dockerfiles/tor/README.md

tor
===

![](https://badge.imagelayers.io/vimagick/tor:latest.svg)

[`Tor`][1] is free software and an open network that helps you defend against
traffic analysis, a form of network surveillance that threatens personal
freedom and privacy, confidential business activities and relationships, and
state security.

- Tor prevents people from learning your location or browsing habits.
- Tor is for web browsers, instant messaging clients, and more.
- Tor is free and open source for Windows, Mac, Linux/Unix, and Android

ServerTransportPlugin:

- [x] fte
- [x] meek
- [x] obfs3
- [x] obfs4

## docker-compose.yml

```
tor:
  image: vimagick/tor
  ports:
#   - "7002:7002"
    - "9001:9001"
# volumes:
#   - ./torrc:/etc/tor/torrc
#   - ./cert.pem:/var/lib/tor/cert.pem
#   - ./key.pem:/var/lib/tor/key.pem
  restart: always
```

> Default `torrc` is for `obfs4`.
> Uncomment lines to use `meek`.

## torrc (server)

```
BridgeRelay 1
ContactInfo noreply@easypi.info
DataDirectory /var/lib/tor
Exitpolicy reject *:*
Nickname easypi
ORPort 9001
PublishServerDescriptor 0
SocksPort 0
#ServerTransportPlugin fte exec /usr/bin/fteproxy --mode server --managed
#ServerTransportPlugin meek exec /usr/bin/meek-server --port 7002 --cert cert.pem --key key.pem
#ServerTransportPlugin obfs3 exec /usr/bin/obfsproxy managed
ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
```

## torrc (client)

```
#Socks5Proxy 127.0.0.1:1080
UseBridges 1
#Bridge fte 1.2.3.4:9001 F24BF4DE74649E205A8A3621C84F97FF623B2083
#Bridge meek 1.2.3.4:9001 url=https://meek.easypi.info:7002/
#Bridge obfs3 1.2.3.4:9001 F24BF4DE74649E205A8A3621C84F97FF623B2083
Bridge obfs4 1.2.3.4:9001 F24BF4DE74649E205A8A3621C84F97FF623B2083
#ClientTransportPlugin fte exec /usr/bin/fteproxy
#ClientTransportPlugin meek exec /usr/bin/meek-client
#ClientTransportPlugin obfs3 exec /usr/bin/obfsproxy
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy
```

> Please connect via `HTTPProxy`/`HTTPSProxy`/`Socks5Proxy` if you're blocked!

## server

```
$ openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/C=JP/ST=Tokyo/L=Heiwajima/O=DataGeek/OU=Org/CN=meek.easypi.info"
$ docker-compose up -d
$ docker-compose logs
$ docker-compose exec tor tor --quiet --list-fingerprint
easypi F24B F4DE 7464 9E20 5A8A 3621 C84F 97FF 623B 2083
```

## client

```
$ tor -f /etc/tor/torrc
$ curl -x socks5h://127.0.0.1:9050 ifconfig.ovh
```

## references

- https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en
- https://blog.torproject.org/blog/how-use-%E2%80%9Cmeek%E2%80%9D-pluggable-transport
- https://fteproxy.org/help-server-with-tor
- https://github.com/Yawning/obfs4

[1]: https://www.torproject.org/
update 2015-06-18 10:43:03 +00:00			`tor`
			`===`

update tor 2015-09-28 05:30:31 +00:00			`![](https://badge.imagelayers.io/vimagick/tor:latest.svg)`

update 2015-06-18 10:43:03 +00:00			[`Tor`][1] is free software and an open network that helps you defend against
			`traffic analysis, a form of network surveillance that threatens personal`
			`freedom and privacy, confidential business activities and relationships, and`
			`state security.`

			`- Tor prevents people from learning your location or browsing habits.`
			`- Tor is for web browsers, instant messaging clients, and more.`
			`- Tor is free and open source for Windows, Mac, Linux/Unix, and Android`

update tor 2015-09-28 07:33:24 +00:00			`ServerTransportPlugin:`

			`- [x] fte`
add meek to tor 2015-10-27 02:51:45 +00:00			`- [x] meek`
update tor 2015-09-28 07:33:24 +00:00			`- [x] obfs3`
			`- [x] obfs4`

update 2015-06-18 10:43:03 +00:00			`## docker-compose.yml`

			```
			`tor:`
			`image: vimagick/tor`
			`ports:`
update 2015-10-27 03:36:06 +00:00			`# - "7002:7002"`
update 2015-06-18 10:43:03 +00:00			`- "9001:9001"`
fix 2015-09-28 07:41:16 +00:00			`# volumes:`
			`# - ./torrc:/etc/tor/torrc`
update 2015-10-27 03:36:06 +00:00			`# - ./cert.pem:/var/lib/tor/cert.pem`
			`# - ./key.pem:/var/lib/tor/key.pem`
update 2015-06-18 10:43:03 +00:00			`restart: always`
			```

