4get/docs/docker_tor.md

4.3 KiB

Overview

This guide will walk you through using 4get in docker with tor running in another container. This guide covers how to make outgoing and incoming traffic go through tor.

Starting tor

This guide will use luuul/tor which is a simple image that installs and starts tor in an alpine container SocksPort set to 0.0.0.0:9050

For additional configuration you can mount your own torrc file to /etc/tor/torrc Remember to set SocksPort 0.0.0.0:9050 otherwise communication between containers won't work.

You will see this warning Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.

As long as you don't publish this port (-p or --publish) it shouldn't be accessible to outside world.

Tor always starts a socks5 proxy on port 9050 by default.

Route outgoing requests over tor

create a folder named proxies and create a file in that folder named onion.txt this folder will be mounted to /var/www/html/4get/data/proxies/

directory structure

proxies/
  onion.txt

put the following content into onion.txt More information about this file available in proxy documentation.

# proxies/onion.txt

# Specify proxies by following this format:
#  <protocol>:<address>:<port>:<username>:<password>
#
# Examples:
#  https:1.3.3.7:6969:abcd:efg
#  socks4:1.2.3.4:8080::
#  raw_ip::::
#
# Available protocols:
#  raw_ip, http, https, socks4, socks5, socks4a, socks5_hostname

# Local tor proxy
# Note: "tor" is the service name of luuul/tor in docker-compose.yaml
socks5:tor:9050::

create a file named docker-compose.yaml with the following content This docker compose file will run luuul/tor and luuul/4get and configure 4get to load proxies/onion.txt for outgoing requests.

# docker-compose.yaml
version: "3.7"

services:
  tor:
    image: luuul/tor:latest
    restart: unless-stopped
    # Warning: Do not publish port 9050
    
  fourget:
    image: luuul/4get:latest
    restart: unless-stopped
    environment:
      - FOURGET_PROTO=http
      - FOURGET_SERVER_NAME=4get.ca
      - FOURGET_PROXY_DDG="onion" # loads proxies/onion.txt
      - FOURGET_PROXY_BRAVE="onion"
      - FOURGET_PROXY_FB="onion"
      - FOURGET_PROXY_GOOGLE="onion"
      - FOURGET_PROXY_QWANT="onion"
      - FOURGET_PROXY_MARGINALIA="onion"
      - FOURGET_PROXY_MOJEEK="onion"
      - FOURGET_PROXY_SC="onion"
      - FOURGET_PROXY_SPOTIFY="onion"
      - FOURGET_PROXY_WIBY="onion"
      - FOURGET_PROXY_CURLIE="onion"
      - FOURGET_PROXY_YT="onion"
      - FOURGET_PROXY_YEP="onion"
      - FOURGET_PROXY_PINTEREST="onion"
      - FOURGET_PROXY_SEZNAM="onion"
      - FOURGET_PROXY_NAVER="onion"
      - FOURGET_PROXY_GREPPR="onion"
      - FOURGET_PROXY_CROWDVIEW="onion"
      - FOURGET_PROXY_MWMBL="onion"
      - FOURGET_PROXY_FTM="onion"
      - FOURGET_PROXY_IMGUR="onion"
      - FOURGET_PROXY_YANDEX_W="onion"
      - FOURGET_PROXY_YANDEX_I="onion"
      - FOURGET_PROXY_YANDEX_V="onion"

    ports:
      - "80:80"
      
    depends_on:
     - tor
     
    volumes:
      - ./proxies/:/var/www/html/4get/data/proxies/

You can now start both containers with docker compose up -d

Route incoming requests over tor

This will create a hidden service that will be accessible via an onion link.

  1. create a file named torrc with the following content
# torrc
User root
DataDirectory /var/lib/tor

HiddenServiceDir /var/lib/tor/4get/
HiddenServicePort 80 fourget:80

  1. create a folder named "4get" which will contain your hidden service keys.

Make sure it has permission 600 otherwise you will get an error

Permissions on directory /var/lib/tor/4get/ are too permissive.
  1. create a docker-compose.yaml with the following content
# docker-compose.yaml
version: "3.7"

services:
  fourget:
    image: luuul/4get:latest
    restart: unless-stopped
    environment:
      - FOURGET_PROTO=http
      - FOURGET_SERVER_NAME=4get.ca

    depends_on:
     - tor
     
  tor:
    image: luuul/tor:latest
    restart: unless-stopped
    volumes:
      - ./torrc:/etc/tor/torrc
      - ./4get:/var/lib/tor/4get
  1. You can now start both with docker compose up -d

  2. print onion hostname with

docker exec `docker ps -qf ancestor=luuul/tor:latest` sh -c "cat /var/lib/tor/4get/hostname"

or cat ./4get/hostname