Switch to Building obfs4proxy from Go Source Due to Its Removal from Alpine Repository

.gitignore

@@ -0,0 +1 @@
+bridges.conf

Dockerfile

@@ -1,3 +1,20 @@
+FROM golang:alpine AS go-build
+
+# Install Go for building obfs4proxy.
+RUN apk --no-cache --update add go git ca-certificates \
+    && mkdir -p /go/src /go/bin \
+    && chmod -R 644 /go 
+
+ENV GOPATH /go
+ENV PATH /go/bin:$PATH
+WORKDIR /go
+
+# Build /go/bin/obfs4proxy
+RUN go install -v gitlab.com/yawning/obfs4.git/obfs4proxy@latest
+
+# Copy the binaries to /usr/local/bin
+RUN cp /go/bin/* /usr/local/bin/
+
 FROM alpine:3.18
 
 LABEL maintainer="Peter Dave Hello <hsu@peterdavehello.org>"
@@ -6,13 +23,15 @@ LABEL version="latest"
 
 RUN echo '@edge https://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories && \
     echo '@edge https://dl-cdn.alpinelinux.org/alpine/edge/testing'   >> /etc/apk/repositories && \
-    apk -U upgrade && \
-    apk -v add tor@edge obfs4proxy@edge curl && \
+    apk -v --no-cache --update add tor@edge curl && \
     chmod 700 /var/lib/tor && \
-    rm -rf /var/cache/apk/* && \
+    mkdir -p /etc/tor/torrc.d && \
     tor --version
 COPY --chown=tor:root torrc /etc/tor/
 
+# Copy obfs4proxy & meek-server
+COPY --from=go-build /usr/local/bin/ /usr/local/bin/
+
 HEALTHCHECK --timeout=10s --start-period=60s \
     CMD curl --fail --socks5-hostname localhost:9150 -I -L 'https://www.facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion/' || exit 1
 

README.md

@@ -90,6 +90,37 @@ Use the prefix `ghcr.io/` if you prefer to use GitHub Container Registry.
     docker stop tor-socks-proxy
     ```
 
+## Configuration with Custom Bridges
+
+### Description
+
+To enhance privacy and bypass censorship, users can configure the `tor-socks-proxy` Docker container to use custom Tor bridges. The steps involve copying a template configuration file, obtaining bridge lines from the Tor Bridge Relay Database, and saving them to a configuration file. 
+
+**Procedure:**
+
+1. **Copy Configuration Template:**
+   - Copy `bridges.conf.template` to `bridges.conf`.
+
+2. **Obtain Bridge Lines:**
+   - Visit the Tor Bridge Relay Database at [https://bridges.torproject.org/bridges?transport=obfs4](https://bridges.torproject.org/bridges?transport=obfs4).
+   - Select bridge lines that use the `obfs4` transport.
+
+3. **Update Configuration File:**
+   - Save the obtained bridge lines to `bridges.conf`. 
+   - Format each line as shown below:
+
+     ```conf
+     Bridge obfs4 [IP Address]:[Port] [Fingerprint] cert=[Certificate] iat-mode=0
+     ```
+
+### Basic Example of Running with Custom Bridges
+
+Run the Docker container with the updated bridges configuration:
+
+```sh
+docker run -d --restart=always --name tor-socks-proxy -p 0.0.0.0:9100:9150 -v $(pwd)/bridges.conf:/etc/tor/torrc.d/bridges.conf peterdavehello/tor-socks-proxy
+```
+
 ## IP renewal
 
 - Tor changes circuit automatically every 10 minutes by default, which usually bring you the new IP address, it's affected by `MaxCircuitDirtiness` config, you can override it with your own `torrc`, or edit the config file and restart the container. See the official [manual](https://www.torproject.org/docs/tor-manual.html.en) for more details.

bridges.conf.template

@@ -0,0 +1,7 @@
+UseBridges 1
+ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy
+#Obtain bridge lines from Tor Bridge Relay Database (https://bridges.torproject.org/bridges?transport=obfs4)
+# See example below
+#Bridge obfs4 xx.xxx.xxx.xxx:0000 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx cert=xxxxxxxxxxxxxxxxxxx iat-mode=0
+#Bridge obfs4 xx.xxx.xxx.xxx:0000 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx cert=xxxxxxxxxxxxxxxxxxx iat-mode=0
+

torrc

@@ -3,3 +3,5 @@ Log notice stdout
 DNSPort 0.0.0.0:8853
 SocksPort 0.0.0.0:9150
 DataDirectory /var/lib/tor
+
+%include /etc/tor/torrc.d/*.conf