update 2015-10-27 03:36:06 +00:00			> Default `torrc` is for `obfs4`.
			> Uncomment lines to use `meek`.
fix 2015-09-28 07:41:16 +00:00
update 2015-06-18 12:30:05 +00:00			`## torrc (server)`
update 2015-06-18 10:43:03 +00:00
			```
			`BridgeRelay 1`
switch to new domain: easypi.info 2016-05-01 01:06:20 +00:00			`ContactInfo noreply@easypi.info`
update 2015-09-28 08:16:22 +00:00			`DataDirectory /var/lib/tor`
update torrc 2015-10-27 03:25:12 +00:00			`Exitpolicy reject :`
update tor 2016-06-05 14:04:32 +00:00			`Nickname easypi`
update torrc 2015-10-27 03:25:12 +00:00			`ORPort 9001`
			`PublishServerDescriptor 0`
			`SocksPort 0`
update tor 2015-09-28 07:33:24 +00:00			`#ServerTransportPlugin fte exec /usr/bin/fteproxy --mode server --managed`
update 2015-10-27 02:57:37 +00:00			`#ServerTransportPlugin meek exec /usr/bin/meek-server --port 7002 --cert cert.pem --key key.pem`
update tor 2015-09-28 07:33:24 +00:00			`#ServerTransportPlugin obfs3 exec /usr/bin/obfsproxy managed`
			`ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy`
update 2015-06-18 12:30:05 +00:00			```

			`## torrc (client)`

			```
			`#Socks5Proxy 127.0.0.1:1080`
			`UseBridges 1`
add meek to tor 2015-10-27 02:51:45 +00:00			`#Bridge fte 1.2.3.4:9001 F24BF4DE74649E205A8A3621C84F97FF623B2083`
switch to new domain: easypi.info 2016-05-01 01:06:20 +00:00			`#Bridge meek 1.2.3.4:9001 url=https://meek.easypi.info:7002/`
update tor 2015-09-28 07:33:24 +00:00			`#Bridge obfs3 1.2.3.4:9001 F24BF4DE74649E205A8A3621C84F97FF623B2083`
			`Bridge obfs4 1.2.3.4:9001 F24BF4DE74649E205A8A3621C84F97FF623B2083`
fix the torrc client ClientTransportPlugin path the binaries are installed under the `usr/bin` path [[1]](https://github.com/vimagick/dockerfiles/blob/master/tor/Dockerfile#L22) 2019-06-06 12:03:48 +00:00			`#ClientTransportPlugin fte exec /usr/bin/fteproxy`
			`#ClientTransportPlugin meek exec /usr/bin/meek-client`
			`#ClientTransportPlugin obfs3 exec /usr/bin/obfsproxy`
			`ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy`
update 2015-06-18 10:43:03 +00:00			```

update 2015-10-27 07:40:56 +00:00			> Please connect via `HTTPProxy`/`HTTPSProxy`/`Socks5Proxy` if you're blocked!
update 2015-06-18 12:30:05 +00:00
			`## server`
update 2015-06-18 10:43:03 +00:00
			```
switch to new domain: easypi.info 2016-05-01 01:06:20 +00:00			`$ openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/C=JP/ST=Tokyo/L=Heiwajima/O=DataGeek/OU=Org/CN=meek.easypi.info"`
update 2015-06-18 10:43:03 +00:00			`$ docker-compose up -d`
update 2015-06-18 12:30:05 +00:00			`$ docker-compose logs`
update tor 2016-06-05 14:04:32 +00:00			`$ docker-compose exec tor tor --quiet --list-fingerprint`
			`easypi F24B F4DE 7464 9E20 5A8A 3621 C84F 97FF 623B 2083`
update 2015-06-18 10:43:03 +00:00			```

update 2015-06-18 12:30:05 +00:00			`## client`

			```
			`$ tor -f /etc/tor/torrc`
update tor 2015-09-28 07:33:24 +00:00			`$ curl -x socks5h://127.0.0.1:9050 ifconfig.ovh`
update 2015-06-18 12:30:05 +00:00			```
update 2015-06-18 11:49:42 +00:00
update 2015-06-18 12:30:05 +00:00			`## references`
update 2015-06-18 11:49:42 +00:00
update 2015-06-18 12:30:05 +00:00			`- https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en`
update 2015-10-27 03:36:06 +00:00			`- https://blog.torproject.org/blog/how-use-%E2%80%9Cmeek%E2%80%9D-pluggable-transport`
update tor 2015-09-28 07:33:24 +00:00			`- https://fteproxy.org/help-server-with-tor`
			`- https://github.com/Yawning/obfs4`
update 2015-06-18 12:41:36 +00:00
			`[1]: https://www.torproject.org/`