✨ feat: add gen-auth tool and refactor compose templates

Major refactor of Docker Compose configurations and tooling enhancements. - ✨ Add `gen-auth` script for generating Tor Control Port credentials - 🐳 Refactor Docker Compose templates: - Add native healthcheck configurations to all relay/bridge files - Standardize security capabilities (drop ALL, add SETUID/SETGID) - Remove verbose comments to streamline template usage - Update volume definitions for better data persistence - 🔧 Update base dependencies: - Alpine Linux -> 3.23.0 - Golang -> 1.25.5-alpine - 🧹 Standardize ENV variable names across all configurations
2026-04-06 00:32:04 +02:00 · 2025-12-05 04:37:19 +08:00
parent 1907745fff
commit a28ce0a4e6
30 changed files with 698 additions and 900 deletions
--- a/Dockerfile.edge
+++ b/Dockerfile.edge
@@ -1,7 +1,4 @@
 # syntax=docker/dockerfile:1.20
-# ============================================================================
-# Builder Stage: Compile Lyrebird with latest Go to fix CVEs
-# ============================================================================
 FROM golang:1.25.5-alpine AS builder

 RUN apk add --no-cache git
@@ -12,13 +9,6 @@ RUN git clone https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transp
 && go mod tidy \
 && CGO_ENABLED=0 go build -ldflags="-s -w" -o /usr/bin/lyrebird ./cmd/lyrebird

-# ============================================================================
-# Tor Guard Relay - EDGE variant (Alpine edge - bleeding edge)
-# Base: Alpine edge | Multi-arch: amd64, arm64
-# ⚠️ WARNING: Uses Alpine edge - faster updates, less stable
-# ⚠️ NOT RECOMMENDED for production relays - use for testing only
-# ============================================================================
-
 FROM alpine:edge

 ARG BUILD_DATE
@@ -41,7 +31,6 @@ LABEL maintainer="rE-Bo0t.bx1 <r3bo0tbx1@brokenbotnet.com>" \

 SHELL ["/bin/ash", "-eo", "pipefail", "-c"]

-# NOTE: 'lyrebird' removed from apk add list (we copy it from builder instead)
 RUN set -eux \
 && deluser klogd || true \
 && addgroup -g 101 -S tor \
@@ -67,6 +56,7 @@ COPY tools/status /usr/local/bin/status
 COPY tools/health /usr/local/bin/health
 COPY tools/fingerprint /usr/local/bin/fingerprint
 COPY tools/bridge-line /usr/local/bin/bridge-line
+COPY tools/auth-gen /usr/local/bin/auth-gen

 RUN set -eux \
 && chmod +x /usr/local/bin/docker-entrypoint.sh \
@@ -75,6 +65,7 @@ RUN set -eux \
              /usr/local/bin/health \
              /usr/local/bin/fingerprint \
              /usr/local/bin/bridge-line \
+              /usr/local/bin/auth-gen \              
 && echo "🧩 Registered diagnostic tools:" \
 && ls -lh /usr/local/bin/status /usr/local/bin/health /usr/local/bin/fingerprint /usr/local/bin/bridge-line