docker_tor_documentation #22
|
@ -6,7 +6,6 @@ services:
|
||||||
image: luuul/4get:latest
|
image: luuul/4get:latest
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
- FOURGET_VERSION=6
|
|
||||||
- FOURGET_SERVER_NAME=4get.ca
|
- FOURGET_SERVER_NAME=4get.ca
|
||||||
|
|
||||||
ports:
|
ports:
|
||||||
|
|
|
@ -66,10 +66,10 @@ foreach(($merged_config) as $key => $val){
|
||||||
// Handle case when original type of field is array and there is a type mismatch when a comma separted string is passed,
|
// Handle case when original type of field is array and there is a type mismatch when a comma separted string is passed,
|
||||||
// then split on comma if string (and not numeric, boolean, null, etc)
|
// then split on comma if string (and not numeric, boolean, null, etc)
|
||||||
//
|
//
|
||||||
// except in the case where the inital value in default config is null. Assuming null
|
// except in the case where the inital value in default config is null or boolean. Assuming null and boolean
|
||||||
// in default config will be never be assigned an array
|
// in default config will be never be assigned an array
|
||||||
|
|
||||||
if(gettype($from_config[$key]) != gettype($val) && !is_numeric($val) && !is_null($from_config[$key])) {
|
if(gettype($from_config[$key]) != gettype($val) && !is_numeric($val) && !is_null($from_config[$key]) && gettype($from_config[$key]) != "boolean") {
|
||||||
$stored_value = explode(",", $val);
|
$stored_value = explode(",", $val);
|
||||||
}
|
}
|
||||||
$output = $output . "\tconst " . $key . " = " . type_to_string($stored_value) . ";\n";
|
$output = $output . "\tconst " . $key . " = " . type_to_string($stored_value) . ";\n";
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
FROM alpine:edge
|
||||||
|
|
||||||
|
RUN apk add --no-cache curl tor
|
||||||
|
|
||||||
|
EXPOSE 9050
|
||||||
|
|
||||||
|
HEALTHCHECK --interval=60s --timeout=15s --start-period=20s \
|
||||||
|
CMD curl -x socks5h://127.0.0.1:9050 'https://check.torproject.org/api/ip' | grep -qm1 -E '"IsTor"\s*:\s*true'
|
||||||
|
|
||||||
|
|
||||||
|
# default owner is tor, but running as root to avoid docker volume mount issue
|
||||||
|
RUN chown -R root:root /var/lib/tor
|
||||||
|
|
||||||
|
VOLUME ["/var/lib/tor/4get"]
|
||||||
|
|
||||||
|
COPY ./torrc /etc/tor/torrc
|
||||||
|
|
||||||
|
ENTRYPOINT ["/usr/bin/tor"]
|
|
@ -0,0 +1 @@
|
||||||
|
SocksPort 0.0.0.0:9050
|
|
@ -72,7 +72,6 @@ services:
|
||||||
image: luuul/4get:latest
|
image: luuul/4get:latest
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
- FOURGET_VERSION=6
|
|
||||||
- FOURGET_PROTO=http
|
- FOURGET_PROTO=http
|
||||||
- FOURGET_SERVER_NAME=4get.ca
|
- FOURGET_SERVER_NAME=4get.ca
|
||||||
|
|
||||||
|
@ -91,7 +90,6 @@ services:
|
||||||
image: luuul/4get:latest
|
image: luuul/4get:latest
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
- FOURGET_VERSION=6
|
|
||||||
- FOURGET_PROTO=https
|
- FOURGET_PROTO=https
|
||||||
- FOURGET_SERVER_NAME=4get.ca
|
- FOURGET_SERVER_NAME=4get.ca
|
||||||
|
|
||||||
|
@ -117,7 +115,6 @@ services:
|
||||||
image: luuul/4get:latest
|
image: luuul/4get:latest
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
- FOURGET_VERSION=6
|
|
||||||
- FOURGET_PROTO=http
|
- FOURGET_PROTO=http
|
||||||
- FOURGET_SERVER_NAME=4get.ca
|
- FOURGET_SERVER_NAME=4get.ca
|
||||||
- FOURGET_BOT_PROTECTION=1
|
- FOURGET_BOT_PROTECTION=1
|
||||||
|
@ -140,7 +137,6 @@ services:
|
||||||
image: luuul/4get:latest
|
image: luuul/4get:latest
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
environment:
|
environment:
|
||||||
- FOURGET_VERSION=6
|
|
||||||
- FOURGET_PROTO=http
|
- FOURGET_PROTO=http
|
||||||
- FOURGET_SERVER_NAME=4get.ca
|
- FOURGET_SERVER_NAME=4get.ca
|
||||||
|
|
||||||
|
@ -150,3 +146,7 @@ services:
|
||||||
volumes:
|
volumes:
|
||||||
- ./banners:/var/www/html/4get/banner
|
- ./banners:/var/www/html/4get/banner
|
||||||
```
|
```
|
||||||
|
|
||||||
|
##### Tor
|
||||||
|
|
||||||
|
You can route incoming and outgoing requests through tor by following [docker tor documentation](./docker_tor.md)
|
||||||
|
|
|
@ -0,0 +1,172 @@
|
||||||
|
#### Overview
|
||||||
|
|
||||||
|
This guide will walk you through using 4get in docker with tor running in
|
||||||
|
another container. This guide covers how to make outgoing and incoming traffic
|
||||||
|
go through tor.
