From a956ac3a5de552fbd4943f49bad7fcc013fd2cd5 Mon Sep 17 00:00:00 2001 From: Andrey Arapov Date: Mon, 4 Sep 2017 21:03:06 +0200 Subject: [PATCH] multiple updates --- Dockerfile | 6 +++--- README.md | 18 +++--------------- docker-compose.yml | 8 ++++++-- launch | 2 +- 4 files changed, 13 insertions(+), 21 deletions(-) diff --git a/Dockerfile b/Dockerfile index bc34820..57b9b01 100644 --- a/Dockerfile +++ b/Dockerfile @@ -28,10 +28,10 @@ ENV GROUPS video,audio ENV HOME /home/$USER RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin -G $GROUPS $USER -ENV TORVER 6.5a6-hardened +ENV TORVER 7.0.5 ENV TORKEY "EF6E286DDA85EA2A4BA7DE684E2C6E8793298290" -ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_ALL.tar.xz /tmp/tor.tar.xz -ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_ALL.tar.xz.asc /tmp/tor.tar.xz.asc +ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_en-US.tar.xz /tmp/tor.tar.xz +ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_en-US.tar.xz.asc /tmp/tor.tar.xz.asc RUN cd /tmp && \ gpg --keyserver ha.pool.sks-keyservers.net --recv-keys $TORKEY && \ diff --git a/README.md b/README.md index 7c073cf..d351d83 100644 --- a/README.md +++ b/README.md @@ -2,8 +2,6 @@ ## Launching Tor -### with Docker Compose - ``` docker-compose run --rm tor ``` @@ -14,19 +12,9 @@ You can use the following shortcut function and place it to your `~/.bash_aliase alias docker="sudo -E docker" alias docker-compose="sudo -E docker-compose" -function docker_helper() { { pushd ~/docker/$1; docker-compose rm -fa "$1"; docker-compose run -d --name "$1" "$@"; popd; } } +function docker_helper() { { pushd ~/git/$1; docker-compose rm -fa "$1"; docker-compose run -d --name "$1" "$@"; popd; } } function tor() { { docker_helper $FUNCNAME $@; } } -``` -### with Docker - -``` -docker run --rm -ti \ - --read-only=true \ - -v /tmp/.X11-unix:/tmp/.X11-unix:ro \ - -v $XDG_RUNTIME_DIR/pulse:/run/user/1000/pulse:ro \ - -v $HOME/Downloads:/home/user/tor-browser_en-US/Browser/Downloads \ - -e DISPLAY=unix$DISPLAY \ - -e PULSE_SERVER=unix:$XDG_RUNTIME_DIR/pulse/native \ - andrey01/tor +# OR +alias tor='docker-compose -f ~/git/tor/docker-compose.yml up -d' ``` diff --git a/docker-compose.yml b/docker-compose.yml index 1323c37..09b2370 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,8 +2,7 @@ version: '2' services: tor: - # docker build -t andrey01/tor . - image: andrey01/tor + image: andrey01/tor:7.0.5 network_mode: bridge volumes: - /tmp/.X11-unix:/tmp/.X11-unix:ro @@ -12,3 +11,8 @@ services: environment: - DISPLAY=unix$DISPLAY - PULSE_SERVER=unix:$XDG_RUNTIME_DIR/pulse/native + cap_add: + - IPC_LOCK # lock memory to prevent sensitive values from being swapped to disk. + # Turns off anonymous page swapping + mem_swappiness: 0 + shm_size: 4G diff --git a/launch b/launch index 0251d53..2e0aced 100644 --- a/launch +++ b/launch @@ -16,4 +16,4 @@ if [ -r /proc/sys/kernel/grsecurity/tpe_gid ]; then $HOME/tor-browser/Browser/TorBrowser/Tor/tor fi -su -s /bin/sh -p $USER -c "cd ./tor-browser/Browser && ./start-tor-browser" +su -s /bin/sh -p $USER -c "cd ./tor-browser_en-US/Browser && ./start-tor-browser"