FROM debian:stable-slim # update package manager RUN apt-get update -y && \ apt-get upgrade -y && \ apt-get dist-upgrade -y && \ apt-get -y autoremove && \ apt-get clean # install required packages RUN apt-get install -y \ expect \ telnet \ coreutils \ bash \ curl \ git \ build-essential \ distcc \ autoconf \ automake \ libtool \ pkgconf \ libevent-dev \ libssl-dev \ libzstd-dev \ liblzma-dev \ zlib1g \ zlib1g-dev # install the latest golang WORKDIR /tmp RUN curl -fsSL "https://go.dev/dl/$(curl -s 'https://go.dev/VERSION?m=text' | head -1).linux-amd64.tar.gz" -o go.tar.gz && \ tar -xzf go.tar.gz && \ rm go.tar.gz && \ git clone https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake.git && \ cd /tmp/snowflake/client && \ /tmp/go/bin/go build && \ mkdir -p /usr/local/bin && \ cp client /usr/local/bin/snowflake-client && \ cd /tmp && \ rm -rf /tmp/{go,snowflake} # compile the latest tor WORKDIR /tmp RUN git clone https://gitlab.torproject.org/tpo/core/tor.git && \ cd /tmp/tor && \ export DISTCC_HOSTS="docker.internal:35001 docker.internal:35002" CC=distcc CXX='distcc g++' && \ ./autogen.sh && \ ./configure \ --enable-lzma \ --enable-zstd \ --disable-gcc-hardening \ --disable-linker-hardening \ --disable-manpage \ --disable-html-manual \ --disable-asciidoc \ --disable-unittests && \ make -j4 && \ mkdir -p /usr/local/bin && \ cp /tmp/tor/src/app/tor /usr/local/bin/ && \ cd /tmp && \ rm -rf /tmp/tor # remove packages that will not be used WORKDIR / RUN apt-get purge -y \ curl \ git \ build-essential \ autoconf \ automake \ libtool \ pkgconf && \ apt-get autoremove -y # tor required port EXPOSE 9050 9053 # add filesystem requirements ADD rootfs / # set up healthcheck HEALTHCHECK --interval=15m --timeout=3s \ CMD /usr/local/bin/tor-check-circuit # execute the bootstrapper that will start tor ENTRYPOINT [ "/usr/local/bin/run" ]