123456789101112131415161718192021222324252627282930 |
- - hosts: [some-host]
- become: true
- tasks:
- - docker_container:
- name: onion_service
- # object 3acef0d56536497ecf85ebdd017dd8d825be1d8d
- # tag docker/2.0.0-tor0.4.3.5-amd64
- image: docker.io/fphammerle/onion-service@sha256:4e64c5ddc1115b9c2fb1d6ea6ce6ac3cf77fbfb048257d9c8c3c71b4765611fb
- env:
- VIRTUAL_PORT: '80'
- TARGET: 1.2.3.4:8080
- # on v3.0.0:
- #NON_ANONYMOUS_SINGLE_HOP_MODE: '1'
- volumes:
- - onion_service_data:/var/lib/tor
- - onion_service_key:/onion-service
- mounts:
- - type: tmpfs
- target: /tmp # torrc
- # nosuid,nodev,noexec added by default
- tmpfs_mode: '1777'
- tmpfs_size: 4k
- read_only: yes
- cap_drop: [ALL]
- security_opts: [no-new-privileges]
- cpu_quota: 5000
- cpu_period: 10000
- memory: 128M
- restart_policy: unless-stopped
- state: started
|