mirror of
https://github.com/r3bo0tbx1/tor-guard-relay.git
synced 2026-04-06 00:32:04 +02:00
be4f2bc125
🔧 New tool: gen-family - generate/view Happy Family keys - Supports --force flag to overwrite existing keys without backup prompt 🐳 Dockerfiles: gen-family in both Dockerfile and Dockerfile.edge 🔧 Entrypoint: - Phase 2: detect *.secret_family_key, log found keys (informational only) - Guard/exit config gen: append FamilyId + MyFamily from ENV vars - Bridge intentionally excluded 📊 Status tool: show family key count + Happy Family config state 📚 Docs: - README: Happy Family section (generate / import), persistence table, flowchart - ARCHITECTURE: all mermaid diagrams updated (Phase 2, config gen, tools, dirs) - TOOLS: full gen-family reference with examples and exit codes - DEPLOYMENT, MIGRATION, MIGRATION-V1.1.X, TROUBLESHOOTING: 5 -> 6 tools - FAQ, example configs: version bump + FamilyId/MyFamily placeholders - Directory authority voting: how 9 dirauths vote on relay flags (5/9 consensus) - CIISS v2 ContactInfo: field reference, generator link, proof:uri-rsa verification - All TOR_CONTACT_INFO examples updated to CIISS v2 format across templates and docs 📋 Templates: - Guard/exit/multi-relay compose: TOR_FAMILY_ID + TOR_MY_FAMILY env vars - All cosmos-compose + docker-compose versions -> 1.1.7 👷 CI: validate.yml gen-family in 8 spots (threshold 6), security tests, quick-test 🛡️ SECURITY.md: 1.1.7 active, 1.1.6 maintenance, gen-family in tools list 🔖 Version bump 1.1.6 -> 1.1.7 across 30+ files, tool count 5 -> 6, CHANGELOG entry No breaking changes. TOR_FAMILY_ID and TOR_MY_FAMILY are optional.
69 lines
1.8 KiB
JSON
69 lines
1.8 KiB
JSON
{
|
|
"minVersion": "0.16.0",
|
|
"services": {
|
|
"tor-exit-relay": {
|
|
"image": "r3bo0tbx1/onion-relay:latest",
|
|
"container_name": "tor-exit-relay",
|
|
"restart": "unless-stopped",
|
|
"network_mode": "host",
|
|
"environment": [
|
|
"TOR_RELAY_MODE=exit",
|
|
"TOR_NICKNAME=MyExitRelay",
|
|
"TOR_CONTACT_INFO=email:admin[]example.com ciissversion:2",
|
|
"TOR_ORPORT=9001",
|
|
"TOR_DIRPORT=0",
|
|
"TOR_BANDWIDTH_RATE=50 MBytes",
|
|
"TOR_BANDWIDTH_BURST=100 MBytes",
|
|
"TOR_EXIT_POLICY=accept *:80,accept *:443,reject *:*"
|
|
],
|
|
"volumes": [
|
|
{
|
|
"type": "volume",
|
|
"source": "tor-exit-data",
|
|
"target": "/var/lib/tor"
|
|
},
|
|
{
|
|
"type": "volume",
|
|
"source": "tor-exit-logs",
|
|
"target": "/var/log/tor"
|
|
}
|
|
],
|
|
"security_opt": [
|
|
"no-new-privileges:true"
|
|
],
|
|
"cap_drop": [
|
|
"ALL"
|
|
],
|
|
"cap_add": [
|
|
"NET_BIND_SERVICE",
|
|
"CHOWN",
|
|
"SETUID",
|
|
"SETGID",
|
|
"DAC_OVERRIDE"
|
|
],
|
|
"healthcheck": {
|
|
"test": [
|
|
"CMD-SHELL",
|
|
"/usr/local/bin/healthcheck.sh"
|
|
],
|
|
"interval": "10m",
|
|
"timeout": "15s",
|
|
"start_period": "30s",
|
|
"retries": 3
|
|
},
|
|
"labels": {
|
|
"cosmos-stack": "TorExitRelay",
|
|
"cosmos-stack-main": "tor-exit-relay",
|
|
"cosmos-description": "⚠️ Tor Exit Relay | ENV-based config",
|
|
"cosmos-icon": "https://raw.githubusercontent.com/r3bo0tbx1/tor-guard-relay/refs/heads/main/src/exit.png",
|
|
"cosmos-auto-update": "true",
|
|
"cosmos-force-network-secured": "false",
|
|
"cosmos-version": "1.1.7"
|
|
}
|
|
}
|
|
},
|
|
"volumes": {
|
|
"tor-exit-data": {},
|
|
"tor-exit-logs": {}
|
|
}
|
|
} |