Due to performance issues, shared runners are currently unavailable. They should come back later today.

Verified Commit ac99bdb0 authored by Sheogorath's avatar Sheogorath 🛫


parent 8344218e
> Tor is free and open-source software for enabling anonymous communication. The name is derived from an acronym for the original software project name "The Onion Router". Tor directs Internet traffic through a free, worldwide, volunteer overlay network consisting of more than seven thousand relays to conceal a user's location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace Internet activity to the user: this includes "visits to Web sites, online posts, instant messages, and other communication forms". Tor's intended use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities from being monitored.
> — [Wikipedia](https://en.wikipedia.org/w/index.php?title=Tor_(anonymity_network)&oldid=884218825)
This container image provides the software used to connect the tor network in a way, that allows generic usage within container environments.
To use this image, you should provide an own config file. This can be done by extending this image:
FROM quay.io/sheogorath/tor
COPY ./torrc /etc/torrc.d/myconf
Or by mounting your config at runtime:
docker run -v "$PWD/torrc:/etc/torrc.d/myconfig:ro" quay.io/sheogorath/tor
It's recommended to use a directory instead of mounting the file directly and making sure it's owned by UID 994:
chown -R 994:994 "$PWD/tor_config"
docker run -v "$PWD/tor_config:/etc/torrc.d/:ro" quay.io/sheogorath/tor
To run a hidden service you'll also need a data directory:
mkdir -p data config
vim config/hidden_service # configure your hidden service to use /data/hidden_service
chown -R 994:994 data # chown to make sure tor can write the secrets
chown -R 994:994 config # chown to make sure tor can read its config
docker run -v "$PWD/data:/data/" -v "$PWD/config:/etc/torrc.d/:ro" quay.io/sheogorath/tor
Example hidden service config:
SocksPort 0
HiddenServiceDir /data/hidden_service
HiddenServicePort 80 traefik:80
HiddenServicePort 443 traefik:443
Usage with docker-compose
A basic deployment should look like this. Of course the service that should be provided as hidden service is not shown here.
version: '2'
image: quay.io/sheogorath/tor
mem_limit: 32mb
memswap_limit: 64mb
read_only: true
- proxy
- no-new-privileges
- /var/lib/tor/.tor:size=10M,uid=994,gid=994,mode=1700
- "./data:/data"
- "./config:/etc/torrc.d/:ro"
restart: always
Real-world example
A real work example setup can be found in Sheogorath's infrastructure repository:
Reporting issues
For issue reports, reach out in the [octo.sh issue tracker](https://octo.sh/container-library/tor/issues), thanks!
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment