[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #31834 [Circumvention]: Make obfs4 Docker image more usable
#31834: Make obfs4 Docker image more usable
-------------------------------+-------------------------------
Reporter: phw | Owner: phw
Type: defect | Status: assigned
Priority: Medium | Milestone:
Component: Circumvention | Version:
Severity: Normal | Resolution:
Keywords: docker, s30-o24a2 | Actual Points:
Parent ID: #31281 | Points: 1
Reviewer: | Sponsor: Sponsor30-can
-------------------------------+-------------------------------
Comment (by thymbahutymba):
Replying to [ticket:31834 phw]:
During these days I figure out some solutions about some problems pointed
by Philipp.
\\
> * Make it easier to get the bridge's fingerprint and/or bridge line. At
the moment, users have to spawn a shell in the container, which is
tedious.
For make easier get not only the fingerprint but all the log available I
added to the {{{start-tor.sh}}} file one more log line {{{Log notice
stdout}}}. In this way with {{{docker logs CONTAINER}}}.
\\
> * Maybe provide a docker-compose file.
I had to make a choice between docker-compose and Makefile, I chose the
Makefile. The reason that convince me in this choice was the fact that
each container, that are not related each other, provides an instance of
tor (they don't be part of a whole service which is the purpose of docker-
compose). Using the Makefle give also others advantages like embed the
build command and the config target. Just to be more clear here the
Makefile that I wrote:
{{{
FLAGS=-d --restart unless-stopped --log-opt "max-size=30m"
EMAIL=
VOLUME=/var/lib/tor
.PHONY: build
build:
docker build -t obfs4-proxy
.PHONY: deploy
deploy: DockerObfs4Proxy-1 DockerObfs4Proxy-2
DockerObfs4Proxy-%: config-%
docker run \
-e "OR_PORT=${OR_PORT}" -e "PT_PORT=${PT_PORT}" -e
"EMAIL=${EMAIL}" \
-p "${OR_PORT}":"${OR_PORT}" -p "${PT_PORT}":"${PT_PORT}"
\
-v "$@-vol":"${VOLUME}" \
--name $@ \
${FLAGS} \
obfs4-proxy
config-1:
$(eval OR_PORT = 993)
$(eval PT_PORT = 443)
config-2:
$(eval OR_PORT = 143)
$(eval PT_PORT = 995)
}}}
In this case can be even replaced the {{{deploy-container.sh}}} file also
due to the fact that the user have to be able to chose the ports that he
prefers.
Is worth to notice that using this approach the user can deploy as many
containers as he wants just changing few things: what is required by the
deploy target and adding the respective {{{config-X}}} target.
\\
> * Mention concerns regarding permanence: Ideally, a container should run
as long as possible.
I also added a volume for the {{{/var/lib/tor}}} directory keeping the
seniority earned by the bridge. In that way if an update is required is
easy to build the new image and deploy it.
I would also like to say that just editing the section about the
{{{torrc}}} file in {{{start-tor.sh}}} there is the chance to deploy
container for guard, middle and exit nodes.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31834#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs