luckyimnotanigger/docker-tor-hidden-service
1
0
Fork 0
mirror of https://github.com/cmehay/docker-tor-hidden-service.git synced 2025-04-22 14:59:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Default to HiddenServiceVersion=3

Browse source
This commit is contained in:
sethforprivacy 2021-12-23 10:13:02 -05:00
parent d0dd28733d
commit 11920f7e1b
No known key found for this signature in database
GPG key ID: 6B9791C6214D1E57
8 changed files with 5 additions and 70 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

59
README.md
View file

@ -20,30 +20,10 @@ services:
- again - again
environment: environment:
# Set mapping ports # Set mapping ports
SERVICE1_TOR_SERVICE_HOSTS: 80:hello:80,800:hello:80,8888:hello:80 SERVICE1_TOR_SERVICE_HOSTS: 88:again:80,8000:world:80
# Set private key # Set private key
# Tor v3 address private key must be base 64 encoded
SERVICE1_TOR_SERVICE_KEY: | SERVICE1_TOR_SERVICE_KEY: |
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDR8TdQF9fDlGhy1SMgfhMBi9TaFeD12/FK27TZE/tYGhxXvs1C
NmFJy1hjVxspF5unmUsCk0yEsvEdcAdp17Vynz6W41VdinETU9yXHlUJ6NyI32AH
dnFnHEcsllSEqD1hPAAvMUWwSMJaNmBEFtl8DUMS9tPX5fWGX4w5Xx8dZwIDAQAB
AoGBAMb20jMHxaZHWg2qTRYYJa8LdHgS0BZxkWYefnBUbZn7dOz7mM+tddpX6raK
8OSqyQu3Tc1tB9GjPLtnVr9KfVwhUVM7YXC/wOZo+u72bv9+4OMrEK/R8xy30XWj
GePXEu95yArE4NucYphxBLWMMu2E4RodjyJpczsl0Lohcn4BAkEA+XPaEKnNA3AL
1DXRpSpaa0ukGUY/zM7HNUFMW3UP00nxNCpWLSBmrQ56Suy7iSy91oa6HWkDD/4C
k0HslnMW5wJBANdz4ehByMJZmJu/b5y8wnFSqep2jmJ1InMvd18BfVoBTQJwGMAr
+qwSwNXXK2YYl9VJmCPCfgN0o7h1AEzvdYECQAM5UxUqDKNBvHVmqKn4zShb1ugY
t1RfS8XNbT41WhoB96MT9P8qTwlniX8UZiwUrvNp1Ffy9n4raz8Z+APNwvsCQQC9
AuaOsReEmMFu8VTjNh2G+TQjgvqKmaQtVNjuOgpUKYv7tYehH3P7/T+62dcy7CRX
cwbLaFbQhUUUD2DCHdkBAkB6CbB+qhu67oE4nnBCXllI9EXktXgFyXv/cScNvM9Y
FDzzNAAfVc5Nmbmx28Nw+0w6pnpe/3m0Tudbq3nHdHfQ
-----END RSA PRIVATE KEY-----
# hello and again will share the same onion v3 address
SERVICE2_TOR_SERVICE_HOSTS: 88:again:80,8000:world:80
SERVICE2_TOR_SERVICE_VERSION: '3'
# tor v3 address private key base 64 encoded
SERVICE2_TOR_SERVICE_KEY: |
PT0gZWQyNTUxOXYxLXNlY3JldDogdHlwZTAgPT0AAACArobDQYyZAWXei4QZwr++ PT0gZWQyNTUxOXYxLXNlY3JldDogdHlwZTAgPT0AAACArobDQYyZAWXei4QZwr++
j96H1X/gq14NwLRZ2O5DXuL0EzYKkdhZSILY85q+kfwZH8z4ceqe7u1F+0pQi/sM j96H1X/gq14NwLRZ2O5DXuL0EzYKkdhZSILY85q+kfwZH8z4ceqe7u1F+0pQi/sM
@ -63,17 +43,12 @@ services:
This configuration will output: This configuration will output:
``` ```
service2: xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:88, xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:8000 service1: xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:88, xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:8000
service1: 5azvyr7dvvr4cldn.onion:80, 5azvyr7dvvr4cldn.onion:800, 5azvyr7dvvr4cldn.onion:8888
``` ```
`xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:88` will hit `again:80`. `xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:88` will hit `again:80`.
`xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:8000` will hit `wold:80`. `xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion:8000` will hit `wold:80`.
`5azvyr7dvvr4cldn.onion:80` will hit `hello:80`.
`5azvyr7dvvr4cldn.onion:800` will hit `hello:80` too.
`5azvyr7dvvr4cldn.onion:8888` will hit `hello:80` again.
#### Environment variables #### Environment variables
##### `{SERVICE}_TOR_SERVICE_HOSTS` ##### `{SERVICE}_TOR_SERVICE_HOSTS`
@ -88,40 +63,16 @@ You can concatenate services using comas.
> **WARNING**: Using sockets and ports in the same service group can lead to issues > **WARNING**: Using sockets and ports in the same service group can lead to issues
##### `{SERVICE}_TOR_SERVICE_VERSION`
Can be `2` or `3`. Set the tor address type.
`2` gives short addresses `5azvyr7dvvr4cldn.onion` and `3` long addresses `xwjtp3mj427zdp4tljiiivg2l5ijfvmt5lcsfaygtpp6cw254kykvpyd.onion`
##### `{SERVICE}_TOR_SERVICE_KEY` ##### `{SERVICE}_TOR_SERVICE_KEY`
You can set the private key for the current service. You can set the private key for the current service.
Tor v2 addresses uses RSA PEM keys like:
```
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDR8TdQF9fDlGhy1SMgfhMBi9TaFeD12/FK27TZE/tYGhxXvs1C
NmFJy1hjVxspF5unmUsCk0yEsvEdcAdp17Vynz6W41VdinETU9yXHlUJ6NyI32AH
dnFnHEcsllSEqD1hPAAvMUWwSMJaNmBEFtl8DUMS9tPX5fWGX4w5Xx8dZwIDAQAB
AoGBAMb20jMHxaZHWg2qTRYYJa8LdHgS0BZxkWYefnBUbZn7dOz7mM+tddpX6raK
8OSqyQu3Tc1tB9GjPLtnVr9KfVwhUVM7YXC/wOZo+u72bv9+4OMrEK/R8xy30XWj
GePXEu95yArE4NucYphxBLWMMu2E4RodjyJpczsl0Lohcn4BAkEA+XPaEKnNA3AL
1DXRpSpaa0ukGUY/zM7HNUFMW3UP00nxNCpWLSBmrQ56Suy7iSy91oa6HWkDD/4C
k0HslnMW5wJBANdz4ehByMJZmJu/b5y8wnFSqep2jmJ1InMvd18BfVoBTQJwGMAr
+qwSwNXXK2YYl9VJmCPCfgN0o7h1AEzvdYECQAM5UxUqDKNBvHVmqKn4zShb1ugY
t1RfS8XNbT41WhoB96MT9P8qTwlniX8UZiwUrvNp1Ffy9n4raz8Z+APNwvsCQQC9
AuaOsReEmMFu8VTjNh2G+TQjgvqKmaQtVNjuOgpUKYv7tYehH3P7/T+62dcy7CRX
cwbLaFbQhUUUD2DCHdkBAkB6CbB+qhu67oE4nnBCXllI9EXktXgFyXv/cScNvM9Y
FDzzNAAfVc5Nmbmx28Nw+0w6pnpe/3m0Tudbq3nHdHfQ
-----END RSA PRIVATE KEY-----
```
Tor v3 addresses uses ed25519 binary keys. It should be base64 encoded: Tor v3 addresses uses ed25519 binary keys. It should be base64 encoded:
``` ```
PT0gZWQyNTUxOXYxLXNlY3JldDogdHlwZTAgPT0AAACArobDQYyZAWXei4QZwr++j96H1X/gq14NwLRZ2O5DXuL0EzYKkdhZSILY85q+kfwZH8z4ceqe7u1F+0pQi/sM PT0gZWQyNTUxOXYxLXNlY3JldDogdHlwZTAgPT0AAACArobDQYyZAWXei4QZwr++j96H1X/gq14NwLRZ2O5DXuL0EzYKkdhZSILY85q+kfwZH8z4ceqe7u1F+0pQi/sM
``` ```
##### `TOR_SOCKS_PORT` ##### `TOR_SOCKS_PORT`
Set tor sock5 proxy port for this tor instance. (Use this if you need to connect to tor network with your service) Set tor sock5 proxy port for this tor instance. (Use this if you need to connect to tor network with your service)