|
||||||
|
|
||||||
|
|
||||||
|
##### Starting tor
|
||||||
|
|
||||||
|
This guide will use `luuul/tor` which is a simple image that installs and starts
|
||||||
|
tor in an alpine container SocksPort set to 0.0.0.0:9050
|
||||||
|
|
||||||
|
For additional configuration you can mount your own `torrc` file to `/etc/tor/torrc`
|
||||||
|
Remember to set `SocksPort 0.0.0.0:9050` otherwise communication between containers won't work.
|
||||||
|
|
||||||
|
You will see this warning `Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.`
|
||||||
|
|
||||||
|
As long as you don't publish this port (-p or --publish) it shouldn't be accessible to outside world.
|
||||||
|
|
||||||
|
|
||||||
|
Tor always starts a socks5 proxy on port 9050 by default.
|
||||||
|
|
||||||
|
|
||||||
|
##### Route outgoing requests over tor
|
||||||
|
|
||||||
|
create a folder named `proxies` and create a file in that folder named `onion.txt`
|
||||||
|
this folder will be mounted to `/var/www/html/4get/data/proxies/`
|
||||||
|
|
||||||
|
directory structure
|
||||||
|
|
||||||
|
```
|
||||||
|
proxies/
|
||||||
|
onion.txt
|
||||||
|
```
|
||||||
|
|
||||||
|
put the following content into `onion.txt`
|
||||||
|
More information about this file available in [proxy documentation](./configure.md#Proxies).
|
||||||
|
|
||||||
|
```
|
||||||
|
# proxies/onion.txt
|
||||||
|
|
||||||
|
# Specify proxies by following this format:
|
||||||
|
# <protocol>:<address>:<port>:<username>:<password>
|
||||||
|
#
|
||||||
|
# Examples:
|
||||||
|
# https:1.3.3.7:6969:abcd:efg
|
||||||
|
# socks4:1.2.3.4:8080::
|
||||||
|
# raw_ip::::
|
||||||
|
#
|
||||||
|
# Available protocols:
|
||||||
|
# raw_ip, http, https, socks4, socks5, socks4a, socks5_hostname
|
||||||
|
|
||||||
|
# Local tor proxy
|
||||||
|
# Note: "tor" is the service name of luuul/tor in docker-compose.yaml
|
||||||
|
socks5:tor:9050::
|
||||||
|
```
|
||||||
|
|
||||||
|
create a file named `docker-compose.yaml` with the following content
|
||||||
|
This docker compose file will run `luuul/tor` and `luuul/4get` and configure 4get to load `proxies/onion.txt` for outgoing requests.
