echo "Starting tor listener at port ${LISTEN_PORT:-80}, redirecting to ${REDIRECT}" +echo "${PRIVATE_KEY}" > /web/private_key +cat >> /etc/tor/torrc << EOF +Log notice stdout +DataDirectory /tmp/tor +HiddenServiceDir /web/ +HiddenServicePort ${LISTEN_PORT:-80} ${REDIRECT} +HiddenServiceVersion 3 +EOF + tor -f /etc/tor/torrc