Tor 0.4.8.10

btcpayserver · Dec 13, 2023 · a15deda · a15deda
1 parent 6340c05
commit a15deda
Show file tree

Hide file tree

Showing 4 changed files with 341 additions and 0 deletions.
diff --git a/Tor/0.4.8.10/docker-entrypoint.sh b/Tor/0.4.8.10/docker-entrypoint.sh
@@ -0,0 +1,34 @@
+#!/bin/sh
+set -e
+
+mkdir -p "$(dirname $TOR_CONFIG)"
+
+mkdir -p "$TOR_DATA"
+chown -R tor "$TOR_DATA"
+chmod 700 "$TOR_DATA"
+
+mkdir -p "/var/lib/tor/hidden_services"
+chown -R tor /var/lib/tor/hidden_services
+chmod 700 /var/lib/tor/hidden_services
+
+cat <<-EOF > "$TOR_CONFIG"
+ControlPort 0.0.0.0:9051
+SOCKSPort 0.0.0.0:9050
+${TOR_EXTRA_ARGS}
+EOF
+
+if ! [ -z "${TOR_ADDITIONAL_CONFIG}" ]; then
+    echo "%include $TOR_ADDITIONAL_CONFIG" >> "$TOR_CONFIG"
+    echo "" >> "$TOR_ADDITIONAL_CONFIG"
+    echo "Added '%include $TOR_ADDITIONAL_CONFIG' to tor config"
+fi
+
+chown -R tor "$(dirname $TOR_CONFIG)"
+
+if ! [ -z "${TOR_PASSWORD}" ]; then
+    TOR_PASSWORD_HASH="$(gosu tor tor --hash-password "$TOR_PASSWORD")"
+    echo "HashedControlPassword $TOR_PASSWORD_HASH" >> "$TOR_CONFIG"
+    echo "'HashedControlPassword $TOR_PASSWORD_HASH' added to tor config"
+fi
+
+exec gosu tor "$@"
diff --git a/Tor/0.4.8.10/linuxamd64.Dockerfile b/Tor/0.4.8.10/linuxamd64.Dockerfile
@@ -0,0 +1,91 @@
+# Thanks to https://hub.docker.com/r/chriswayg/tor-alpine/dockerfile (Christian [email protected])
+# Dockerfile for Tor Relay Server with obfs4proxy (Multi-Stage build)
+
+FROM debian:bookworm-slim AS tor-build
+ENV TOR_VERSION=0.4.8.10
+ENV TOR_HASH=e628b4fab70edb4727715b23cf2931375a9f7685ac08f2c59ea498a178463a86
+
+RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates perl autoconf automake build-essential git libtool python3 wget gnupg dirmngr git pkg-config
+
+ENV QEMU_LD_PREFIX=/usr/libs
+
+RUN wget -q https://github.com/madler/zlib/releases/download/v1.3/zlib-1.3.tar.gz \
+&& TAR_NAME=zlib-1.3.tar.gz \
+&& FOLDER_NAME=zlib-1.3 \
+&& echo "ff0ba4c292013dbc27530b3a81e1f9a813cd39de01ca5e0f8bf355702efa593e $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./configure \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+RUN wget -q https://github.com/openssl/openssl/releases/download/openssl-3.0.12/openssl-3.0.12.tar.gz \
+&& mkdir /usr/openssl \
+&& TAR_NAME=openssl-3.0.12.tar.gz \
+&& FOLDER_NAME=openssl-3.0.12 \
+&& echo "f93c9e8edde5e9166119de31755fc87b4aa34863662f67ddfcba14d0b6b69b61 $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./Configure no-dso no-zlib no-asm \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+RUN wget -q https://github.com/libevent/libevent/releases/download/release-2.1.12-stable/libevent-2.1.12-stable.tar.gz \
+&& TAR_NAME=libevent-2.1.12-stable.tar.gz \
+&& FOLDER_NAME=libevent-2.1.12-stable \
+&& echo "92e6de1be9ec176428fd2367677e61ceffc2ee1cb119035037a27d346b0403bb $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./autogen.sh \
+&& ./configure --disable-shared --with-pic --disable-samples --disable-libevent-regress \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+# Install Tor from source, incl. GeoIP files (get latest release version number from Tor ReleaseNotes)
+RUN TOR_TARBALL_NAME="tor-${TOR_VERSION}.tar.gz" \
+      && TOR_TARBALL_LINK="https://dist.torproject.org/${TOR_TARBALL_NAME}" \
+      && wget -q $TOR_TARBALL_LINK \
+      && echo "${TOR_HASH}  ${TOR_TARBALL_NAME}" | sha256sum -c - \
+      && tar xf $TOR_TARBALL_NAME \
+      && cd tor-$TOR_VERSION \
