docker-tor-hidden-service/README.md

# docker-tor-hidden-service

Create a tor hidden service with a link

```sh
# run a container with a network application
$ docker run -d --name hello_world tutum/hello-world

# and just link it to this container
$ docker run -ti --link hello_world goldy/tor-hidden-service
```

The .onion URLs are displayed to stdout at startup.

To keep onion keys, just mount volume `/var/lib/tor/hidden_service/`

```sh
$ docker run -ti --link something --volume /path/to/keys:/var/lib/tor/hidden_service/ goldy/tor-hidden-service
```

Look at the `docker-compose.yml` file to see how to use it.

## Setup

### Set private key

Private key is settable by environment or by copying file in `hostname/private_key` in docket volume (`hostname` is the link name).

It's easier to pass key in environment with `docker-compose`.

```yaml
    links:
      - hello
      - world
    environment:
        # Set private key
        HELLO_KEY: |
            -----BEGIN RSA PRIVATE KEY-----
            MIICXQIBAAKBgQDR8TdQF9fDlGhy1SMgfhMBi9TaFeD12/FK27TZE/tYGhxXvs1C
            NmFJy1hjVxspF5unmUsCk0yEsvEdcAdp17Vynz6W41VdinETU9yXHlUJ6NyI32AH
            dnFnHEcsllSEqD1hPAAvMUWwSMJaNmBEFtl8DUMS9tPX5fWGX4w5Xx8dZwIDAQAB
            AoGBAMb20jMHxaZHWg2qTRYYJa8LdHgS0BZxkWYefnBUbZn7dOz7mM+tddpX6raK
            8OSqyQu3Tc1tB9GjPLtnVr9KfVwhUVM7YXC/wOZo+u72bv9+4OMrEK/R8xy30XWj
            GePXEu95yArE4NucYphxBLWMMu2E4RodjyJpczsl0Lohcn4BAkEA+XPaEKnNA3AL
            1DXRpSpaa0ukGUY/zM7HNUFMW3UP00nxNCpWLSBmrQ56Suy7iSy91oa6HWkDD/4C
            k0HslnMW5wJBANdz4ehByMJZmJu/b5y8wnFSqep2jmJ1InMvd18BfVoBTQJwGMAr
            +qwSwNXXK2YYl9VJmCPCfgN0o7h1AEzvdYECQAM5UxUqDKNBvHVmqKn4zShb1ugY
            t1RfS8XNbT41WhoB96MT9P8qTwlniX8UZiwUrvNp1Ffy9n4raz8Z+APNwvsCQQC9
            AuaOsReEmMFu8VTjNh2G+TQjgvqKmaQtVNjuOgpUKYv7tYehH3P7/T+62dcy7CRX
            cwbLaFbQhUUUD2DCHdkBAkB6CbB+qhu67oE4nnBCXllI9EXktXgFyXv/cScNvM9Y
            FDzzNAAfVc5Nmbmx28Nw+0w6pnpe/3m0Tudbq3nHdHfQ
            -----END RSA PRIVATE KEY-----

```

Options are set using the following pattern: `LINKNAME_KEY`

### Setup port

__DEPECATED:__
By default, ports are the same as linked containers, but a default port can be mapped using `PORT_MAP` environment variable.

__Caution__: Using `PORT_MAP` with multiple ports on single service will cause `tor` to fail.

Use link setting in environment with the following pattern: `LINKNAME_PORTS`.

Like docker, first port is exposed port and the second one is service internal port.

```yaml
links:
  - hello
  - world
environment:
    # Set mapping ports
    HELLO_PORTS: 80:80

    WORLD_PORTS: 8000:80

```

### Compose v2 support

Links setting are required when using docker-compose v2. See `docker-compose.v2.yml` for example.

### Tools

A command line tool `onions` is available in container to get `.onion` url when container is running.

```sh
# Get services
$ docker exec -ti torhiddenproxy_tor_1 onions
hello: vegm3d7q64gutl75.onion:80
world: b2sflntvdne63amj.onion:80

# Get json
$ docker exec -ti torhiddenproxy_tor_1 onions --json
{"hello": ["b2sflntvdne63amj.onion:80"], "world": ["vegm3d7q64gutl75.onion:80"]}
```


### pyentrypoint

This container is using [`pyentrypoint`](https://github.com/cmehay/pyentrypoint) to generate its setup.

If you need to use the legacy version, please checkout the `legacy` branch or pull `goldy/tor-hidden-service:legacy`.
docker-compose example and better readme 2015-09-22 22:11:04 +02:00			`# docker-tor-hidden-service`
quick readme 2015-09-21 17:42:48 +02:00
			`Create a tor hidden service with a link`

Add onions tool in container 2016-03-21 23:36:16 +01:00			```sh
Update README 2016-03-21 23:54:30 +01:00			`# run a container with a network application`
Fix README typo 2016-07-02 16:55:48 +02:00			`$ docker run -d --name hello_world tutum/hello-world`
docker-compose example and better readme 2015-09-22 22:11:04 +02:00
			`# and just link it to this container`
quick readme 2015-09-21 17:42:48 +02:00			`$ docker run -ti --link hello_world goldy/tor-hidden-service`
			```

Update README 2016-03-21 23:54:30 +01:00			`The .onion URLs are displayed to stdout at startup.`
quick readme 2015-09-21 17:42:48 +02:00
			To keep onion keys, just mount volume `/var/lib/tor/hidden_service/`

Add onions tool in container 2016-03-21 23:36:16 +01:00			```sh
quick readme 2015-09-21 17:42:48 +02:00			`$ docker run -ti --link something --volume /path/to/keys:/var/lib/tor/hidden_service/ goldy/tor-hidden-service`
			```
docker-compose example and better readme 2015-09-22 22:11:04 +02:00
Update README 2016-03-21 23:54:30 +01:00			Look at the `docker-compose.yml` file to see how to use it.
Using pyentrypoint 2016-03-07 03:43:12 +01:00
Add support for docker-compose v2 and private keys 2016-09-23 03:24:11 +02:00			`## Setup`

			`### Set private key`

			Private key is settable by environment or by copying file in `hostname/private_key` in docket volume (`hostname` is the link name).

