From d882277df7c69fdbcb7f008c4a955cbc9e9b1c91 Mon Sep 17 00:00:00 2001
From: samuel-p <codes@samuel-philipp.de>
Date: Wed, 27 Jan 2021 23:32:19 +0100
Subject: [PATCH] updated README.md and entrypoint.sh

---
 README.md     | 53 +++++++++++++++++++++++++++++++++++++++++++++++++--
 entrypoint.sh | 32 +++++++++++++++++--------------
 2 files changed, 69 insertions(+), 16 deletions(-)

diff --git a/README.md b/README.md
index 24df503..af63d81 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,52 @@
-# tor
+# [Tor Hidden Service Proxy](https://git.sp-codes.de/sp-services/hidden-service)
 
-Hidden Service Proxy
\ No newline at end of file
+[![Build Status](https://ci.sp-codes.de/api/badges/sp-services/hidden-service/status.svg)](https://ci.sp-codes.de/sp-services/hidden-service) [![License](https://img.shields.io/badge/license-AGPL--3.0-purple)](#license) [![Docker Pulls](https://img.shields.io/docker/pulls/spcodes/hidden-service)](https://hub.docker.com/r/spcodes/hidden-service)
+
+A Tor Hidden Service Proxy for any application. Used e.g. by [searx.sp-codes.de](https://searx.sp-codes.de) at [searxbi3f73mmdeb.onion](http://searxbi3f73mmdeb.onion/)
+
+## Usage
+
+To run your app as a hidden service you need to provide the private key in the `PRIVATE_KEY` and the host which should be proxied in the `REDIRECT` environment variables. For example:
+
+```
+version: '3.4'
+
+services:
+  myservice:
+    image: nginx
+    networks:
+      - mynet
+
+  tor:
+    image: spcodes/hidden-service
+    networks:
+      - mynet
+    depends_on:
+      - myservice
+    environment:
+        REDIRECT: "myservice:80"
+        PRIVATE_KEY: |
+          -----BEGIN RSA PRIVATE KEY-----
+          ...
+          -----END RSA PRIVATE KEY-----
+
+networks:
+  mynet:
+    driver: 'bridge'
+
+```
+
+To generate the private key you can use [strm/tor-hiddenservice-nginx](https://github.com/opsxcq/docker-tor-hiddenservice-nginx) like this:
+
+```
+docker run -it --rm -v $(pwd)/web:/web \
+       strm/tor-hiddenservice-nginx generate <pattern>
+```
+
+As pattern, you can provide a regex to generate the name of your hidden service. For more details see https://github.com/opsxcq/docker-tor-hiddenservice-nginx
+
+## License
+
+[![GNU AGPLv3 Image](https://www.gnu.org/graphics/agplv3-155x51.png)](https://www.gnu.org/licenses/agpl-3.0)
+
+This project is Free Software: It is licensed under GNU AGPL v3 (See [LICENSE](LICENSE) for more information).
diff --git a/entrypoint.sh b/entrypoint.sh
index 78769d8..8f568b8 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,19 +1,23 @@
 #!/bin/bash
 
-echo '[+] Starting tor'
-
-cat > /etc/tor/torrc << EOF
-DataDirectory /tmp/tor
-HiddenServiceDir /web/
-Log notice stdout
-EOF
-
-if [[ -n "${PRIVATE_KEY}" && -n "${REDIRECT}" ]]; then
-    echo "[+] Starting the listener at port ${LISTEN_PORT:-80}, redirecting to ${REDIRECT}"
-    echo "${PRIVATE_KEY}" > /web/private_key
-    cat >> /etc/tor/torrc << EOF
-HiddenServicePort ${LISTEN_PORT:-80} ${REDIRECT}
-EOF
+if [[ -z "${PRIVATE_KEY}" ]]; then
+  echo 'PRIVATE_KEY missing'
+  exit 1
 fi
 
+if [[ -z "${REDIRECT}" ]]; then
+  echo 'REDIRECT missing'
+  exit 1
+fi
+
+echo "Starting tor listener at port ${LISTEN_PORT:-80}, redirecting to ${REDIRECT}"
+echo "${PRIVATE_KEY}" > /web/private_key
+cat >> /etc/tor/torrc << EOF
+Log notice stdout
+DataDirectory /tmp/tor
+HiddenServiceDir /web/
+HiddenServicePort ${LISTEN_PORT:-80} ${REDIRECT}
+HiddenServiceVersion 3
+EOF
+
 tor -f /etc/tor/torrc