123456789101112131415161718192021222324 |
- - hosts: [some-host]
- become: true
- tasks:
- - docker_container:
- name: onion_service
- # TODO replace with fingerprint
- image: fphammerle/onion-service:2.0.0-tor0.4.3.5-amd64
- env:
- VIRTUAL_PORT: 80
- TARGET: 1.2.3.4:8080
- volumes:
- - onion_service_data:/var/lib/tor
- - onion_service_key:/onion-service
- mounts:
- - type: tmpfs
- target: /tmp # torrc
- # nosuid,nodev,noexec added by default
- tmpfs_mode: '1777'
- tmpfs_size: 4k
- read_only: yes
- cap_drop: [ALL]
- security_opts: [no-new-privileges]
- memory: 128M
- restart_policy: unless-stopped
|