/docker-tor-simple

Simplest minimal container for Tor anonymity software based on Alpine

Primary LanguageDockerfileMIT LicenseMIT

docker-tor-simple

build images latest version License: MIT

Smallest minimal docker container for Tor network proxy daemon.

Suitable for relay, exit node or hidden service modes with SOCKSv5 proxy enabled. It works well as a single self-contained container or in cooperation with other containers (like nginx) for organizing complex hidden services on the Tor network.

The image is based on great Alpine Linux distribution so it is has extremely low size (about 8 MB).

Service uses latest available version of Tor package from Edge repo.

Port

  • 9050 SOCKSv5 (without auth)

Volumes

  • /var/lib/tor data dir.

Getting started

Installation

Automated builds of the image are available on Docker Hub and is the recommended method of installation.

docker pull osminogin/tor-simple

Alternatively you can build the image yourself.

export PROJECT_NAME=tor-node   # docker image name
make build DOCKER_IMAGE=$PROJECT_NAME

Quickstart

export PROJECT_NAME=tor-local   # changing default name
make build DOCKER_IMAGE=$PROJECT_NAME
make run

# or with docker-compose ...
docker-compose up

# or altenativly run docker directly ...
docker run --publish 127.0.0.1:9050:9050 -i $PROJECT_NAME

After start Tor proxy available on localhost:9050

Warning! Don't bind SOCKSv5 port 9050 to public network addresses if you don't know exactly what you are doing (is much better bind to localhost as in the example above).

Advanced usage

You can copy original tor config from container, modify and mount them back inside. Changing the configuration file is required for running Tor as exit node, relay or bridge. For some operation modes you need to expose additional ports (9001, 9030, 9051).

# Copy config  from running container
docker cp tor:/etc/tor/torrc $HOME/torrc
# ... modify torrc and run again

# Start more complex example with updated config
docker run --rm --name tor \
  --publish 127.0.0.1:9050:9050 \
  --expose 9001 --publish 9001:9001 \ # ORPort
  --expose 9030 --publish 9030:9030 \
  --expose 9051 --publish 9051:9051 \
  --volume $HOME/torrc:/etc/tor/torrc:ro \
  osminogin/tor-simple

Unit file for systemd

tor.service

[Unit]
Description=Tor service
Wants=network-online.target
Requires=docker.service
After=docker.service network.target network-online.target

[Service]
TimeoutStartSec=0
Restart=always
RestartSec=10s
ExecStartPre=/usr/bin/docker pull osminogin/tor-simple
ExecStart=/usr/bin/docker run --rm --name tor -p 127.0.0.1:9050:9050 osminogin/tor-simple
ExecStop=/usr/bin/docker stop tor

[Install]
WantedBy=multi-user.target

Examples

Example webserver deployment config with microservice architecture to setup Tor hidden service.

docker-compose.yml

version: '3.7'
services:

  tor-node:
    image: osminogin/tor-simple
    restart: always
    depends_on:
      - nginx

  nginx:
    image: nginx
    restart: always

License

See LICENSE