2
assets/torrc
View file

@ -1,8 +1,6 @@
{% for service_group in onion.services %} {% for service_group in onion.services %}
HiddenServiceDir {{service_group.hidden_service_dir}} HiddenServiceDir {{service_group.hidden_service_dir}}
{% if service_group.version == 3 %}
HiddenServiceVersion 3 HiddenServiceVersion 3
{% endif %}
{% for service in service_group.services %} {% for service in service_group.services %}
{% for port in service.ports %} {% for port in service.ports %}
{% if port.is_socket %} {% if port.is_socket %}

1
docker-compose.v2.yml
View file

@ -32,7 +32,6 @@ services:
# hello and again will share the same onion_adress # hello and again will share the same onion_adress
FOO_TOR_SERVICE_HOSTS: 88:again:80,8000:world:80 FOO_TOR_SERVICE_HOSTS: 88:again:80,8000:world:80
FOO_TOR_SERVICE_VERSION: '3'
# tor v3 address private key base 64 encoded # tor v3 address private key base 64 encoded
FOO_TOR_SERVICE_KEY: | FOO_TOR_SERVICE_KEY: |
PT0gZWQyNTUxOXYxLXNlY3JldDogdHlwZTAgPT0AAABYZRzL3zScTEqA8/5wfvHw PT0gZWQyNTUxOXYxLXNlY3JldDogdHlwZTAgPT0AAABYZRzL3zScTEqA8/5wfvHw

1
docker-compose.v3.latest.yml
View file

@ -12,7 +12,6 @@ services:
environment: environment:
# Set version 3 on BAR group # Set version 3 on BAR group
BAR_TOR_SERVICE_HOSTS: '80:hello:80,88:world:80' BAR_TOR_SERVICE_HOSTS: '80:hello:80,88:world:80'
BAR_TOR_SERVICE_VERSION: '3'
# hello and again will share the same v2 onion_adress # hello and again will share the same v2 onion_adress
FOO_TOR_SERVICE_HOSTS: '88:again:80,80:hello:80,800:hello:80,8888:hello:80' FOO_TOR_SERVICE_HOSTS: '88:again:80,80:hello:80,800:hello:80,8888:hello:80'

1
docker-compose.v3.yml
View file

@ -12,7 +12,6 @@ services:
environment: environment:
# Set version 3 on BAR group # Set version 3 on BAR group
BAR_TOR_SERVICE_HOSTS: '80:hello:80,88:world:80' BAR_TOR_SERVICE_HOSTS: '80:hello:80,88:world:80'
BAR_TOR_SERVICE_VERSION: '3'
# hello and again will share the same v2 onion_adress # hello and again will share the same v2 onion_adress
FOO_TOR_SERVICE_HOSTS: '88:again:80,80:hello:80,800:hello:80,8888:hello:80' FOO_TOR_SERVICE_HOSTS: '88:again:80,80:hello:80,800:hello:80,8888:hello:80'

1
docker-compose.vanguards-network.yml
View file

@ -19,7 +19,6 @@ services:
loglevel = DEBUG loglevel = DEBUG
HELLO_TOR_SERVICE_HOSTS: '80:hello:80' HELLO_TOR_SERVICE_HOSTS: '80:hello:80'
HELLO_TOR_SERVICE_VERSION: '3'
# Keep keys in volumes # Keep keys in volumes
volumes: volumes:

2
docker-compose.vanguards.yml
View file

@ -16,8 +16,6 @@ services:
loglevel = DEBUG loglevel = DEBUG
HELLO_TOR_SERVICE_HOSTS: '80:hello:80' HELLO_TOR_SERVICE_HOSTS: '80:hello:80'
HELLO_TOR_SERVICE_VERSION: '3'
# Keep keys in volumes # Keep keys in volumes
volumes: volumes:

