mirror of
https://github.com/r3bo0tbx1/tor-guard-relay.git
synced 2026-04-06 00:32:04 +02:00
be4f2bc125
🔧 New tool: gen-family - generate/view Happy Family keys - Supports --force flag to overwrite existing keys without backup prompt 🐳 Dockerfiles: gen-family in both Dockerfile and Dockerfile.edge 🔧 Entrypoint: - Phase 2: detect *.secret_family_key, log found keys (informational only) - Guard/exit config gen: append FamilyId + MyFamily from ENV vars - Bridge intentionally excluded 📊 Status tool: show family key count + Happy Family config state 📚 Docs: - README: Happy Family section (generate / import), persistence table, flowchart - ARCHITECTURE: all mermaid diagrams updated (Phase 2, config gen, tools, dirs) - TOOLS: full gen-family reference with examples and exit codes - DEPLOYMENT, MIGRATION, MIGRATION-V1.1.X, TROUBLESHOOTING: 5 -> 6 tools - FAQ, example configs: version bump + FamilyId/MyFamily placeholders - Directory authority voting: how 9 dirauths vote on relay flags (5/9 consensus) - CIISS v2 ContactInfo: field reference, generator link, proof:uri-rsa verification - All TOR_CONTACT_INFO examples updated to CIISS v2 format across templates and docs 📋 Templates: - Guard/exit/multi-relay compose: TOR_FAMILY_ID + TOR_MY_FAMILY env vars - All cosmos-compose + docker-compose versions -> 1.1.7 👷 CI: validate.yml gen-family in 8 spots (threshold 6), security tests, quick-test 🛡️ SECURITY.md: 1.1.7 active, 1.1.6 maintenance, gen-family in tools list 🔖 Version bump 1.1.6 -> 1.1.7 across 30+ files, tool count 5 -> 6, CHANGELOG entry No breaking changes. TOR_FAMILY_ID and TOR_MY_FAMILY are optional.
51 lines
2.4 KiB
YAML
51 lines
2.4 KiB
YAML
version: '3.8'
|
|
|
|
services:
|
|
tor-exit-relay:
|
|
image: r3bo0tbx1/onion-relay:latest
|
|
container_name: tor-exit-relay
|
|
restart: unless-stopped
|
|
network_mode: host
|
|
environment:
|
|
TOR_RELAY_MODE: exit
|
|
TOR_NICKNAME: MyExitRelay
|
|
TOR_CONTACT_INFO: "email:your-email[]example.com url:https://example.com proof:uri-rsa ciissversion:2"
|
|
TOR_ORPORT: 9001
|
|
TOR_DIRPORT: 0
|
|
TOR_BANDWIDTH_RATE: "50 MBytes"
|
|
TOR_BANDWIDTH_BURST: "100 MBytes"
|
|
# Happy Family (Tor 0.4.9+) - generate with: docker exec tor-exit-relay gen-family MyRelays
|
|
# TOR_FAMILY_ID: "YOUR_FAMILY_ID_HERE"
|
|
# MyFamily (legacy, comma-separated fingerprints - keep during transition)
|
|
# TOR_MY_FAMILY: "FINGERPRINT1,FINGERPRINT2"
|
|
TOR_EXIT_POLICY: "accept *:20-23,accept *:43,accept *:53,accept *:79-81,accept *:88,accept *:110,accept *:143,accept *:194,accept *:220,accept *:389,accept *:443,accept *:464,accept *:465,accept *:531,accept *:543-544,accept *:554,accept *:563,accept *:636,accept *:706,accept *:749,accept *:873,accept *:902-904,accept *:981,accept *:989-995,accept *:1194,accept *:1220,accept *:1293,accept *:1500,accept *:1533,accept *:1677,accept *:1723,accept *:1755,accept *:1863,accept *:2082,accept *:2083,accept *:2086-2087,accept *:2095-2096,accept *:2102-2104,accept *:3128,accept *:3389,accept *:3690,accept *:4321,accept *:4643,accept *:5050,accept *:5190,accept *:5222-5223,accept *:5228,accept *:5900,accept *:6660-6669,accept *:6679,accept *:6697,accept *:8000,accept *:8008,accept *:8074,accept *:8080,accept *:8082,accept *:8087-8088,accept *:8232-8233,accept *:8332-8333,accept *:8443,accept *:8888,accept *:9418,accept *:9999,accept *:10000,accept *:11371,accept *:19294,accept *:19638,accept *:50002,accept *:64738,reject *:*"
|
|
volumes:
|
|
- tor-exit-data:/var/lib/tor
|
|
- tor-exit-logs:/var/log/tor
|
|
security_opt:
|
|
- no-new-privileges:true
|
|
cap_add:
|
|
- NET_BIND_SERVICE
|
|
- CHOWN
|
|
- SETUID
|
|
- SETGID
|
|
- DAC_OVERRIDE
|
|
cap_drop:
|
|
- ALL
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "/usr/local/bin/healthcheck.sh"]
|
|
interval: 10m
|
|
timeout: 15s
|
|
start_period: 30s
|
|
retries: 3
|
|
labels:
|
|
com.centurylinklabs.watchtower.enable: "true"
|
|
description: "Tor Exit Relay"
|
|
version: "1.1.7"
|
|
maintainer: "rE-Bo0t.bx1 <r3bo0tbx1@brokenbotnet.com>"
|
|
|
|
volumes:
|
|
tor-exit-data:
|
|
driver: local
|
|
tor-exit-logs:
|
|
driver: local |