mirror of
https://github.com/antitree/private-tor-network
synced 2025-06-26 18:16:51 +00:00
422b496921
updated torrc, docker-compose, and entrypoint scripts to reflect new users added ca-certificates to requirements, removed asciidocs
90 lines
3.0 KiB
Bash
Executable File
90 lines
3.0 KiB
Bash
Executable File
#!/bin/bash
|
|
set -o errexit
|
|
|
|
# Fudge the sleep to try and keep the consensus
|
|
#FUDGE=$(( ( RANDOM % 100) + 20 ))
|
|
FUDGE=3
|
|
|
|
echo -e "\n========================================================"
|
|
|
|
if [ ! -e /tor-config-done ]; then
|
|
touch /tor-config-done # only run this once
|
|
|
|
# Generate a random name
|
|
RPW=$(pwgen -0A 10)
|
|
export TOR_NICKNAME=${ROLE}${RPW}
|
|
echo "Setting random Nickname: ${TOR_NICKNAME}"
|
|
echo -e "\nNickname ${TOR_NICKNAME}" >> /etc/tor/torrc
|
|
|
|
# Host specific modifications to the torrc file
|
|
echo -e "DataDirectory ${TOR_DIR}/${TOR_NICKNAME}" >> /etc/tor/torrc
|
|
TOR_IP=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/')
|
|
echo "Address ${TOR_IP}" >> /etc/tor/torrc
|
|
echo -e "ControlPort 0.0.0.0:9051" >> /etc/tor/torrc
|
|
if [ -z "${TOR_CONTROL_PWD}" ]; then
|
|
TOR_CONTROL_PWD="16:6971539E06A0F94C6011414768D85A25949AE1E201BDFE10B27F3B3EBA"
|
|
fi
|
|
echo -e "HashedControlPassword ${TOR_CONTROL_PWD}" >> /etc/tor/torrc
|
|
|
|
# Changes to the torrc file based on the desired role
|
|
case ${ROLE} in
|
|
DA)
|
|
echo "Setting role to DA"
|
|
cat /etc/tor/torrc.da >> /etc/tor/torrc
|
|
echo -e "OrPort ${TOR_ORPORT}" >> /etc/tor/torrc
|
|
echo -e "Dirport ${TOR_DIRPORT}" >> /etc/tor/torrc
|
|
echo -e "ExitPolicy accept *:*" >> /etc/tor/torrc
|
|
KEYPATH=${TOR_DIR}/${TOR_NICKNAME}/keys
|
|
mkdir -p ${KEYPATH}
|
|
echo "password" | tor-gencert --create-identity-key -m 12 -a ${TOR_IP}:${TOR_DIRPORT} \
|
|
-i ${KEYPATH}/authority_identity_key \
|
|
-s ${KEYPATH}/authority_signing_key \
|
|
-c ${KEYPATH}/authority_certificate \
|
|
--passphrase-fd 0
|
|
tor --list-fingerprint --orport 1 \
|
|
--dirserver "x 127.0.0.1:1 ffffffffffffffffffffffffffffffffffffffff" \
|
|
--datadirectory ${TOR_DIR}/${TOR_NICKNAME}
|
|
echo "Saving DA fingerprint to shared path"
|
|
da_fingerprint >> ${TOR_DIR}/torrc.da
|
|
echo "Waiting for other DA's to come up..."
|
|
;;
|
|
RELAY)
|
|
echo "Setting role to RELAY"
|
|
echo -e "OrPort ${TOR_ORPORT}" >> /etc/tor/torrc
|
|
echo -e "Dirport ${TOR_DIRPORT}" >> /etc/tor/torrc
|
|
echo -e "ExitPolicy accept private:*" >> /etc/tor/torrc
|
|
|
|
echo "Waiting for other DA's to come up..."
|
|
;;
|
|
EXIT)
|
|
echo "Setting role to EXIT"
|
|
echo -e "OrPort ${TOR_ORPORT}" >> /etc/tor/torrc
|
|
echo -e "Dirport ${TOR_DIRPORT}" >> /etc/tor/torrc
|
|
echo -e "ExitPolicy accept *:*" >> /etc/tor/torrc
|
|
echo "Waiting for other DA's to come up..."
|
|
;;
|
|
CLIENT)
|
|
echo "Setting role to CLIENT"
|
|
echo -e "SOCKSPort 0.0.0.0:9050" >> /etc/tor/torrc
|
|
;;
|
|
*)
|
|
echo "Role variable missing"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
# Buffer to let the directory authority list be built
|
|
sleep $FUDGE
|
|
cat ${TOR_DIR}/torrc.da >> /etc/tor/torrc
|
|
|
|
fi
|
|
|
|
echo -e "\n========================================================"
|
|
# display Tor version & torrc in log
|
|
tor --version
|
|
cat /etc/tor/torrc
|
|
echo -e "========================================================\n"
|
|
|
|
# else default to run whatever the user wanted like "bash"
|
|
exec "$@"
|