M docker-compose.yaml => docker-compose.yaml +0 -1
@@ 6,7 6,6 @@ services:
image: luuul/4get:latest
restart: unless-stopped
environment:
- - FOURGET_VERSION=6
- FOURGET_SERVER_NAME=4get.ca
ports:
M docker/gen_config.php => docker/gen_config.php +2 -2
@@ 66,10 66,10 @@ foreach(($merged_config) as $key => $val){
// Handle case when original type of field is array and there is a type mismatch when a comma separted string is passed,
// then split on comma if string (and not numeric, boolean, null, etc)
//
- // except in the case where the inital value in default config is null. Assuming null
+ // except in the case where the inital value in default config is null or boolean. Assuming null and boolean
// in default config will be never be assigned an array
- if(gettype($from_config[$key]) != gettype($val) && !is_numeric($val) && !is_null($from_config[$key])) {
+ if(gettype($from_config[$key]) != gettype($val) && !is_numeric($val) && !is_null($from_config[$key]) && gettype($from_config[$key]) != "boolean") {
$stored_value = explode(",", $val);
}
$output = $output . "\tconst " . $key . " = " . type_to_string($stored_value) . ";\n";
A docker/tor/Dockerfile => docker/tor/Dockerfile +18 -0
@@ 0,0 1,18 @@
+FROM alpine:edge
+
+RUN apk add --no-cache curl tor
+
+EXPOSE 9050
+
+HEALTHCHECK --interval=60s --timeout=15s --start-period=20s \
+ CMD curl -x socks5h://127.0.0.1:9050 'https://check.torproject.org/api/ip' | grep -qm1 -E '"IsTor"\s*:\s*true'
+
+
+# default owner is tor, but running as root to avoid docker volume mount issue
+RUN chown -R root:root /var/lib/tor
+
+VOLUME ["/var/lib/tor/4get"]
+
+COPY ./torrc /etc/tor/torrc
+
+ENTRYPOINT ["/usr/bin/tor"]
A docker/tor/torrc => docker/tor/torrc +1 -0
@@ 0,0 1,1 @@
+SocksPort 0.0.0.0:9050
M docs/docker.md => docs/docker.md +4 -4
@@ 72,7 72,6 @@ services:
image: luuul/4get:latest
restart: unless-stopped
environment:
- - FOURGET_VERSION=6
- FOURGET_PROTO=http
- FOURGET_SERVER_NAME=4get.ca
@@ 91,7 90,6 @@ services:
image: luuul/4get:latest
restart: unless-stopped
environment:
- - FOURGET_VERSION=6
- FOURGET_PROTO=https
- FOURGET_SERVER_NAME=4get.ca
@@ 117,7 115,6 @@ services:
image: luuul/4get:latest
restart: unless-stopped
environment:
- - FOURGET_VERSION=6
- FOURGET_PROTO=http
- FOURGET_SERVER_NAME=4get.ca
- FOURGET_BOT_PROTECTION=1
@@ 140,7 137,6 @@ services:
image: luuul/4get:latest
restart: unless-stopped
environment:
- - FOURGET_VERSION=6
- FOURGET_PROTO=http
- FOURGET_SERVER_NAME=4get.ca
@@ 150,3 146,7 @@ services:
volumes:
- ./banners:/var/www/html/4get/banner
```
+
+##### Tor
+
+You can route incoming and outgoing requests through tor by following [docker tor documentation](./docker_tor.md)
A docs/docker_tor.md => docs/docker_tor.md +174 -0
@@ 0,0 1,174 @@
+#### Overview
+
+This guide will walk you through using 4get in docker with tor running in
+another container. This guide covers how to make outgoing and incoming traffic
+go through tor.
+
+
+##### Starting tor
+
+This guide will use `luuul/tor` which is a simple image that installs and starts
+tor in an alpine container SocksPort set to 0.0.0.0:9050
+
+For additional configuration you can mount your own `torrc` file to `/etc/tor/torrc`
+Remember to set `SocksPort 0.0.0.0:9050` otherwise communication between containers won't work.
+
+You will see this warning `Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.`
+
+This setting is in the torrc of this `luuul/tor` image. If you mount your own torrc then that will be read instead.
+
+If you use `SocksPort 0.0.0.0:9050` anywhere make sure it is inaccessible to outside world.
+As long as you don't publish this port (-p or --publish) it shouldn't be accessible to outside world.
+
+
+Tor always starts a socks5 proxy on port 9050 by default.