8
tests/onions_test.py
View file

@ -69,9 +69,7 @@ def get_torrc_template():
return r""" return r"""
{% for service_group in onion.services %} {% for service_group in onion.services %}
HiddenServiceDir {{service_group.hidden_service_dir}} HiddenServiceDir {{service_group.hidden_service_dir}}
{% if service_group.version == 3 %}
HiddenServiceVersion 3 HiddenServiceVersion 3
{% endif %}
{% for service in service_group.services %} {% for service in service_group.services %}
{% for port in service.ports %} {% for port in service.ports %}
{% if port.is_socket %} {% if port.is_socket %}
@ -251,7 +249,6 @@ def test_key_v2(monkeypatch):
envs = [ envs = [
{ {
"GROUP1_TOR_SERVICE_HOSTS": "80:service1:80,81:service2:80", "GROUP1_TOR_SERVICE_HOSTS": "80:service1:80,81:service2:80",
"GROUP1_TOR_SERVICE_VERSION": "2",
"GROUP1_TOR_SERVICE_KEY": key, "GROUP1_TOR_SERVICE_KEY": key,
}, },
{ {
@ -277,7 +274,6 @@ def test_key_v3(monkeypatch):
key, onion_url = get_key_and_onion(version=3) key, onion_url = get_key_and_onion(version=3)
env = { env = {
"GROUP1_TOR_SERVICE_HOSTS": "80:service1:80,81:service2:80", "GROUP1_TOR_SERVICE_HOSTS": "80:service1:80,81:service2:80",
"GROUP1_TOR_SERVICE_VERSION": "3",
"GROUP1_TOR_SERVICE_KEY": key, "GROUP1_TOR_SERVICE_KEY": key,
} }
@ -298,7 +294,6 @@ def test_key_in_secret(fs, monkeypatch):
"GROUP1_TOR_SERVICE_HOSTS": "80:service1:80", "GROUP1_TOR_SERVICE_HOSTS": "80:service1:80",
"GROUP2_TOR_SERVICE_HOSTS": "80:service2:80", "GROUP2_TOR_SERVICE_HOSTS": "80:service2:80",
"GROUP3_TOR_SERVICE_HOSTS": "80:service3:80", "GROUP3_TOR_SERVICE_HOSTS": "80:service3:80",
"GROUP3_TOR_SERVICE_VERSION": "3",
} }
monkeypatch.setattr(os, "environ", env) monkeypatch.setattr(os, "environ", env)
@ -335,11 +330,8 @@ HiddenServiceSingleHopMode 1
"SERVICE1_PORTS": "80:80", "SERVICE1_PORTS": "80:80",
"SERVICE2_PORTS": "81:80,82:8000", "SERVICE2_PORTS": "81:80,82:8000",
"SERVICE3_PORTS": "80:unix://unix.socket", "SERVICE3_PORTS": "80:unix://unix.socket",
"GROUP3_TOR_SERVICE_VERSION": "2",
"GROUP3_TOR_SERVICE_HOSTS": "80:service4:888,81:service5:8080", "GROUP3_TOR_SERVICE_HOSTS": "80:service4:888,81:service5:8080",
"GROUP4_TOR_SERVICE_VERSION": "3",
"GROUP4_TOR_SERVICE_HOSTS": "81:unix://unix2.sock", "GROUP4_TOR_SERVICE_HOSTS": "81:unix://unix2.sock",
"GROUP3V3_TOR_SERVICE_VERSION": "3",
"GROUP3V3_TOR_SERVICE_HOSTS": "80:service4:888,81:service5:8080", "GROUP3V3_TOR_SERVICE_HOSTS": "80:service4:888,81:service5:8080",
"SERVICE5_TOR_SERVICE_HOSTS": "80:service5:80", "SERVICE5_TOR_SERVICE_HOSTS": "80:service5:80",
"TOR_EXTRA_OPTIONS": extra_options, "TOR_EXTRA_OPTIONS": extra_options,