first commit

Dockerfile

@@ -0,0 +1,49 @@
+FROM ubuntu:xenial
+MAINTAINER Andrey Arapov <andrey.arapov@nixaid.com>
+
+# To avoid problems with Dialog and curses wizards
+ENV DEBIAN_FRONTEND noninteractive
+
+# Keep the image updated and install the dependencies
+RUN apt-get update && \
+    apt-get -y upgrade && \
+    apt-get -y dist-upgrade && \
+    apt-get -fy install && \
+    apt-get -y install xz-utils libfreetype6 libfontconfig1 libxrender1 \
+                       libdbus-glib-1-2 libgtk2.0-0 libxt6 \
+                       libgl1-mesa-glx pulseaudio && \
+    rm -rf /var/lib/apt/lists
+
+# bzip2 libgtk-3-0 libasound2 libpango1.0-0 libv4l-0 libgl1-mesa-glx x264
+
+# Workaround: pulseaudio client library likes to remove /dev/shm/pulse-shm-*
+#             files created by the host, causing sound to stop working.
+#             To fix this, we either want to disable the shm or mount /dev/shm
+#             in read-only mode when starting the container.
+RUN echo "enable-shm = no" >> /etc/pulse/client.conf
+
+
+ENV USER user
+ENV UID 1000
+ENV GROUPS video,audio
+ENV HOME /home/$USER
+RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin -G $GROUPS $USER
+
+ENV TORVER 5.5.5
+ENV TORKEY "EF6E286DDA85EA2A4BA7DE684E2C6E8793298290"
+ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_en-US.tar.xz /tmp/tor.tar.xz
+ADD https://www.torproject.org/dist/torbrowser/${TORVER}/tor-browser-linux64-${TORVER}_en-US.tar.xz.asc /tmp/tor.tar.xz.asc
+
+RUN cd /tmp && \
+    gpg --keyserver ha.pool.sks-keyservers.net --recv-keys $TORKEY && \
+    gpg --verify tor.tar.xz.asc && \
+    tar xf tor.tar.xz -C $HOME && \
+    rm -f tor.tar.xz && \
+    chown -Rh $USER:$USER $HOME
+
+USER $USER
+WORKDIR $HOME
+
+VOLUME [ "/tmp", "$HOME/tor-browser_en-US" ]
+
+ENTRYPOINT [ "./tor-browser_en-US/Browser/start-tor-browser" ]

README.md

@@ -0,0 +1,22 @@
+# Tor Bundle in Docker
+
+## Launching Tor
+
+### with Docker Compose
+
+```
+docker-compose run --rm tor
+```
+
+### with Docker
+
+```
+docker run --rm -ti \
+           --read-only=true \
+           -v /tmp/.X11-unix:/tmp/.X11-unix:ro \
+           -v $XDG_RUNTIME_DIR/pulse:/run/user/1000/pulse:ro \
+           -v $HOME/Downloads:/home/user/tor-browser_en-US/Browser/Downloads \
+           -e DISPLAY=unix$DISPLAY \
+           -e PULSE_SERVER=unix:$XDG_RUNTIME_DIR/pulse/native \
+           andrey01/tor
+```

docker-compose.yml

@@ -0,0 +1,15 @@
+version: '2'
+
+services:
+  tor:
+    # docker build -t andrey01/tor .
+    image: andrey01/tor
+    read_only: true
+    network_mode: bridge
+    volumes:
+      - /tmp/.X11-unix:/tmp/.X11-unix:ro
+      - $XDG_RUNTIME_DIR/pulse:/run/user/1000/pulse:ro
+      - $HOME/Downloads:/home/user/tor-browser_en-US/Browser/Downloads
+    environment:
+      - DISPLAY=unix$DISPLAY
+      - PULSE_SERVER=unix:$XDG_RUNTIME_DIR/pulse/native