+      && ./configure \
+      --disable-zstd --disable-lzma \
+      --disable-systemd --disable-seccomp --disable-unittests --disable-tool-name-check \
+      && make install \
+      && ls -R /usr/local/ \
+      && strip /usr/local/bin/tor-* && strip /usr/local/bin/tor
+      # Main files created (plus docs):
+        # /usr/local/bin/tor
+        # /usr/local/bin/tor-gencert
+        # /usr/local/bin/tor-resolve
+        # /usr/local/bin/torify
+        # /usr/local/share/tor/geoip
+        # /usr/local/share/tor/geoip6
+        # /usr/local/etc/tor/torrc.sample
+
+WORKDIR /tmp/bin
+RUN wget -qO gosu "https://github.com/tianon/gosu/releases/download/1.13/gosu-amd64" \
+	&& echo "6f333f520d31e212634c0777213a5d4f8f26bba1ab4b0edbbdf3c8bff8896ecf  gosu" | sha256sum -c -
+
+FROM debian:bookworm-slim
+
+ENV TOR_VERSION=0.4.8.10
+
+# Copy Tor
+COPY --from=tor-build "/tmp/bin" /usr/local/bin
+COPY --from=tor-build /usr/local/ /usr/local/
+
+ENV TOR_DATA /home/tor/.tor
+
+RUN chmod +x /usr/local/bin/gosu && groupadd -r tor && useradd -r -m -g tor tor && mkdir -p ${TOR_DATA} && chown -R tor:tor "$TOR_DATA" \
+  && cp -r /usr/local/lib64/* /usr/local/lib/ && ldconfig
+
+VOLUME /home/tor/.tor
+COPY docker-entrypoint.sh /entrypoint.sh
+
+# SOCKS5, TOR control
+EXPOSE 9050 9051
+ENV TOR_CONFIG=/usr/local/etc/tor/torrc
+
+ENTRYPOINT ["./entrypoint.sh"]
+CMD ["tor"]
diff --git a/Tor/0.4.8.10/linuxarm32v7.Dockerfile b/Tor/0.4.8.10/linuxarm32v7.Dockerfile
@@ -0,0 +1,110 @@
+FROM debian:bookworm-slim as download
+
+RUN set -ex \
+	&& apt-get update \
+	&& apt-get install -qq --no-install-recommends ca-certificates dirmngr wget \
+     qemu-user-static binfmt-support
+
+WORKDIR /tmp/bin
+RUN wget -qO gosu "https://github.com/tianon/gosu/releases/download/1.13/gosu-armhf" \
+	  && echo "33e421b84b3f746e7353ac2e7c9f199c5beef5a3b2b7a013b591a9af25d84919 gosu" | sha256sum -c -
+
+FROM debian:bookworm-slim as tor-build
+
+ENV TOR_VERSION=0.4.8.10
+ENV TOR_HASH=e628b4fab70edb4727715b23cf2931375a9f7685ac08f2c59ea498a178463a86
+
+RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates perl autoconf automake build-essential git libtool python3 wget gnupg dirmngr git pkg-config \
+  libc6-armhf-cross gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf
+
+ENV target_host=arm-linux-gnueabihf
+
+ENV AR=${target_host}-ar \
+AS=${target_host}-as \
+CC=${target_host}-gcc \
+CXX=${target_host}-g++ \
+LD=${target_host}-ld \
+STRIP=${target_host}-strip \
+QEMU_LD_PREFIX=/usr/${target_host} \
+HOST=${target_host}
+
+# See dependency versions on https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/main/projects
+
+RUN wget -q https://github.com/madler/zlib/releases/download/v1.3/zlib-1.3.tar.gz \
+&& TAR_NAME=zlib-1.3.tar.gz \
+&& FOLDER_NAME=zlib-1.3 \
+&& echo "ff0ba4c292013dbc27530b3a81e1f9a813cd39de01ca5e0f8bf355702efa593e $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./configure --prefix=$QEMU_LD_PREFIX \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+RUN wget -q https://github.com/openssl/openssl/releases/download/openssl-3.0.12/openssl-3.0.12.tar.gz \
+&& TAR_NAME=openssl-3.0.12.tar.gz \
+&& FOLDER_NAME=openssl-3.0.12 \
+&& echo "f93c9e8edde5e9166119de31755fc87b4aa34863662f67ddfcba14d0b6b69b61 $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./Configure --prefix=$QEMU_LD_PREFIX linux-armv4 -march=armv7+fp no-dso no-zlib no-asm \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+RUN wget -q https://github.com/libevent/libevent/releases/download/release-2.1.12-stable/libevent-2.1.12-stable.tar.gz \
