Browse Source

added healthcheck via nc on socks; enable hardware accel; readme: added docker-compose cmd

Fabian Peter Hammerle 5 days ago
parent
commit
32abde737e
5 changed files with 28 additions and 5 deletions
  1. 2 0
      CHANGELOG.md
  2. 10 2
      Dockerfile
  3. 8 0
      README.md
  4. 3 1
      docker-compose.yml
  5. 5 2
      torrc.template

+ 2 - 0
CHANGELOG.md

@@ -9,6 +9,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - tor v0.3.3.7 -> v0.3.5.8
 
 ### Added
+- healthcheck via `nc`
+- enable hardware acceleration if available
 - sample ansible playbook
 - sample `docker-compose.yml`
 

+ 10 - 2
Dockerfile

@@ -1,6 +1,10 @@
 FROM alpine:3.10
 
-RUN apk add --no-cache tor=~0.3.5.8
+ARG TOR_PACKAGE_VERSION=0.3.5.8-r0
+ARG NETCAT_PACKAGE_VERSION=1.130-r1
+RUN apk add --no-cache \
+    netcat-openbsd=${NETCAT_PACKAGE_VERSION} \
+    tor=${TOR_PACKAGE_VERSION}
 
 RUN adduser -S onion
 RUN mkdir -m u=rwx,g=,o= /onion-service && chown onion /onion-service
@@ -11,7 +15,7 @@ RUN chmod a+r /torrc.template
 
 ENV VERSION 3
 ENV VIRTUAL_PORT 80
-ENV TARGET 127.0.0.1:8080
+ENV TARGET 1.2.3.4:8080
 
 COPY entrypoint.sh /
 RUN chmod a+rx /entrypoint.sh
@@ -20,3 +24,7 @@ ENTRYPOINT ["/entrypoint.sh"]
 USER onion
 
 CMD ["tor", "-f", "/tmp/torrc"]
+
+HEALTHCHECK CMD \
+    nc -x localhost:9050 -z "$(cat /onion-service/hostname)" "$VIRTUAL_PORT" \
+    || exit 1

+ 8 - 0
README.md

@@ -4,6 +4,8 @@ repo: https://github.com/fphammerle/docker-onion-service
 
 docker hub: https://hub.docker.com/r/fphammerle/onion-service
 
+signed tags: https://github.com/fphammerle/docker-onion-service/tags
+
 defaults to creating a [v3](https://trac.torproject.org/projects/tor/wiki/doc/NextGenOnions) service
 
 ## example 1
@@ -35,3 +37,9 @@ $ docker start onion-service
 $ docker exec onion-service cat /onion-service/hostname
 abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrst.onion
 ```
+
+## docker-compose 🐙
+
+1. `git clone https://github.com/fphammerle/docker-onion-service`
+2. edit `docker-compose.yml`
+3. `docker-compose up --build`

+ 3 - 1
docker-compose.yml

@@ -1,4 +1,4 @@
-version: '3'
+version: '2.2'
 
 volumes:
   key:
@@ -14,5 +14,7 @@ services:
       TARGET: 1.2.3.4:8080
     security_opt: [no-new-privileges]
     restart: unless-stopped
+    cpus: 0.5
+    mem_limit: 128m
 
 # https://docs.docker.com/compose/compose-file/

+ 5 - 2
torrc.template

@@ -1,9 +1,12 @@
 Log notice stdout
 
-# disable socks proxy
-SOCKSPort 0
+# healthcheck
+SocksPort 9050
 
 # https://www.torproject.org/docs/tor-onion-service
 HiddenServiceDir /onion-service
 HiddenServiceVersion {version}
 HiddenServicePort {virtual_port} {target}
+
+# try to
+HardwareAccel 1