+
+
+##### Route outgoing requests over tor
+
+create a folder named `proxies` and create a file in that folder named `onion.txt`
+this folder will be mounted to `/var/www/html/4get/data/proxies/`
+
+directory structure
+
+```
+proxies/
+ onion.txt
+```
+
+put the following content into `onion.txt`
+More information about this file available in [proxy documentation](./configure.md#Proxies).
+
+```
+# proxies/onion.txt
+# Note: "tor" is the service name of luuul/tor in docker-compose.yaml
+socks5:tor:9050::
+```
+
+create a file named `docker-compose.yaml` with the following content
+This docker compose file will run `luuul/tor` and `luuul/4get` and configure 4get to load `proxies/onion.txt` for outgoing requests.
+
+If you mount your own torrc make sure you include `SocksPort 0.0.0.0:9050`
+Read the warning in [starting tor](./docker_tor.md#Starting-tor)!
+
+```
+# docker-compose.yaml
+version: "3.7"
+
+services:
+ tor:
+ image: luuul/tor:latest
+ restart: unless-stopped
+ # Warning: Do not publish port 9050
+
+ fourget:
+ image: luuul/4get:latest
+ restart: unless-stopped
+ environment:
+ - FOURGET_PROTO=http
+ - FOURGET_SERVER_NAME=4get.ca
+ # loads proxies/onion.txt
+ - FOURGET_PROXY_DDG="onion"
+ - FOURGET_PROXY_BRAVE="onion"
+ - FOURGET_PROXY_FB="onion"
+ - FOURGET_PROXY_GOOGLE="onion"
+ - FOURGET_PROXY_QWANT="onion"
+ - FOURGET_PROXY_MARGINALIA="onion"
+ - FOURGET_PROXY_MOJEEK="onion"
+ - FOURGET_PROXY_SC="onion"
+ - FOURGET_PROXY_SPOTIFY="onion"
+ - FOURGET_PROXY_WIBY="onion"
+ - FOURGET_PROXY_CURLIE="onion"
+ - FOURGET_PROXY_YT="onion"
+ - FOURGET_PROXY_YEP="onion"
+ - FOURGET_PROXY_PINTEREST="onion"
+ - FOURGET_PROXY_SEZNAM="onion"
+ - FOURGET_PROXY_NAVER="onion"
+ - FOURGET_PROXY_GREPPR="onion"
+ - FOURGET_PROXY_CROWDVIEW="onion"
+ - FOURGET_PROXY_MWMBL="onion"
+ - FOURGET_PROXY_FTM="onion"
+ - FOURGET_PROXY_IMGUR="onion"
+ - FOURGET_PROXY_YANDEX_W="onion"
+ - FOURGET_PROXY_YANDEX_I="onion"
+ - FOURGET_PROXY_YANDEX_V="onion"
+
+ ports:
+ - "80:80"
+
+ depends_on:
+ - tor
+
+ volumes:
+ - ./proxies/:/var/www/html/4get/data/proxies/
+```
+
+You can now start both containers with `docker compose up -d`
+
+
+#### Route incoming requests over tor
+
+This will create a hidden service that will be accessible via an onion link.
+
+1. create a file named `torrc` with the following content
+
+```
+# torrc
+User root
+
+HiddenServiceDir /var/lib/tor/4get/
+HiddenServicePort 80 fourget:80
+
+```
+
+2. create a folder named "4get" which will contain your hidden service keys.
+
+Make sure it has permission `600` otherwise you will get an error
+
+> Permissions on directory /var/lib/tor/4get/ are too permissive.
+
+you can change permissions with
+
+```
+chmod 600 4get
+```
+
+3. Create a folder named "data" that will contain your DataDirectory
+
+
+4. create a `docker-compose.yaml` with the following content
+
+```
+# docker-compose.yaml
+version: "3.7"
+
+services:
+ fourget:
+ image: luuul/4get:latest
+ restart: unless-stopped
+ environment:
+ - FOURGET_PROTO=http
+ - FOURGET_SERVER_NAME=4get.ca
+
+ depends_on:
+ - tor
+
+ tor:
+ image: luuul/tor:latest
+ restart: unless-stopped
+
+ volumes:
+ - ./torrc:/etc/tor/torrc
+ - ./4get:/var/lib/tor/4get
+ - ./data:/root/.tor
+```
+
+5. You can now start both with `docker compose up -d`
+
+6. print onion hostname with
+
+```
+docker exec `docker ps -qf ancestor=luuul/tor:latest` sh -c "cat /var/lib/tor/4get/hostname"
+```
+
+or `cat ./4get/hostname`