			It's easier to pass key in environment with `docker-compose`.

			```yaml
			`links:`
			`- hello`
			`- world`
			`environment:`
			`# Set private key`
			`HELLO_KEY: \|`
			`-----BEGIN RSA PRIVATE KEY-----`
			`MIICXQIBAAKBgQDR8TdQF9fDlGhy1SMgfhMBi9TaFeD12/FK27TZE/tYGhxXvs1C`
			`NmFJy1hjVxspF5unmUsCk0yEsvEdcAdp17Vynz6W41VdinETU9yXHlUJ6NyI32AH`
			`dnFnHEcsllSEqD1hPAAvMUWwSMJaNmBEFtl8DUMS9tPX5fWGX4w5Xx8dZwIDAQAB`
			`AoGBAMb20jMHxaZHWg2qTRYYJa8LdHgS0BZxkWYefnBUbZn7dOz7mM+tddpX6raK`
			`8OSqyQu3Tc1tB9GjPLtnVr9KfVwhUVM7YXC/wOZo+u72bv9+4OMrEK/R8xy30XWj`
			`GePXEu95yArE4NucYphxBLWMMu2E4RodjyJpczsl0Lohcn4BAkEA+XPaEKnNA3AL`
			`1DXRpSpaa0ukGUY/zM7HNUFMW3UP00nxNCpWLSBmrQ56Suy7iSy91oa6HWkDD/4C`
			`k0HslnMW5wJBANdz4ehByMJZmJu/b5y8wnFSqep2jmJ1InMvd18BfVoBTQJwGMAr`
			`+qwSwNXXK2YYl9VJmCPCfgN0o7h1AEzvdYECQAM5UxUqDKNBvHVmqKn4zShb1ugY`
			`t1RfS8XNbT41WhoB96MT9P8qTwlniX8UZiwUrvNp1Ffy9n4raz8Z+APNwvsCQQC9`
			`AuaOsReEmMFu8VTjNh2G+TQjgvqKmaQtVNjuOgpUKYv7tYehH3P7/T+62dcy7CRX`
			`cwbLaFbQhUUUD2DCHdkBAkB6CbB+qhu67oE4nnBCXllI9EXktXgFyXv/cScNvM9Y`
			`FDzzNAAfVc5Nmbmx28Nw+0w6pnpe/3m0Tudbq3nHdHfQ`
			`-----END RSA PRIVATE KEY-----`

			```

			Options are set using the following pattern: `LINKNAME_KEY`

Display port with .onion 2016-04-11 23:58:48 +02:00			`### Setup port`

Add support for docker-compose v2 and private keys 2016-09-23 03:24:11 +02:00			`__DEPECATED:__`
Display port with .onion 2016-04-11 23:58:48 +02:00			By default, ports are the same as linked containers, but a default port can be mapped using `PORT_MAP` environment variable.

			__Caution__: Using `PORT_MAP` with multiple ports on single service will cause `tor` to fail.

Add support for docker-compose v2 and private keys 2016-09-23 03:24:11 +02:00			Use link setting in environment with the following pattern: `LINKNAME_PORTS`.

			`Like docker, first port is exposed port and the second one is service internal port.`

			```yaml
			`links:`
			`- hello`
			`- world`
			`environment:`
			`# Set mapping ports`
			`HELLO_PORTS: 80:80`

			`WORLD_PORTS: 8000:80`

			```

			`### Compose v2 support`

			Links setting are required when using docker-compose v2. See `docker-compose.v2.yml` for example.

Add onions tool in container 2016-03-21 23:36:16 +01:00			`### Tools`

			A command line tool `onions` is available in container to get `.onion` url when container is running.

			```sh
			`# Get services`
			`$ docker exec -ti torhiddenproxy_tor_1 onions`
Display port with .onion 2016-04-11 23:58:48 +02:00			`hello: vegm3d7q64gutl75.onion:80`
			`world: b2sflntvdne63amj.onion:80`
Add onions tool in container 2016-03-21 23:36:16 +01:00
			`# Get json`
			`$ docker exec -ti torhiddenproxy_tor_1 onions --json`
Display port with .onion 2016-04-11 23:58:48 +02:00			`{"hello": ["b2sflntvdne63amj.onion:80"], "world": ["vegm3d7q64gutl75.onion:80"]}`
Add onions tool in container 2016-03-21 23:36:16 +01:00			```


Using pyentrypoint 2016-03-07 03:43:12 +01:00			`### pyentrypoint`

			This container is using [`pyentrypoint`](https://github.com/cmehay/pyentrypoint) to generate its setup.

Update README 2016-03-21 23:54:30 +01:00			If you need to use the legacy version, please checkout the `legacy` branch or pull `goldy/tor-hidden-service:legacy`.