add multi-arch support, and decouple vanguards

2026-02-05 21:54:18 -05:00 · 2026-02-05 21:54:18 -05:00 · b0a7d4aea1
commit b0a7d4aea1
parent 1dbcebdee3
6 changed files with 135 additions and 58 deletions
--- a/95
+++ b/95
@ -1,68 +1,47 @@
-FROM    python:3.10-alpine
+FROM python:3.11-alpine

-# if omitted, the versions are determined from the git tags
-ARG     tor_version
-ARG     torsocks_version
+ENV HOME=/var/lib/tor
+ENV VANGUARDS_CONFIG=/etc/tor/vanguards.conf

-ENV     HOME /var/lib/tor
-ENV     POETRY_VIRTUALENVS_CREATE=false
+# Install runtime dependencies
+# tor and torsocks are available in Alpine edge/community repos
+RUN apk add --no-cache \
+        tor \
+        torsocks \
+        libevent \
+        openssl \
+        ca-certificates \
+        libffi \
+    && mkdir -p /var/lib/tor/hidden_service/ \
+    && chown -R tor:root /var/lib/tor

-RUN     apk add --no-cache git bind-tools cargo libevent-dev openssl-dev gnupg gcc make automake ca-certificates autoconf musl-dev coreutils libffi-dev zlib-dev && \
-    mkdir -p /usr/local/src/ /var/lib/tor/ && \
-    git clone https://git.torproject.org/tor.git /usr/local/src/tor && \
-    cd /usr/local/src/tor && \
-    TOR_VERSION=${tor_version=$(git tag | grep -oE '[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$' | sort -V | tail -1)} && \
-    git checkout tor-$TOR_VERSION && \
-    ./autogen.sh && \
-    ./configure \
-    --disable-asciidoc \
-    --sysconfdir=/etc \
-    --disable-unittests && \
-    make && make install && \
-    cd .. && \
-    rm -rf tor && \
-    pip3 install --upgrade pip poetry && \
-    apk del git libevent-dev openssl-dev gnupg cargo make automake autoconf musl-dev coreutils libffi-dev && \
-    apk add --no-cache libevent openssl
+WORKDIR /usr/local/src/onions

-RUN    apk add --no-cache git gcc make automake autoconf musl-dev libtool && \
-    git clone https://git.torproject.org/torsocks.git /usr/local/src/torsocks && \
-    cd /usr/local/src/torsocks && \
-    TORSOCKS_VERSION=${torsocks_version=$(git tag | grep -oE 'v[0-9]+\.[0-9]+\.[0-9]+$' | sort -V | tail -1)} && \
-    git checkout $TORSOCKS_VERSION && \
-    ./autogen.sh && \
-    ./configure && \
-    make && make install && \
-    cd .. && \
-    rm -rf torsocks && \
-    apk del git gcc make automake autoconf musl-dev libtool
+# Install Python dependencies
+COPY requirements.txt .
+RUN apk add --no-cache --virtual .build-deps \
+        build-base \
+        openssl-dev \
+        libffi-dev \
+        cargo \
+    && pip install --no-cache-dir -r requirements.txt \
+    && apk del .build-deps

-RUN     mkdir -p /etc/tor/
+# Install application
+COPY setup.py .
+COPY onions onions/
+RUN pip install --no-cache-dir .

-COPY    pyproject.toml /usr/local/src/onions/
+# Copy configuration and entrypoint
+COPY assets/entrypoint-config.yml /entrypoint-config.yml
+COPY assets/torrc /var/local/tor/torrc.tpl
+COPY assets/vanguards.conf.tpl /var/local/tor/vanguards.conf.tpl
+COPY assets/entrypoint.sh /entrypoint.sh

-RUN     cd /usr/local/src/onions && apk add --no-cache openssl-dev libffi-dev gcc libc-dev && \
-    poetry install --no-dev --no-root && \
-    apk del libffi-dev gcc libc-dev openssl-dev
+RUN chmod +x /entrypoint.sh

-COPY    onions /usr/local/src/onions/onions
-COPY    poetry.lock /usr/local/src/onions/
-RUN     cd /usr/local/src/onions && apk add --no-cache gcc libc-dev && \
-    poetry install --no-dev && \
-    apk del gcc libc-dev
+VOLUME ["/var/lib/tor/hidden_service/"]

-RUN     mkdir -p ${HOME}/.tor && \
-    addgroup -S -g 107 tor && \
-    adduser -S -G tor -u 104 -H -h ${HOME} tor
+ENTRYPOINT ["/entrypoint.sh"]

-COPY    assets/entrypoint-config.yml /
-COPY    assets/torrc /var/local/tor/torrc.tpl
-COPY    assets/vanguards.conf.tpl /var/local/tor/vanguards.conf.tpl
-
-ENV     VANGUARDS_CONFIG /etc/tor/vanguards.conf
-
-VOLUME  ["/var/lib/tor/hidden_service/"]
-
-ENTRYPOINT ["pyentrypoint"]
-
-CMD     ["tor"]
+CMD ["tor"]