mirror of
https://github.com/cmehay/docker-tor-hidden-service.git
synced 2025-04-20 22:09:10 +00:00
initial commit
This commit is contained in:
Christophe Mehay
commit
45219ce52f
5 changed files with 166 additions and 0 deletions
23
Dockerfile
Normal file
23
Dockerfile
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
FROM debian:jessie
|
||||
|
||||
ENV DEBIAN_FRONTEND=noninteractive
|
||||
|
||||
RUN apt-get update && apt-get install -y \
|
||||
tor \
|
||||
python3 \
|
||||
git \
|
||||
ca-certificates
|
||||
|
||||
ADD assets/docker-entrypoint.sh /
|
||||
ADD assets/tor_config.py /
|
||||
|
||||
RUN chmod +x /docker-entrypoint.sh
|
||||
|
||||
RUN git clone https://github.com/cmehay/python-docker-tool.git /docker
|
||||
RUN touch /docker/__init__.py
|
||||
|
||||
VOLUME ["/var/lib/tor/hidden_service/"]
|
||||
|
||||
ENTRYPOINT ["/docker-entrypoint.sh"]
|
||||
|
||||
CMD ["tor"]
|
||||
22
assets/docker-entrypoint.sh
Normal file
22
assets/docker-entrypoint.sh
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
#!/bin/bash
|
||||
|
||||
set -e
|
||||
|
||||
if [ "${1:0:1}" == '-' ]; then
|
||||
set -- tor $@
|
||||
fi
|
||||
|
||||
if [ "$1" == "tor" ]; then
|
||||
# Set config
|
||||
python3 ./tor_config.py
|
||||
|
||||
# set rights on keys
|
||||
chown -R debian-tor:debian-tor /var/lib/tor/hidden_service/
|
||||
chmod -R 700 /var/lib/tor/hidden_service/
|
||||
|
||||
# Switch user
|
||||
|
||||
set -- su debian-tor -s /bin/sh -c "$@"
|
||||
fi
|
||||
|
||||
exec "$@"
|
||||
51
assets/tor_config.py
Normal file
51
assets/tor_config.py
Normal file
|
|
@ -0,0 +1,51 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
import os
|
||||
from docker import docker
|
||||
from subprocess import call
|
||||
|
||||
# Generate conf for tor hidden service
|
||||
def set_conf():
|
||||
rtn = []
|
||||
links = docker.get_links()
|
||||
with open("/etc/tor/torrc", "a") as conf:
|
||||
for link in links:
|
||||
path = "/var/lib/tor/hidden_service/{service}".format(service=link)
|
||||
# Test if link has ports
|
||||
if len(links[link]['ports']) == 0:
|
||||
print("{link} has no port")
|
||||
continue
|
||||
conf.write('HiddenServiceDir {path}\n'.format(path=path))
|
||||
rtn.append(link)
|
||||
for port in links[link]['ports']:
|
||||
if links[link]['ports'][port]['protocol'] == 'UDP':
|
||||
continue
|
||||
service = '{port} {ip}:{port}'.format(
|
||||
port=port, ip=links[link]['ip']
|
||||
)
|
||||
conf.write('HiddenServicePort {service}\n'.format(
|
||||
service=service
|
||||
))
|
||||
# set relay if enabled in env (not so secure)
|
||||
if 'RELAY' in os.environ:
|
||||
conf.write("ORPort 9001\n")
|
||||
# Disable local socket
|
||||
conf.write("SocksPort 0\n")
|
||||
return rtn
|
||||
|
||||
def gen_host(services):
|
||||
# Run tor to generate keys if they doesn't exist
|
||||
call(["sh", "-c", "timeout 3s tor > /dev/null"])
|
||||
for service in services:
|
||||
filename = "/var/lib/tor/hidden_service/{service}/hostname".format(
|
||||
service=service
|
||||
)
|
||||
with open(filename, 'r') as hostfile:
|
||||
print('{service}: {onion}'.format(
|
||||
service=service,
|
||||
onion=hostfile.read()
|
||||
))
|
||||
|
||||
if __name__ == '__main__':
|
||||
services = set_conf()
|
||||
gen_host(services)
|
||||
0
docker/__init__.py
Normal file
0
docker/__init__.py
Normal file
70
docker/docker.py
Normal file
70
docker/docker.py
Normal file
|
|
@ -0,0 +1,70 @@
|
|||
#! /usr/bin/env python3
|
||||
|
||||
import os
|
||||
import json
|
||||
import re
|
||||
|
||||
"""
|
||||
get_docker_links is a kiss module which return a dict of links
|
||||
in a docker container, or a formated json if you run it
|
||||
"""
|
||||
|
||||
def _find_ports(link_name):
|
||||
rtn = {}
|
||||
p = re.compile('^{link}_PORT_(\d*)_(UDP|TCP)$'.format(link=link_name))
|
||||
for key in os.environ:
|
||||
m = p.match(key)
|
||||
if m:
|
||||
rtn[m.group(1)] = {
|
||||
"protocol": m.group(2).lower(),
|
||||
}
|
||||
return rtn
|
||||
|
||||
def _find_env(link_name):
|
||||
rtn = {}
|
||||
p = re.compile('^{link}_ENV_(.*)$'.format(link=link_name))
|
||||
for key, value in os.environ.items():
|
||||
m = p.match(key)
|
||||
if m:
|
||||
rtn[m.group(1)] = value
|
||||
return rtn
|
||||
|
||||
def get_links(*args):
|
||||
"""
|
||||
List all links and return dictionnay with link name, ip address,
|
||||
ports and protocols.
|
||||
"""
|
||||
rtn = {}
|
||||
nb_args = len(args)
|
||||
# Read hosts file
|
||||
with open('/etc/hosts') as hosts:
|
||||
for line in hosts:
|
||||
split = line.split()
|
||||
if len(split) != 3:
|
||||
continue
|
||||
# Check if entry is a link
|
||||
link_ip = split[0]
|
||||
link_name_env = split[1].upper()
|
||||
link_name = split[1]
|
||||
env_var = "{link_name}_NAME".format(link_name=link_name_env)
|
||||
if nb_args and link_name not in args:
|
||||
continue
|
||||
if env_var in os.environ:
|
||||
network = os.environ[env_var].split(':')
|
||||
rtn[link_name] = {
|
||||
"ip": link_ip,
|
||||
"ports": _find_ports(link_name_env),
|
||||
"environment": _find_env(link_name_env)
|
||||
}
|
||||
return rtn
|
||||
|
||||
def to_json(*args):
|
||||
print(json.dumps(get_links(*args),
|
||||
sort_keys=True,
|
||||
indent=4,
|
||||
separators=(',', ': ')
|
||||
))
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
to_json()
|
||||
Loading…
Add table
Reference in a new issue