tor-relay

2024-05-23 11:44:42 -04:00 · 2024-05-23 11:44:42 -04:00 · c6f62dfc63
parent c7a0c74236
commit c6f62dfc63
9 changed files with 72 additions and 85 deletions
--- a/README.md
+++ b/README.md
@ -1 +1 @@
-<!-- build 1 -->
+<!-- build 0 -->
--- a/docker-compose.production.yml
+++ b/docker-compose.production.yml
@ -1,6 +1,6 @@
 services:
-  ferdium-server:
+  tor-relay:
    build:
-      context: ./docker/ferdium-server/
+      context: ./docker/tor-relay/
      dockerfile: Dockerfile.production
-    image: git.nixc.us/nixius/ferdium-server:production
+    image: git.nixc.us/nixius/tor-relay:production
--- a/docker-compose.staging.yml
+++ b/docker-compose.staging.yml
@ -1,6 +1,6 @@
 services:
-  ferdium-server:
+  tor-relay:
    build:
-      context: ./docker/ferdium-server/
+      context: ./docker/tor-relay/
      dockerfile: Dockerfile
-    image: git.nixc.us/nixius/ferdium-server:staging
+    image: git.nixc.us/nixius/tor-relay:staging
--- a/docker/ferdium-server/Dockerfile
+++ b/docker/ferdium-server/Dockerfile
@ -1 +0,0 @@
-FROM ferdium/ferdium-server:latest
--- a/docker/tor-relay/Dockerfile
+++ b/docker/tor-relay/Dockerfile
@ -0,0 +1,45 @@
+# Stage 1: Build Tor from source on Alpine Linux
+FROM alpine:latest AS builder
+
+# Install necessary dependencies
+RUN apk update && \
+    apk add --no-cache \
+    build-base \
+    libevent-dev \
+    openssl-dev \
+    zlib-dev \
+    asciidoc \
+    xmlto \
+    git
+
+# Download and compile Tor
+RUN git clone https://git.torproject.org/tor.git && \
+    cd tor && \
+    ./autogen.sh && \
+    ./configure && \
+    make && \
+    make install
+
+# Stage 2: Create the final minimal image with Tor
+FROM scratch
+
+# Copy necessary files from the builder stage
+COPY --from=builder /usr/local/bin/tor /usr/local/bin/tor
+COPY --from=builder /usr/local/etc/tor /usr/local/etc/tor
+COPY --from=builder /etc/ssl /etc/ssl
+COPY --from=builder /lib/ld-musl-x86_64.so.1 /lib/ld-musl-x86_64.so.1
+COPY --from=builder /lib/libevent-2.1.so.6 /lib/libevent-2.1.so.6
+COPY --from=builder /lib/libssl.so.1.1 /lib/libssl.so.1.1
+COPY --from=builder /lib/libcrypto.so.1.1 /lib/libcrypto.so.1.1
+COPY --from=builder /lib/libz.so.1 /lib/libz.so.1
+COPY --from=builder /lib/libgcc_s.so.1 /lib/libgcc_s.so.1
+COPY --from=builder /lib/libc.musl-x86_64.so.1 /lib/libc.musl-x86_64.so.1
+
+# Copy the torrc configuration file
+COPY torrc /usr/local/etc/tor/torrc
+
+# Expose Tor relay ports
+EXPOSE 9001 9030
+
+# Run Tor
+CMD ["/usr/local/bin/tor", "-f", "/usr/local/etc/tor/torrc"]
--- a/docker/ferdium-server/Dockerfile.production
+++ b/docker/ferdium-server/Dockerfile.production
--- a/docker/tor-relay/torrc
+++ b/docker/tor-relay/torrc
@ -0,0 +1,14 @@
+# torrc: Tor configuration file
+
+# Define this as a relay-only node
+SocksPort 0
+ORPort 9001
+DirPort 9030
+ExitRelay 0
+RelayBandwidthRate 100 KB
+RelayBandwidthBurst 200 KB
+Nickname YourRelayNickname
+ContactInfo your-email@example.com
+
+# Optionally, configure logs
+Log notice stdout
--- a/stack.production.yml
+++ b/stack.production.yml
@ -1,60 +1,12 @@
-networks:
-  traefik:
-    external: true
-  default:
-    driver: overlay
 services:
-  ferdium:
-    image: git.nixc.us/nixius/ferdium-server:production
-    networks:
-      - traefik
-    environment:
-      NODE_ENV: production
-      APP_URL: ferdium.nixc.us
-      DB_CONNECTION: sqlite
-      # Uncomment the lines below to use MySQL instead of SQLite
-      # DB_CONNECTION: mysql
-      # DB_HOST: <your-mysql-host>
-      # DB_PORT: 3306
