multiple updates

7 years ago · a956ac3a5d
parent ff0fc3f356
commit a956ac3a5d
4 changed files with 13 additions and 21 deletions
--- a/6
+++ b/6
@ -28,10 +28,10 @@ ENV GROUPS video,audio
 ENV HOME /home/$USER
 RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin -G $GROUPS $USER

-ENV TORVER 6.5a6-hardened
+ENV TORVER 7.0.5
 ENV TORKEY "EF6E286DDA85EA2A4BA7DE684E2C6E8793298290"
-ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_ALL.tar.xz /tmp/tor.tar.xz
-ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_ALL.tar.xz.asc /tmp/tor.tar.xz.asc
+ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_en-US.tar.xz /tmp/tor.tar.xz
+ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_en-US.tar.xz.asc /tmp/tor.tar.xz.asc

 RUN cd /tmp && \
    gpg --keyserver ha.pool.sks-keyservers.net --recv-keys $TORKEY && \
--- a/README.md
+++ b/README.md
@ -2,8 +2,6 @@

 ## Launching Tor

-### with Docker Compose
-
 ```
 docker-compose run --rm tor
 ```
@ -14,19 +12,9 @@ You can use the following shortcut function and place it to your `~/.bash_aliase
 alias docker="sudo -E docker"
 alias docker-compose="sudo -E docker-compose"

-function docker_helper() { { pushd ~/docker/$1; docker-compose rm -fa "$1"; docker-compose run -d --name "$1" "$@"; popd; } }
+function docker_helper() { { pushd ~/git/$1; docker-compose rm -fa "$1"; docker-compose run -d --name "$1" "$@"; popd; } }
 function tor() { { docker_helper $FUNCNAME $@; } }
-```

-### with Docker
-
-```
-docker run --rm -ti \
-           --read-only=true \
-           -v /tmp/.X11-unix:/tmp/.X11-unix:ro \
-           -v $XDG_RUNTIME_DIR/pulse:/run/user/1000/pulse:ro \
-           -v $HOME/Downloads:/home/user/tor-browser_en-US/Browser/Downloads \
-           -e DISPLAY=unix$DISPLAY \
-           -e PULSE_SERVER=unix:$XDG_RUNTIME_DIR/pulse/native \
-           andrey01/tor
+# OR
+alias tor='docker-compose -f ~/git/tor/docker-compose.yml up -d'
 ```
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -2,8 +2,7 @@ version: '2'

 services:
  tor:
-    # docker build -t andrey01/tor .
-    image: andrey01/tor
+    image: andrey01/tor:7.0.5
    network_mode: bridge
    volumes:
      - /tmp/.X11-unix:/tmp/.X11-unix:ro
@ -12,3 +11,8 @@ services:
    environment:
      - DISPLAY=unix$DISPLAY
      - PULSE_SERVER=unix:$XDG_RUNTIME_DIR/pulse/native
+    cap_add:
+      - IPC_LOCK # lock memory to prevent sensitive values from being swapped to disk.
+    # Turns off anonymous page swapping
+    mem_swappiness: 0
+    shm_size: 4G
--- a/2
+++ b/2
@ -16,4 +16,4 @@ if [ -r /proc/sys/kernel/grsecurity/tpe_gid ]; then
        $HOME/tor-browser/Browser/TorBrowser/Tor/tor
 fi

-su -s /bin/sh -p $USER -c "cd ./tor-browser/Browser && ./start-tor-browser"
+su -s /bin/sh -p $USER -c "cd ./tor-browser_en-US/Browser && ./start-tor-browser"