+&& TAR_NAME=libevent-2.1.12-stable.tar.gz \
+&& FOLDER_NAME=libevent-2.1.12-stable \
+&& echo "92e6de1be9ec176428fd2367677e61ceffc2ee1cb119035037a27d346b0403bb $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./autogen.sh \
+&& ./configure --prefix=$QEMU_LD_PREFIX --host=${target_host} --with-pic --disable-samples --disable-libevent-regress \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+# https://trac.torproject.org/projects/tor/ticket/27802
+RUN wget -q https://dist.torproject.org/tor-${TOR_VERSION}.tar.gz \
+&& TAR_NAME=tor-${TOR_VERSION}.tar.gz \
+&& FOLDER_NAME=tor-${TOR_VERSION} \
+&& echo "${TOR_HASH} $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./configure --prefix=$QEMU_LD_PREFIX --host=${target_host} --disable-gcc-hardening --disable-asciidoc \
+    --disable-zstd --disable-lzma \
+    --with-libevent-dir="$QEMU_LD_PREFIX" \
+    --with-openssl-dir="$QEMU_LD_PREFIX" \
+    --with-zlib-dir="$QEMU_LD_PREFIX" \
+    --disable-systemd --disable-seccomp --disable-unittests --disable-tool-name-check \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME \
+&& ${STRIP} /usr/arm-linux-gnueabihf/bin/tor-* && ${STRIP} /usr/arm-linux-gnueabihf/bin/tor
+
+FROM arm32v7/debian:bookworm-slim
+ENV target_host=arm-linux-gnueabihf
+ENV QEMU_LD_PREFIX=/usr/${target_host}
+
+COPY --from=download /usr/bin/qemu-arm-static /usr/bin/qemu-arm-static
+COPY --from=download "/tmp/bin" /usr/local/bin
+COPY --from=tor-build ${QEMU_LD_PREFIX}/bin/tor* /usr/bin/
+COPY --from=tor-build ${QEMU_LD_PREFIX} /usr/local/
+COPY --from=tor-build ${QEMU_LD_PREFIX}/share/tor/ ${QEMU_LD_PREFIX}/share/tor/
+
+ENV TOR_DATA /home/tor/.tor
+RUN chmod +x /usr/local/bin/gosu && groupadd -r tor && useradd -r -m -g tor tor && \
+    mkdir -p ${TOR_DATA} && chown -R tor:tor "$TOR_DATA" && \
+    rm -rf /lib/arm-linux-gnueabihf/libz* && ldconfig
+
+VOLUME /home/tor/.tor
+
+COPY docker-entrypoint.sh /entrypoint.sh
+
+# SOCKS5, TOR control
+EXPOSE 9050 9051
+ENV TOR_CONFIG=/usr/local/etc/tor/torrc
+
+RUN  rm -rf /usr/arm-linux-gnueabihf/etc/tor \
+   && mkdir -p /usr/arm-linux-gnueabihf/etc \
+   && mkdir -p /usr/local/etc/tor \
+   && ln -sfn /usr/local/etc/tor /usr/arm-linux-gnueabihf/etc/tor
+
+ENTRYPOINT ["./entrypoint.sh"]
+CMD ["tor"]
diff --git a/Tor/0.4.8.10/linuxarm64v8.Dockerfile b/Tor/0.4.8.10/linuxarm64v8.Dockerfile
@@ -0,0 +1,106 @@
+FROM debian:bookworm-slim as download
+
+RUN set -ex \
+	&& apt-get update \
+	&& apt-get install -qq --no-install-recommends ca-certificates dirmngr wget \
+     qemu-user-static binfmt-support
+
+WORKDIR /tmp/bin
+RUN wget -qO gosu "https://github.com/tianon/gosu/releases/download/1.13/gosu-arm64" \
+	  && echo "578b2c70936cae372f6826585f82e76de5858342dd179605a8cb58d58828a079 gosu" | sha256sum -c -
+
+FROM debian:bookworm-slim as tor-build
+
+ENV TOR_VERSION=0.4.8.10
+ENV TOR_HASH=e628b4fab70edb4727715b23cf2931375a9f7685ac08f2c59ea498a178463a86
+
+RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates perl autoconf automake build-essential git libtool python3 wget gnupg dirmngr git pkg-config \
+  libc6-arm64-cross gcc-aarch64-linux-gnu g++-aarch64-linux-gnu
+
+ENV target_host=aarch64-linux-gnu
+
+ENV AR=${target_host}-ar \
+AS=${target_host}-as \
+CC=${target_host}-gcc \
+CXX=${target_host}-g++ \
+LD=${target_host}-ld \
+STRIP=${target_host}-strip \