-      # DB_USER: <your-mysql-user>
-      # DB_PASSWORD: <your-mysql-password>
-      # DB_DATABASE: ferdium
-      DB_SSL: "false"
-      MAIL_CONNECTION: smtp
-      SMTP_HOST: box.p.nixc.us
-      SMTP_PORT: 465
-      MAIL_SSL: "true"
-      MAIL_USERNAME: ferdium@nixc.us
-      MAIL_PASSWORD: dzUAQp3ZmjLN2tMq5XDoS6J29EdFqjntF
-      MAIL_SENDER: ferdium@nixc.us
-      IS_CREATION_ENABLED: "true"
-      IS_DASHBOARD_ENABLED: "true"
-      IS_REGISTRATION_ENABLED: "true"
-      CONNECT_WITH_FRANZ: "true"
-      DATA_DIR: /data
-      JWT_USE_PEM: "true"
-    volumes:
-      - /mnt/tank/persist/nixc.us/ferdium/production/data:/data
-      - /mnt/tank/persist/nixc.us/ferdium/production/recipes:/app/build/recipes
+  tor-relay:
+    image: git.nixc.us/nixius/tor-relay:production
    deploy:
      placement:
        constraints:
          - node.hostname == macmini14
      labels:
-        homepage.group: apps
-        homepage.name: ferdium
-        homepage.href: https://ferdium.nixc.us/
-        homepage.description: ferdium
-        traefik.enable: "true"
-        traefik.http.routers.production-ferdium_ferdium.rule: "Host(`ferdium.nixc.us`)"
-        traefik.http.routers.production-ferdium_ferdium.entrypoints: "websecure"
-        traefik.http.routers.production-ferdium_ferdium.tls: "true"
-        traefik.http.routers.production-ferdium_ferdium.tls.certresolver: "letsencryptresolver"
-        traefik.http.routers.production-ferdium_ferdium.service: "production-ferdium_ferdium"
-        traefik.http.services.production-ferdium_ferdium.loadbalancer.server.port: "3333"
-        traefik.docker.network: "traefik"
-        # traefik.http.routers.production_ferdium.middlewares: 'authelia_authelia@docker'
-        # traefik.http.routers.production-ferdium_ferdium.middlewares: 'authelia_authelia@docker'
+        traefik.enable: "false"
      update_config:
        order: stop-first
        failure_action: rollback
--- a/stack.staging.yml
+++ b/stack.staging.yml
@ -1,35 +1,12 @@
-networks:
-  traefik:
-    external: true
-  default:
-    driver: overlay
 services:
-  ferdium:
-    image: git.nixc.us/nixius/ferdium-server:staging
-    networks:
-      - traefik
-    # volumes:
-    #   - /mnt/tank/persist/nixc.us/ferdium/staging/data:/data
-    #   - /mnt/tank/persist/nixc.us/ferdium/staging/recipes:/app/build/recipes
+  tor-relay:
+    image: git.nixc.us/nixius/tor-relay:staging
    deploy:
      placement:
        constraints:
          - node.hostname == macmini14
      labels:
-        homepage.group: apps
-        homepage.name: ferdium
-        homepage.href: https://ferdium.nixc.us/
-        homepage.description: ferdium
-        traefik.enable: "true"
-        traefik.http.routers.staging-ferdium_ferdium.rule: "Host(`ferdium.nixc.us`)"
-        traefik.http.routers.staging-ferdium_ferdium.entrypoints: "websecure"
-        traefik.http.routers.staging-ferdium_ferdium.tls: "true"
-        traefik.http.routers.staging-ferdium_ferdium.tls.certresolver: "letsencryptresolver"
-        traefik.http.routers.staging-ferdium_ferdium.service: "staging-ferdium_ferdium"
-        traefik.http.services.staging-ferdium_ferdium.loadbalancer.server.port: "3333"
-        traefik.docker.network: "traefik"
-        # traefik.http.routers.staging_ferdium.middlewares: 'authelia_authelia@docker'
-        traefik.http.routers.staging-ferdium_ferdium.middlewares: 'authelia_authelia@docker'
+        traefik.enable: "false"
      update_config:
        order: stop-first
        failure_action: rollback