Add Tor

2025-07-17 08:13:31 +00:00 · 2025-02-13 12:00:43 +01:00
parent 06f6b5e9bf
commit 620d6d9e92
6 changed files with 61 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -8,15 +8,16 @@ Clone https://github.com/RoboSats/robosats on a searate folder

 ````
 cd robosats
-docker run -d --name pages --restart always -p 4000:4000 pages
+docker run -d --name pages --restart always -p 4000:4000 pages  # Docs
 cd web
-docker composer up -d
-cd ../nodeapp
-docker composer up -d
+docker composer up -d # Tor Frontend
+cd ../nodeapp 
+docker composer up -d  # Clearnet Frontend
 ````

 From this folder

 ````
+# Make sure to manually setup certbot before
 docker composer up -d
 ````
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -12,6 +12,12 @@ services:
      - /etc/letsencrypt/:/etc/nginx/ssl/:ro
    network_mode: host
    command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
+  tor:
+    build: ./tor
+    restart: always
+    volumes:
+      - ./tor/data:/var/lib/tor
+      - ./tor/torrc:/etc/tor/torrc
  certbot:
    image: certbot/certbot:latest
    restart: always
--- a/tor/Dockerfile
+++ b/tor/Dockerfile
@ -0,0 +1,20 @@
+FROM alpine:3
+
+RUN apk --no-cache --no-progress add tor=~0.4
+
+EXPOSE 9001 9050
+
+# hadolint ignore=DL3002
+USER root
+ARG LOCAL_USER_ID=9999
+ENV TOR_DATA=/var/lib/tor
+
+# Add useradd and usermod
+# Create user account (UID will be changed in entrypoint script)
+RUN apk --no-cache --no-progress add shadow=~4 sudo=~1 && \
+  useradd -u $LOCAL_USER_ID --shell /bin/sh -m alice && \
+  usermod -g alice tor
+
+COPY entrypoint.sh /root/entrypoint.sh
+
+ENTRYPOINT [ "/root/entrypoint.sh" ]
--- a/tor/data/.gitkeep
+++ b/tor/data/.gitkeep
--- a/tor/entrypoint.sh
+++ b/tor/entrypoint.sh
@ -0,0 +1,13 @@
+#!/bin/sh
+set -e
+
+# Change local user id and group
+usermod -u 1000 alice
+groupmod -g 1000 alice
+
+# Set correct owners on volumes
+chown -R tor:alice /var/lib/tor
+chown -R :alice /etc/tor
+chown -R alice:alice /home/alice
+
+exec sudo -u tor /usr/bin/tor
--- a/tor/torrc
+++ b/tor/torrc
@ -0,0 +1,17 @@
+Log notice file /var/log/tor/notices.log
+
+## The directory for keeping all the keys/etc. By default, we store
+## things in $HOME/.tor on Unix, and in Application Data\tor on Windows.
+DataDirectory /var/lib/tor
+DataDirectoryGroupReadable 1
+
+## Enable ControlPort
+ControlPort 9051
+CookieAuthentication 1
+CookieAuthFileGroupReadable 1
+CookieAuthFile /var/lib/tor/control_auth_cookie
+
+# Robosats LND Testnet Onion Service
+HiddenServiceDir /var/lib/tor/robosats/
+HiddenServiceVersion 3
+HiddenServicePort 80 127.0.0.1:8080