fphammerle
/
docker-onion-service
kopia lustrzana https://github.com/fphammerle/docker-onion-service


			
				
					
						
						
							1234567891011121314151617181920212223242526272829
							- hosts: [some-host]
  become: true
  tasks:
  - docker_container:
      name: onion_service
      # object c0108f3399291deb03e22c550c09c502935c7f6b
      # tag docker/3.0.0-tor0.4.3.5-amd64
      image: docker.io/fphammerle/onion-service@sha256:4eff7f17a8d78ba4117a6dc64a120ff46cbbe7702595b37d8bafe9c8492c59df
      env:
        VIRTUAL_PORT: '80'
        TARGET: 1.2.3.4:8080
        #NON_ANONYMOUS_SINGLE_HOP_MODE: '1'
      volumes:
      - onion_service_data:/var/lib/tor
      - onion_service_key:/onion-service
      mounts:
      - type: tmpfs
        target: /tmp # torrc
        # nosuid,nodev,noexec added by default
        tmpfs_mode: '1777'
        tmpfs_size: 4k
      read_only: yes
      cap_drop: [ALL]
      security_opts: [no-new-privileges]
      cpu_quota: 5000
      cpu_period: 10000
      memory: 128M
      restart_policy: unless-stopped
      state: started