Merge pull request #4 from bugfest/improvements

Quick and default builds
bugfest · Apr 12, 2023 · 1089c0f · 1089c0f
2 parents 75565d0 + cea275f
commit 1089c0f
Show file tree

Hide file tree

Showing 5 changed files with 129 additions and 84 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,7 +1,28 @@
-ARG ALPINE_VERSION="3.17"
+ARG ALPINE_VERSION="3.17.3"
+
+# Tor builder
+FROM --platform=$TARGETPLATFORM docker.io/library/alpine:$ALPINE_VERSION as tor-builder
+
+ARG TOR_VERSION="0.4.7.13"
+RUN apk add --update --no-cache \
+    git build-base automake autoconf make \
+    build-base openssl-dev libevent-dev zlib-dev \
+    xz-dev zstd-dev
+
+# Install Tor from source
+RUN git clone https://gitlab.torproject.org/tpo/core/tor.git --depth 1 --branch tor-$TOR_VERSION /tor
+WORKDIR /tor
+RUN ./autogen.sh
+RUN ./configure \
+    --disable-asciidoc \
+    --disable-manpage \
+    --disable-html-manual
+    # --enable-static-tor
+RUN make
+RUN make install
 
 # Build the obfs4 binary (cross-compiling)
-FROM --platform=$BUILDPLATFORM golang:1.17-alpine as obfs-builder
+FROM --platform=$BUILDPLATFORM golang:1.20-alpine as obfs-builder
 ARG OBFS_VERSION="obfs4proxy-0.0.14-tor2"
 
 RUN apk add --update --no-cache git
@@ -23,13 +44,27 @@ LABEL \
 
 WORKDIR /app
 
-RUN apk add --update --no-cache \
-      tor && \
-    chmod -R g+w .
+RUN apk add --update --no-cache libevent && \
+    chmod -R g+w /app /run
+
+# install tor
+RUN mkdir -p /usr/local/bin /usr/local/etc/tor /usr/local/share/tor
+COPY --from=tor-builder /usr/local/bin/tor /usr/local/bin/tor
+COPY --from=tor-builder /tor/src/tools/tor-resolve /usr/local/bin/.
+COPY --from=tor-builder /tor/src/tools/tor-print-ed-signing-cert /usr/local/bin/.
+COPY --from=tor-builder /tor/src/tools/tor-gencert /usr/local/bin/.
+COPY --from=tor-builder /tor/contrib/client-tools/torify /usr/local/bin/.
+COPY --from=tor-builder /tor/src/config/torrc.sample /usr/local/etc/tor/.
+COPY --from=tor-builder /tor/src/config/geoip /usr/local/share/tor/.
+COPY --from=tor-builder /tor/src/config/geoip6 /usr/local/share/tor/.
 
 # install transports
 COPY --from=obfs-builder /out/obfs4proxy /usr/local/bin/.
 
+# create service dir
+RUN mkdir -p /run/tor/service && \
+    chmod -R g+w /run
+
 USER 1001
 
-ENTRYPOINT ["tor"]
+ENTRYPOINT ["/usr/local/bin/tor"]
diff --git a/Dockerfile.build b/Dockerfile.build
diff --git a/Dockerfile.quick b/Dockerfile.quick
@@ -0,0 +1,36 @@
+ARG ALPINE_VERSION="3.17.3"
+
+# Build the obfs4 binary (cross-compiling)
+FROM --platform=$BUILDPLATFORM golang:1.20-alpine as obfs-builder
+ARG OBFS_VERSION="obfs4proxy-0.0.14-tor2"
+
+RUN apk add --update --no-cache git
+RUN git clone https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/obfs4.git --depth 1 --branch $OBFS_VERSION /obfs
+
+# Build obfs
+RUN mkdir /out
+WORKDIR /obfs
+ARG TARGETOS TARGETARCH
+RUN --mount=type=cache,target=/root/.cache/go-build \
+    --mount=type=cache,target=/go/pkg \
+    CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -o /out/obfs4proxy ./obfs4proxy
+
+# Tor runner
+FROM --platform=$TARGETPLATFORM docker.io/library/alpine:$ALPINE_VERSION as runner
+ARG TOR_VERSION="0.4.7.13"
+
+LABEL \
+      org.opencontainers.image.source "https://github.com/bugfest/tor-docker"
+
+WORKDIR /app
+
+RUN apk add --update --no-cache \
+      tor=~${TOR_VERSION} && \
+    chmod -R g+w /app /run
+
+# install transports
+COPY --from=obfs-builder /out/obfs4proxy /usr/local/bin/.
+
+USER 1001
+
+ENTRYPOINT ["tor"]
diff --git a/Makefile b/Makefile
@@ -1,22 +1,26 @@
 .PHONY: all
 all: build
 
-.PHONY: build
+.PHONY: quick
 build:
 	docker buildx build \
 		--platform=linux/amd64,linux/arm,linux/arm64 \
+		--build-arg ALPINE_VERSION=3.17.3 \
 		--build-arg TOR_VERSION=0.4.7.13 \
 		--tag quay.io/bugfest/tor:0.4.7.13 \
 		--tag quay.io/bugfest/tor:latest \
 		--squash \
+		-f Dockerfile.quick \
 		.
 
-.PHONY: build-alt
+.PHONY: build
 build-alt:
 	docker buildx build \
 		--platform=linux/amd64,linux/arm,linux/arm64 \
+		--build-arg ALPINE_VERSION=3.17.3 \
 		--build-arg TOR_VERSION=0.4.7.13 \
 		--tag quay.io/bugfest/tor:0.4.7.13 \
 		--tag quay.io/bugfest/tor:latest \
 		--squash \
-		-f Dockerfile.build .
+		-f Dockerfile \
+		.
diff --git a/README.md b/README.md
@@ -1,17 +1,56 @@
-# tor-docker
+<h1 align="center"><b>tor-docker</b></h1>
 
-Tor multiarch dockerfile
+
+[![Build multiarch image - latest](https://github.com/bugfest/tor-docker/actions/workflows/main.yml/badge.svg)](https://github.com/bugfest/tor-docker/actions/workflows/main.yml)
+[![Build multiarch image - tag](https://github.com/bugfest/tor-docker/actions/workflows/main-tag.yml/badge.svg)](https://github.com/bugfest/tor-docker/actions/workflows/main-tag.yml)
+
+`Tor` daemon (https://www.torproject.org/download/tor/) multiarch container.
+
+Additional transport plugins included in the image:
+- `obfs4proxy`
 
 Tested architectures:
 
-- amd64
-- arm
-- arm64
+- `amd64`
+- `arm`
+- `arm64`
+
+Source code:
+- https://gitlab.torproject.org/tpo/core/tor
+- https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/obfs4
+
+Used by:
+- [bugfest/tor-controller](https://github.com/bugfest/tor-controller)
 
-Used by [bugfest/tor-controller](https://github.com/bugfest/tor-controller)
+# Tor
+
+Tor is an anonymity network that provides:
+
+- privacy
+- enhanced tamperproofing
+- freedom from network surveillance
+- NAT traversal
 
 ## How to
 
+## Standard build
+
+Builds Tor from source. Method used to create releases in this repo.
+
 ```bash
 make
 ```
+
+## Quick build
+
+Installs pre-built Tor from Alpine's repositories. Useful for testing/troubleshooting.
+
+```bash
+make quick
+```
+
+# Usage
+
+```shell
+docker pull quay.io/bugfest/tor
+```