updated README.md and entrypoint.sh
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
f23603d791
commit
d882277df7
2 changed files with 69 additions and 16 deletions
53
README.md
53
README.md
|
|
@ -1,3 +1,52 @@
|
||||||
# tor
|
# [Tor Hidden Service Proxy](https://git.sp-codes.de/sp-services/hidden-service)
|
||||||
|
|
||||||
Hidden Service Proxy
|
[](https://ci.sp-codes.de/sp-services/hidden-service) [](#license) [](https://hub.docker.com/r/spcodes/hidden-service)
|
||||||
|
|
||||||
|
A Tor Hidden Service Proxy for any application. Used e.g. by [searx.sp-codes.de](https://searx.sp-codes.de) at [searxbi3f73mmdeb.onion](http://searxbi3f73mmdeb.onion/)
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
|
||||||
|
To run your app as a hidden service you need to provide the private key in the `PRIVATE_KEY` and the host which should be proxied in the `REDIRECT` environment variables. For example:
|
||||||
|
|
||||||
|
```
|
||||||
|
version: '3.4'
|
||||||
|
|
||||||
|
services:
|
||||||
|
myservice:
|
||||||
|
image: nginx
|
||||||
|
networks:
|
||||||
|
- mynet
|
||||||
|
|
||||||
|
tor:
|
||||||
|
image: spcodes/hidden-service
|
||||||
|
networks:
|
||||||
|
- mynet
|
||||||
|
depends_on:
|
||||||
|
- myservice
|
||||||
|
environment:
|
||||||
|
REDIRECT: "myservice:80"
|
||||||
|
PRIVATE_KEY: |
|
||||||
|
-----BEGIN RSA PRIVATE KEY-----
|
||||||
|
...
|
||||||
|
-----END RSA PRIVATE KEY-----
|
||||||
|
|
||||||
|
networks:
|
||||||
|
mynet:
|
||||||
|
driver: 'bridge'
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
To generate the private key you can use [strm/tor-hiddenservice-nginx](https://github.com/opsxcq/docker-tor-hiddenservice-nginx) like this:
|
||||||
|
|
||||||
|
```
|
||||||
|
docker run -it --rm -v $(pwd)/web:/web \
|
||||||
|
strm/tor-hiddenservice-nginx generate <pattern>
|
||||||
|
```
|
||||||
|
|
||||||
|
As pattern, you can provide a regex to generate the name of your hidden service. For more details see https://github.com/opsxcq/docker-tor-hiddenservice-nginx
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
[](https://www.gnu.org/licenses/agpl-3.0)
|
||||||
|
|
||||||
|
This project is Free Software: It is licensed under GNU AGPL v3 (See [LICENSE](LICENSE) for more information).
|
||||||
|
|
|
||||||
|
|
@ -1,19 +1,23 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
|
|
||||||
echo '[+] Starting tor'
|
if [[ -z "${PRIVATE_KEY}" ]]; then
|
||||||
|
echo 'PRIVATE_KEY missing'
|
||||||
cat > /etc/tor/torrc << EOF
|
exit 1
|
||||||
DataDirectory /tmp/tor
|
|
||||||
HiddenServiceDir /web/
|
|
||||||
Log notice stdout
|
|
||||||
EOF
|
|
||||||
|
|
||||||
if [[ -n "${PRIVATE_KEY}" && -n "${REDIRECT}" ]]; then
|
|
||||||
echo "[+] Starting the listener at port ${LISTEN_PORT:-80}, redirecting to ${REDIRECT}"
|
|
||||||
echo "${PRIVATE_KEY}" > /web/private_key
|
|
||||||
cat >> /etc/tor/torrc << EOF
|
|
||||||
HiddenServicePort ${LISTEN_PORT:-80} ${REDIRECT}
|
|
||||||
EOF
|
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [[ -z "${REDIRECT}" ]]; then
|
||||||
|
echo 'REDIRECT missing'
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Starting tor listener at port ${LISTEN_PORT:-80}, redirecting to ${REDIRECT}"
|
||||||
|
echo "${PRIVATE_KEY}" > /web/private_key
|
||||||
|
cat >> /etc/tor/torrc << EOF
|
||||||
|
Log notice stdout
|
||||||
|
DataDirectory /tmp/tor
|
||||||
|
HiddenServiceDir /web/
|
||||||
|
HiddenServicePort ${LISTEN_PORT:-80} ${REDIRECT}
|
||||||
|
HiddenServiceVersion 3
|
||||||
|
EOF
|
||||||
|
|
||||||
tor -f /etc/tor/torrc
|
tor -f /etc/tor/torrc
|
||||||
|
|
|
||||||
Reference in a new issue