|
||||||
|
|
||||||
|
```
|
||||||
|
# docker-compose.yaml
|
||||||
|
version: "3.7"
|
||||||
|
|
||||||
|
services:
|
||||||
|
tor:
|
||||||
|
image: luuul/tor:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
# Warning: Do not publish port 9050
|
||||||
|
|
||||||
|
fourget:
|
||||||
|
image: luuul/4get:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
environment:
|
||||||
|
- FOURGET_PROTO=http
|
||||||
|
- FOURGET_SERVER_NAME=4get.ca
|
||||||
|
- FOURGET_PROXY_DDG="onion" # loads proxies/onion.txt
|
||||||
|
- FOURGET_PROXY_BRAVE="onion"
|
||||||
|
- FOURGET_PROXY_FB="onion"
|
||||||
|
- FOURGET_PROXY_GOOGLE="onion"
|
||||||
|
- FOURGET_PROXY_QWANT="onion"
|
||||||
|
- FOURGET_PROXY_MARGINALIA="onion"
|
||||||
|
- FOURGET_PROXY_MOJEEK="onion"
|
||||||
|
- FOURGET_PROXY_SC="onion"
|
||||||
|
- FOURGET_PROXY_SPOTIFY="onion"
|
||||||
|
- FOURGET_PROXY_WIBY="onion"
|
||||||
|
- FOURGET_PROXY_CURLIE="onion"
|
||||||
|
- FOURGET_PROXY_YT="onion"
|
||||||
|
- FOURGET_PROXY_YEP="onion"
|
||||||
|
- FOURGET_PROXY_PINTEREST="onion"
|
||||||
|
- FOURGET_PROXY_SEZNAM="onion"
|
||||||
|
- FOURGET_PROXY_NAVER="onion"
|
||||||
|
- FOURGET_PROXY_GREPPR="onion"
|
||||||
|
- FOURGET_PROXY_CROWDVIEW="onion"
|
||||||
|
- FOURGET_PROXY_MWMBL="onion"
|
||||||
|
- FOURGET_PROXY_FTM="onion"
|
||||||
|
- FOURGET_PROXY_IMGUR="onion"
|
||||||
|
- FOURGET_PROXY_YANDEX_W="onion"
|
||||||
|
- FOURGET_PROXY_YANDEX_I="onion"
|
||||||
|
- FOURGET_PROXY_YANDEX_V="onion"
|
||||||
|
|
||||||
|
ports:
|
||||||
|
- "80:80"
|
||||||
|
|
||||||
|
depends_on:
|
||||||
|
- tor
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
- ./proxies/:/var/www/html/4get/data/proxies/
|
||||||
|
```
|
||||||
|
|
||||||
|
You can now start both containers with `docker compose up -d`
|
||||||
|
|
||||||
|
|
||||||
|
#### Route incoming requests over tor
|
||||||
|
|
||||||
|
This will create a hidden service that will be accessible via an onion link.
|
||||||
|
|
||||||
|
1. create a file named `torrc` with the following content
|
||||||
|
|
||||||
|
```
|
||||||
|
# torrc
|
||||||
|
User root
|
||||||
|
DataDirectory /var/lib/tor
|
||||||
|
|
||||||
|
HiddenServiceDir /var/lib/tor/4get/
|
||||||
|
HiddenServicePort 80 fourget:80
|
||||||
|
|
||||||
|
```
|
||||||
|
|
||||||
|
2. create a folder named "4get" which will contain your hidden service keys.
|
||||||
|
|
||||||
|
Make sure it has permission `600` otherwise you will get an error
|
||||||
|
|
||||||
|
```
|
||||||
|
Permissions on directory /var/lib/tor/4get/ are too permissive.
|
||||||
|
```
|
||||||
|
|
||||||
|
4. create a `docker-compose.yaml` with the following content
|
||||||
|
|
||||||
|
```
|
||||||
|
# docker-compose.yaml
|
||||||
|
version: "3.7"
|
||||||
|
|
||||||
|
services:
|
||||||
|
fourget:
|
||||||
|
image: luuul/4get:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
environment:
|
||||||
|
- FOURGET_PROTO=http
|
||||||
|
- FOURGET_SERVER_NAME=4get.ca
|
||||||
|
|
||||||
|
depends_on:
|
||||||
|
- tor
|
||||||
|
|
||||||
|
tor:
|
||||||
|
image: luuul/tor:latest
|
||||||
|
restart: unless-stopped
|
||||||
|
volumes:
|
||||||
|
- ./torrc:/etc/tor/torrc
|
||||||
|
- ./4get:/var/lib/tor/4get
|
||||||
|
```
|
||||||
|
|
||||||
|
4. You can now start both with `docker compose up -d`
|
||||||
|
|
||||||
|
5. print onion hostname with
|
||||||
|
|
||||||
|
```
|
||||||
|
docker exec `docker ps -qf ancestor=luuul/tor:latest` sh -c "cat /var/lib/tor/4get/hostname"
|
||||||
|
```
|
||||||
|
|
||||||
|
or `cat ./4get/hostname`
|
Loading…
Reference in New Issue