dependabot[bot] 6c4f2403cc build(deps): bump alpine from 3.19.0 to 3.19.1 (#75) | hai 10 meses | |
---|---|---|
.github | hai 11 meses | |
CHANGELOG.md | hai 1 ano | |
Dockerfile | hai 10 meses | |
Makefile | %!s(int64=2) %!d(string=hai) anos | |
README.md | %!s(int64=2) %!d(string=hai) anos | |
ansible-playbook.yml | %!s(int64=4) %!d(string=hai) anos | |
docker-compose.yml | %!s(int64=2) %!d(string=hai) anos | |
entrypoint.sh | %!s(int64=4) %!d(string=hai) anos | |
torrc.template | %!s(int64=4) %!d(string=hai) anos |
repo: https://github.com/fphammerle/docker-onion-service
docker hub: https://hub.docker.com/r/fphammerle/onion-service/tags
signed tags: https://github.com/fphammerle/docker-onion-service/tags
defaults to creating a v3 service
$ sudo docker run --name onion_service \
-e VIRTUAL_PORT=80 -e TARGET=1.2.3.4:8080 \
fphammerle/onion-service
$ sudo docker create --name onion_service \
--env VERSION=3 \
--env VIRTUAL_PORT=80 \
--env TARGET=1.2.3.4:8080 \
--volume onion-key:/onion-service \
--restart unless-stopped \
--cap-drop all --security-opt no-new-privileges \
fphammerle/onion-service:latest
$ sudo docker start onion_service
optionally add --read-only --tmpfs /tmp:rw,size=4k
to make the container's root filesystem read only
$ sudo docker exec onion_service cat /onion-service/hostname
abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmnopqrst.onion
in single-hop mode connections from the onion service to introduction & rendezvous points will be direct and thus no longer anonymous:
$ sudo docker run -e NON_ANONYMOUS_SINGLE_HOP_MODE=1 …
useful to reduce latency (e.g. clearnet http servers setting alt-svc
header)
$ sudo docker exec onion_service \
sh -c 'printf "AUTHENTICATE\nGETINFO circuit-status\nQUIT\n" | nc localhost 9051'
relay search: https://metrics.torproject.org/rs.html
git clone https://github.com/fphammerle/docker-onion-service
docker-compose.yml
sudo docker-compose up --build
onion service protocol overview
ways to publish onion services: