diff --git a/tor-relay/Dockerfile b/tor-relay/Dockerfile index caf907c..a7fa3e8 100644 --- a/tor-relay/Dockerfile +++ b/tor-relay/Dockerfile @@ -31,6 +31,16 @@ COPY torrc.bridge /etc/tor/torrc.bridge COPY torrc.middle /etc/tor/torrc.middle COPY torrc.exit /etc/tor/torrc.exit +# copy the run script +COPY run.sh /run.sh +RUN chmod u+rwx /run.sh + +# default environment variables +ENV RELAY_NICKNAME hacktheplanet +ENV RELAY_TYPE middle +ENV RELAY_BANDWIDTH_RATE 100 KBytes +ENV RELAY_BANDWIDTH_BURST 200 KBytes + # make sure files are owned by tor user RUN chown -R tor /etc/tor @@ -40,4 +50,4 @@ RUN mkdir /var/lib/tor/.tor VOLUME /var/lib/tor/.tor RUN chown -R tor /var/lib/tor/.tor -ENTRYPOINT [ "tor" ] +ENTRYPOINT [ "/run.sh" ] diff --git a/tor-relay/README.md b/tor-relay/README.md new file mode 100644 index 0000000..973b0ca --- /dev/null +++ b/tor-relay/README.md @@ -0,0 +1,11 @@ + ### Environment variables + +| Name | Description | Default value | +| ---------------------------- |:----------------------------------------------------------------------------:| -------------:| +| **RELAY_TYPE** | The type of relay (bridge, middle or exit) | middle | +| **RELAY_NICKNAME** | The nickname of your relay | hacktheplanet | +| **CONTACT_GPG_FINGERPRINT** | Your GPG ID or fingerprint | none | +| **CONTACT_NAME** | Your name | none | +| **CONTACT_EMAIL** | Your contact email | none | +| **RELAY_BANDWIDTH_RATE** | Limit how much traffic will be allowed through your relay (must be > 20KB/s) | 100 KBytes | +| **RELAY_BANDWIDTH_BURST** | Allow temporary bursts up to a certain amount | 200 KBytes | diff --git a/tor-relay/run.sh b/tor-relay/run.sh new file mode 100644 index 0000000..40c98f6 --- /dev/null +++ b/tor-relay/run.sh @@ -0,0 +1,12 @@ +#!/bin/sh + +for relaytype in bridge middle exit; do + sed -i 's/${RELAY_NICKNAME}/'"$RELAY_NICKNAME"'/g' "/etc/tor/torrc.$relaytype" + sed -i 's/${CONTACT_GPG_FINGERPRINT}/'"$CONTACT_GPG_FINGERPRINT"'/g' "/etc/tor/torrc.$relaytype" + sed -i 's/${CONTACT_NAME}/'"$CONTACT_NAME"'/g' "/etc/tor/torrc.$relaytype" + sed -i 's/${CONTACT_EMAIL}/'"$CONTACT_EMAIL"'/g' "/etc/tor/torrc.$relaytype" + sed -i 's/${RELAY_BANDWIDTH_RATE}/'"$RELAY_BANDWIDTH_RATE"'/g' "/etc/tor/torrc.$relaytype" + sed -i 's/${RELAY_BANDWIDTH_BURST}/'"$RELAY_BANDWIDTH_BURST"'/g' "/etc/tor/torrc.$relaytype" +done + +tor -f /etc/tor/torrc.${RELAY_TYPE} diff --git a/tor-relay/torrc.bridge b/tor-relay/torrc.bridge index 116fc0e..9361842 100644 --- a/tor-relay/torrc.bridge +++ b/tor-relay/torrc.bridge @@ -97,7 +97,7 @@ ORPort 9001 # OutboundBindAddress 10.0.0.5 ## A handle for your relay, so people don't have to refer to it by key. -Nickname hacktheplanet +Nickname ${RELAY_NICKNAME} ## Define these to limit how much relayed traffic you will allow. Your ## own traffic is still unthrottled. Note that RelayBandwidthRate must @@ -107,6 +107,8 @@ Nickname hacktheplanet ## 2^20, etc. #RelayBandwidthRate 100 KBytes # Throttle traffic to 100KB/s (800Kbps) #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb) +RelayBandwidthRate ${RELAY_BANDWIDTH_RATE} +RelayBandwidthBurst ${RELAY_BANDWIDTH_BURST} ## Use these to restrict the maximum traffic per day, week, or month. ## Note that this threshold applies separately to sent and received bytes, diff --git a/tor-relay/torrc.exit b/tor-relay/torrc.exit index a4f7456..3f5e8ac 100644 --- a/tor-relay/torrc.exit +++ b/tor-relay/torrc.exit @@ -97,7 +97,7 @@ ORPort 9001 # OutboundBindAddress 10.0.0.5 ## A handle for your relay, so people don't have to refer to it by key. -Nickname hacktheplanet +Nickname ${RELAY_NICKNAME} ## Define these to limit how much relayed traffic you will allow. Your ## own traffic is still unthrottled. Note that RelayBandwidthRate must @@ -107,6 +107,8 @@ Nickname hacktheplanet ## 2^20, etc. #RelayBandwidthRate 100 KBytes # Throttle traffic to 100KB/s (800Kbps) #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb) +RelayBandwidthRate ${RELAY_BANDWIDTH_RATE} +RelayBandwidthBurst ${RELAY_BANDWIDTH_BURST} ## Use these to restrict the maximum traffic per day, week, or month. ## Note that this threshold applies separately to sent and received bytes, @@ -199,7 +201,7 @@ ExitPolicy accept *:563 # NNTP over SSL ExitPolicy accept *:587 # SUBMISSION (authenticated clients [MUA's like Thunderbird] send mail over STARTTLS SMTP here) ExitPolicy accept *:636 # LDAP over SSL ExitPolicy accept *:706 # SILC -ExitPolicy accept *:749 # kerberos +ExitPolicy accept *:749 # kerberos ExitPolicy accept *:873 # rsync ExitPolicy accept *:902-904 # VMware ExitPolicy accept *:981 # Remote HTTPS management for firewall @@ -229,8 +231,8 @@ ExitPolicy accept *:5222-5223 # XMPP, XMPP over SSL ExitPolicy accept *:5228 # Android Market ExitPolicy accept *:5900 # VNC ExitPolicy accept *:6660-6669 # IRC -ExitPolicy accept *:6679 # IRC SSL -ExitPolicy accept *:6697 # IRC SSL +ExitPolicy accept *:6679 # IRC SSL +ExitPolicy accept *:6697 # IRC SSL ExitPolicy accept *:8000 # iRDMI ExitPolicy accept *:8008 # HTTP alternate ExitPolicy accept *:8074 # Gadu-Gadu diff --git a/tor-relay/torrc.middle b/tor-relay/torrc.middle index 37acc57..528d4c3 100644 --- a/tor-relay/torrc.middle +++ b/tor-relay/torrc.middle @@ -97,7 +97,7 @@ ORPort 9001 # OutboundBindAddress 10.0.0.5 ## A handle for your relay, so people don't have to refer to it by key. -Nickname hacktheplanet +Nickname ${RELAY_NICKNAME} ## Define these to limit how much relayed traffic you will allow. Your ## own traffic is still unthrottled. Note that RelayBandwidthRate must @@ -107,6 +107,8 @@ Nickname hacktheplanet ## 2^20, etc. #RelayBandwidthRate 100 KBytes # Throttle traffic to 100KB/s (800Kbps) #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb) +RelayBandwidthRate ${RELAY_BANDWIDTH_RATE} +RelayBandwidthBurst ${RELAY_BANDWIDTH_BURST} ## Use these to restrict the maximum traffic per day, week, or month. ## Note that this threshold applies separately to sent and received bytes,