UniqueSoft
/
private-tor-network
mirror of https://github.com/antitree/private-tor-network
3
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
private-tor-network/scripts/docker-entrypoint

108 lines
3.8 KiB
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
set -o errexit
# Fudge the sleep to try and keep the consensus
#FUDGE=$(( ( RANDOM % 100) + 20 ))
FUDGE=3
echo -e "\n========================================================"
if [ ! -e /tor-config-done ]; then
touch /tor-config-done # only run this once
# Generate a random name
RPW=$(pwgen -0A 10)
export TOR_NICKNAME=${ROLE}${RPW}
echo "Setting random Nickname: ${TOR_NICKNAME}"
echo -e "\nNickname ${TOR_NICKNAME}" >> /etc/tor/torrc
# Host specific modifications to the torrc file
echo -e "DataDirectory ${TOR_DIR}/${TOR_NICKNAME}" >> /etc/tor/torrc
# Updated to handle docker stack/swarm network overlays
TOR_IP=$(ip addr show eth1 | grep "inet" | grep -v '\/32'| awk '{print $2}' | cut -f1 -d'/')
NICS=$(ip addr | grep 'state UP' | awk '{print $2}' | cut -f1 -d':')
echo "Address ${TOR_IP}" >> /etc/tor/torrc
echo -e "ControlPort 0.0.0.0:9051" >> /etc/tor/torrc
if [ -z "${TOR_CONTROL_PWD}" ]; then
TOR_CONTROL_PWD="16:6971539E06A0F94C6011414768D85A25949AE1E201BDFE10B27F3B3EBA"
fi
echo -e "HashedControlPassword ${TOR_CONTROL_PWD}" >> /etc/tor/torrc
# Changes to the torrc file based on the desired role
case ${ROLE} in
DA)
echo "Setting role to DA"
cat /etc/tor/torrc.da >> /etc/tor/torrc
echo -e "OrPort ${TOR_ORPORT}" >> /etc/tor/torrc
echo -e "Dirport ${TOR_DIRPORT}" >> /etc/tor/torrc
echo -e "ExitPolicy accept *:*" >> /etc/tor/torrc
KEYPATH=${TOR_DIR}/${TOR_NICKNAME}/keys
mkdir -p ${KEYPATH}
echo "password" | tor-gencert --create-identity-key -m 12 -a ${TOR_IP}:${TOR_DIRPORT} \
-i ${KEYPATH}/authority_identity_key \
-s ${KEYPATH}/authority_signing_key \
-c ${KEYPATH}/authority_certificate \
--passphrase-fd 0
tor --list-fingerprint --orport 1 \
--dirserver "x 127.0.0.1:1 ffffffffffffffffffffffffffffffffffffffff" \
--datadirectory ${TOR_DIR}/${TOR_NICKNAME}
echo "Saving DA fingerprint to shared path"
da_fingerprint >> ${TOR_DIR}/torrc.da
echo "Waiting for other DA's to come up..."
;;
RELAY)
echo "Setting role to RELAY"
echo -e "OrPort ${TOR_ORPORT}" >> /etc/tor/torrc
echo -e "Dirport ${TOR_DIRPORT}" >> /etc/tor/torrc
echo -e "ExitPolicy accept private:*" >> /etc/tor/torrc
echo "Waiting for other DA's to come up..."
;;
EXIT)
echo "Setting role to EXIT"
echo -e "OrPort ${TOR_ORPORT}" >> /etc/tor/torrc
echo -e "Dirport ${TOR_DIRPORT}" >> /etc/tor/torrc
echo -e "ExitPolicy accept *:*" >> /etc/tor/torrc
echo "Waiting for other DA's to come up..."
;;
CLIENT)
echo "Setting role to CLIENT"
echo -e "SOCKSPort 0.0.0.0:9050" >> /etc/tor/torrc
;;
HS)
# NOTE By default the HS role will point to a service running on port 80
# but there is no service running on port 80. You can either attach to
# the container and start one, or better yet, point to another docker
# container on the network by setting the TOR_HS_ADDR to its IP
echo "Setting role to HIDDENSERVICE"
echo -e "HiddenServiceDir ${TOR_DIR}/${TOR_NICKNAME}/hs" >> /etc/tor/torrc
if [ -z "${TOR_HS_PORT}" ]; then
TOR_HS_PORT=80
fi
if [ -z "${TOR_HS_ADDR}" ]; then
TOR_HS_ADDR=127.0.0.1
fi
echo -e "HiddenServicePort ${TOR_HS_PORT} ${TOR_HS_ADDR}:${TOR_HS_PORT}" >> /etc/tor/torrc
;;
*)
echo "Role variable missing"
exit 1
;;
esac
# Buffer to let the directory authority list be built
sleep $FUDGE
cat ${TOR_DIR}/torrc.da >> /etc/tor/torrc
fi
echo -e "\n========================================================"
# display Tor version & torrc in log
tor --version
cat /etc/tor/torrc
echo -e "========================================================\n"
# else default to run whatever the user wanted like "bash"
exec "$@"
Reference in New Issue View Git Blame Copy Permalink