+QEMU_LD_PREFIX=/usr/${target_host} \
+HOST=${target_host}
+
+# See dependency versions on https://gitlab.torproject.org/tpo/applications/tor-browser-build/-/blob/main/projects
+RUN wget -q https://github.com/madler/zlib/releases/download/v1.3/zlib-1.3.tar.gz \
+&& TAR_NAME=zlib-1.3.tar.gz \
+&& FOLDER_NAME=zlib-1.3 \
+&& echo "ff0ba4c292013dbc27530b3a81e1f9a813cd39de01ca5e0f8bf355702efa593e $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./configure --prefix=$QEMU_LD_PREFIX \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+RUN wget -q https://github.com/openssl/openssl/releases/download/openssl-3.0.12/openssl-3.0.12.tar.gz \
+&& TAR_NAME=openssl-3.0.12.tar.gz \
+&& FOLDER_NAME=openssl-3.0.12 \
+&& echo "f93c9e8edde5e9166119de31755fc87b4aa34863662f67ddfcba14d0b6b69b61 $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./Configure --prefix=$QEMU_LD_PREFIX linux-aarch64 no-shared no-dso no-zlib no-asm \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+RUN wget -q https://github.com/libevent/libevent/releases/download/release-2.1.12-stable/libevent-2.1.12-stable.tar.gz \
+&& TAR_NAME=libevent-2.1.12-stable.tar.gz \
+&& FOLDER_NAME=libevent-2.1.12-stable \
+&& echo "92e6de1be9ec176428fd2367677e61ceffc2ee1cb119035037a27d346b0403bb $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& ./autogen.sh \
+&& ./configure --prefix=$QEMU_LD_PREFIX --host=${target_host} --disable-shared --enable-static --with-pic --disable-samples --disable-libevent-regress \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME
+
+# https://trac.torproject.org/projects/tor/ticket/27802
+RUN wget -q https://dist.torproject.org/tor-${TOR_VERSION}.tar.gz \
+&& TAR_NAME=tor-${TOR_VERSION}.tar.gz \
+&& FOLDER_NAME=tor-${TOR_VERSION} \
+&& echo "${TOR_HASH} $TAR_NAME" | sha256sum -c - \
+&& tar xvf $TAR_NAME \
+&& cd $FOLDER_NAME \
+&& LIBS="-lssl -lcrypto -lpthread -ldl" ./configure --prefix=$QEMU_LD_PREFIX --host=${target_host} --disable-gcc-hardening --disable-asciidoc \
+    --enable-static-tor \
+    --enable-static-libevent --with-libevent-dir=$QEMU_LD_PREFIX \
+    --enable-static-openssl --with-openssl-dir=$QEMU_LD_PREFIX \
+    --enable-static-zlib --with-zlib-dir=$QEMU_LD_PREFIX \
+    --disable-zstd --disable-lzma \
+    --disable-systemd --disable-seccomp --disable-unittests --disable-tool-name-check \
+&& make \
+&& make install && cd .. && rm $TAR_NAME && rm -rf $FOLDER_NAME \
+&& ${STRIP} /usr/aarch64-linux-gnu/bin/tor-* && ${STRIP} /usr/aarch64-linux-gnu/bin/tor
+
+FROM arm64v8/debian:bookworm-slim
+ENV target_host=aarch64-linux-gnu
+ENV QEMU_LD_PREFIX=/usr/${target_host}
+COPY --from=download /usr/bin/qemu-aarch64-static /usr/bin/qemu-aarch64-static
+COPY --from=download "/tmp/bin" /usr/local/bin
+COPY --from=tor-build /usr/aarch64-linux-gnu/bin/tor* /usr/bin/
+COPY --from=tor-build ${QEMU_LD_PREFIX}/share/tor/ ${QEMU_LD_PREFIX}/share/tor/
+
+ENV TOR_DATA /home/tor/.tor
+RUN chmod +x /usr/local/bin/gosu && groupadd -r tor && useradd -r -m -g tor tor && mkdir -p ${TOR_DATA} && chown -R tor:tor "$TOR_DATA"
+
+VOLUME /home/tor/.tor
+
+COPY docker-entrypoint.sh /entrypoint.sh
+
+# SOCKS5, TOR control
+EXPOSE 9050 9051
+ENV TOR_CONFIG=/usr/local/etc/tor/torrc
+
+RUN rm -rf /usr/aarch64-linux-gnu/etc/tor \
+   && mkdir -p /usr/aarch64-linux-gnu/etc \
+   && mkdir -p /usr/local/etc/tor \
+   && ln -sfn /usr/local/etc/tor /usr/aarch64-linux-gnu/etc/tor
+
+ENTRYPOINT ["./entrypoint.sh"]
+CMD ["tor"]