castironclay/Dockerfile_tor

## Dockerfile_tor
FROM debian:stable-slim
MAINTAINER castironclay

ARG TERRAFORM=1.0.0
ARG CLOUDFLARED=2021.5.10

# Backports
RUN echo 'deb http://deb.debian.org/debian buster-backports main contrib non-free' > /etc/apt/sources.list.d/buster-backports.list

# Install deps and Wireguard
RUN set -x && \
    echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections && \
    apt-get update -y -q && \
    apt-get upgrade -y -q && \
    apt-get install -y -q dialog apt-utils && \
    apt-get install -y -q wget unzip screen vim ssh sshuttle python3-pip wireguard nano tor curl iputils-ping net-tools socat

# Install Ansible
RUN pip3 install --upgrade pip && \
    pip3 install ansible

# Install Terraform
RUN wget -q https://releases.hashicorp.com/terraform/${TERRAFORM}/terraform_${TERRAFORM}_linux_386.zip && \
    unzip terraform_${TERRAFORM}_linux_386.zip && \
    mv terraform /usr/local/bin && \
    rm terraform_${TERRAFORM}_linux_386.zip

# Update torrc
RUN mv /etc/tor/torrc /etc/tor/torrc.orig && \
    echo "SocksPort 127.0.0.1:9050" >> /etc/tor/torrc && \
    echo "Log notice file /var/log/tor/tor.log" >> /etc/tor/torrc

# DNS over HTTPS
RUN wget -q https://github.com/cloudflare/cloudflared/releases/download/${CLOUDFLARED}/cloudflared-linux-amd64 -O /root/cloudflared && \
    chmod +x /root/cloudflared

# Launch /root/start.sh after starting
RUN echo "screen -S tor -dm tor --HTTPTunnelPort 127.0.0.11:80" >> /root/start.sh && \
    echo "screen -S socat -dm socat TCP4-LISTEN:443,reuseaddr,fork SOCKS4A:127.0.0.1:dns4torpnlfs2ifuz2s2yf3fc7rdmsbhm6rw75euj35pac6ap25zgqad.onion:443,socksport=9150" >> /root/start.sh && \
    echo "screen -S dns -dm /root/cloudflared proxy-dns --upstream "https://dns4torpnlfs2ifuz2s2yf3fc7rdmsbhm6rw75euj35pac6ap25zgqad.onion/dns-query"" >> /root/start.sh && \
    chmod 755 /root/start.sh
	FROM debian:stable-slim
	MAINTAINER castironclay

	ARG TERRAFORM=1.0.0
	ARG CLOUDFLARED=2021.5.10

	# Backports
	RUN echo 'deb http://deb.debian.org/debian buster-backports main contrib non-free' > /etc/apt/sources.list.d/buster-backports.list

	# Install deps and Wireguard
	RUN set -x && \
	echo 'debconf debconf/frontend select Noninteractive' \| debconf-set-selections && \
	apt-get update -y -q && \
	apt-get upgrade -y -q && \
	apt-get install -y -q dialog apt-utils && \
	apt-get install -y -q wget unzip screen vim ssh sshuttle python3-pip wireguard nano tor curl iputils-ping net-tools socat

	# Install Ansible
	RUN pip3 install --upgrade pip && \
	pip3 install ansible

	# Install Terraform
	RUN wget -q https://releases.hashicorp.com/terraform/${TERRAFORM}/terraform_${TERRAFORM}_linux_386.zip && \
	unzip terraform_${TERRAFORM}_linux_386.zip && \
	mv terraform /usr/local/bin && \
	rm terraform_${TERRAFORM}_linux_386.zip

	# Update torrc
	RUN mv /etc/tor/torrc /etc/tor/torrc.orig && \
	echo "SocksPort 127.0.0.1:9050" >> /etc/tor/torrc && \
	echo "Log notice file /var/log/tor/tor.log" >> /etc/tor/torrc

	# DNS over HTTPS
	RUN wget -q https://github.com/cloudflare/cloudflared/releases/download/${CLOUDFLARED}/cloudflared-linux-amd64 -O /root/cloudflared && \
	chmod +x /root/cloudflared

	# Launch /root/start.sh after starting
	RUN echo "screen -S tor -dm tor --HTTPTunnelPort 127.0.0.11:80" >> /root/start.sh && \
	echo "screen -S socat -dm socat TCP4-LISTEN:443,reuseaddr,fork SOCKS4A:127.0.0.1:dns4torpnlfs2ifuz2s2yf3fc7rdmsbhm6rw75euj35pac6ap25zgqad.onion:443,socksport=9150" >> /root/start.sh && \
	echo "screen -S dns -dm /root/cloudflared proxy-dns --upstream "https://dns4torpnlfs2ifuz2s2yf3fc7rdmsbhm6rw75euj35pac6ap25zgqad.onion/dns-query"" >> /root/start.sh && \
	chmod 755 /root/start.sh