-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
52 lines (48 loc) · 2.07 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
ARG BASE_VERSION
FROM ubuntu:${BASE_VERSION}
ARG BASE_VERSION
ARG APT_PROXY
ARG UID
ARG GID
ARG USER=debian-tor
ARG OLD_UID=101
ARG OLD_GID=101
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# hadolint ignore=DL3008
RUN if [ -n "$APT_PROXY" ]; then \
echo 'Acquire::http { Proxy "'$APT_PROXY'"; }' \
| tee /etc/apt/apt.conf.d/01proxy \
;fi \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get upgrade -yq \
&& DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
ca-certificates apt-transport-https gpg wget tini\
&& wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null \
&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org ${BASE_VERSION} main" | tee /etc/apt/sources.list.d/torproject.list \
&& apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y \
tor deb.torproject.org-keyring nyx \
&& apt-get purge -qy gpg wget \
&& apt-get autoremove -qy \
&& rm -rf /var/lib/apt/lists/* \
&& if id ubuntu; then \
userdel -rf ubuntu \
;fi \
&& if [ -n "$UID" ] && [ -n "$GID" ]; then \
echo 'Setting UID:'$UID' and GID:'$GID \
&& usermod -u $UID $USER \
&& groupmod -g $GID $USER \
&& find /etc/tor/ -group $OLD_GID -exec chgrp -h debian-tor {} + \
&& find /etc/tor/ -user $OLD_UID -exec chown -h debian-tor {} + \
&& find /var/lib/tor/ -group $OLD_GID -exec chgrp -h debian-tor {} + \
&& find /var/lib/tor/ -user $OLD_UID -exec chown -h debian-tor {} + \
; fi
COPY --chown=$USER:$USER etc/* /etc/tor/
COPY --chown=$USER:$USER hidden_services/* /var/lib/tor/
COPY --chown=$USER:$USER nyx/config /var/lib/tor/.nyx/
HEALTHCHECK --interval=20s --timeout=15s --start-period=10s \
CMD tor-resolve -v google.com || exit 1
USER $USER
CMD ["/usr/bin/tor"]
ENTRYPOINT ["/usr/bin/tini", "--"]
EXPOSE 9050