{"id":23521252,"url":"https://github.com/leplusorg/docker-tor","last_synced_at":"2025-04-19T19:42:46.986Z","repository":{"id":39855138,"uuid":"225695658","full_name":"leplusorg/docker-tor","owner":"leplusorg","description":"Run TOR conveniently from a docker container.","archived":false,"fork":false,"pushed_at":"2024-05-23T08:15:15.000Z","size":188,"stargazers_count":10,"open_issues_count":1,"forks_count":9,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-05-23T08:35:17.956Z","etag":null,"topics":["anonymity","docker","docker-container","docker-image","dockerfile","information-security","infosec","proxy","socks5","theonionrouter","tor","web-proxy"],"latest_commit_sha":null,"homepage":"https://hub.docker.com/r/leplusorg/tor","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/leplusorg.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-12-03T19:09:34.000Z","updated_at":"2024-05-27T12:49:38.457Z","dependencies_parsed_at":"2023-02-12T19:15:16.567Z","dependency_job_id":"a376601a-6fce-4b54-aea0-8f5e400e3cf1","html_url":"https://github.com/leplusorg/docker-tor","commit_stats":{"total_commits":84,"total_committers":5,"mean_commits":16.8,"dds":"0.19047619047619047","last_synced_commit":"c113323e19753d94fa2215320f0b54793f436d45"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fdocker-tor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fdocker-tor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fdocker-tor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leplusorg%2Fdocker-tor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/leplusorg","download_url":"https://codeload.github.com/leplusorg/docker-tor/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":231260790,"owners_count":18349461,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anonymity","docker","docker-container","docker-image","dockerfile","information-security","infosec","proxy","socks5","theonionrouter","tor","web-proxy"],"created_at":"2024-12-25T17:11:29.492Z","updated_at":"2025-04-19T19:42:46.968Z","avatar_url":"https://github.com/leplusorg.png","language":"Dockerfile","readme":"# TOR\n\nRun TOR conveniently from a docker container.\n\n[![Dockerfile](https://img.shields.io/badge/GitHub-Dockerfile-blue)](tor/Dockerfile)\n[![Docker Build](https://github.com/leplusorg/docker-tor/workflows/Docker/badge.svg)](https://github.com/leplusorg/docker-tor/actions?query=workflow:\"Docker\")\n[![Docker Stars](https://img.shields.io/docker/stars/leplusorg/tor)](https://hub.docker.com/r/leplusorg/tor)\n[![Docker Pulls](https://img.shields.io/docker/pulls/leplusorg/tor)](https://hub.docker.com/r/leplusorg/tor)\n[![Docker Version](https://img.shields.io/docker/v/leplusorg/tor?sort=semver)](https://hub.docker.com/r/leplusorg/tor)\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/8752/badge)](https://bestpractices.coreinfrastructure.org/projects/8752)\n[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/leplusorg/docker-tor/badge)](https://securityscorecards.dev/viewer/?uri=github.com/leplusorg/docker-tor)\n\n## Usage\n\n### To use the containerized TOR proxy from your host machine\n\nThe simplest way to launch a TOR proxy using this container accessible\nfrom your host machine only is to use the following command:\n\n```bash\ndocker run --rm -p 127.0.0.1:9050:9050 -e SOCKS_HOSTNAME=0.0.0.0 leplusorg/tor\n```\n\nIf you want the TOR proxy to be reachable from other machines on your\nnetwork (i.e. share it), you can run:\n\n```bash\ndocker run --rm -p 0.0.0.0:9050:9050 -e SOCKS_HOSTNAME=0.0.0.0 leplusorg/tor\n```\n\nThen make sure that your firewall rules allow remote connection to\nyour port 9050.\n\nOnce the docker container has finished starting, you can test it with the following command:\n\n```bash\ncurl --socks5 localhost:9050 --socks5-hostname localhost:9050 https://check.torproject.org/api/ip\n```\n\n### To use the containerized TOR proxy from other containers\n\nIn that use case, you can use `docker compose` with a compose file\nsimilar to this (where `bar`'s definition should be replaced by the\ncontainer that you actually want to run using TOR):\n\n```YAML\n---\nversion: \"3.8\"\n\nservices:\n  tor:\n    image: leplusorg/tor:latest\n    environment:\n      - SOCKS_HOSTNAME=0.0.0.0\n  bar:\n    image: foo/bar:latest\n    links:\n      - tor\n    environment:\n      - ALL_PROXY=socks5://tor:9050\n```\n\nNote that ALL_PROXY is not always honored by applications so depending\non the container that you are running, you should read its\ndocumentation to figure out the proper way to tell it to use\n`tor:9050` as a proxy. If this is misconfigured, everything might look\nlike it's working but the TOR proxy is not actually being used!\n\n## Configuration\n\n### Torrc\n\nThe configuration file used by TOR in this container is\n`/et/tor/torrc` but it is generated on startup by the script\n`tor-wrapper.sh` using the `torrc.template` file. The file is based on\nthe `torrc.sample` configuration that comes with TOR. But some\nconfiguration options have been made configurable using OS environment\nvariables. You can set a custom value for these variables for example\nusing the `-e` option of Docker. Below are the variables currently\navailable:\n\n| Variable name  | Usage                                                           | Default      |\n| -------------- | --------------------------------------------------------------- | ------------ |\n| DATA_DIRECTORY | The data directory.                                             | /var/lib/tor |\n| LOG_LEVEL      | The logging level.                                              | notice       |\n| LOG_FILE       | The log file or device.                                         | stdout       |\n| SOCKS_HOSTNAME | The SOCKS hostname.                                             | 127.0.0.0.1  |\n| SOCKS_PORT     | The SOCKS port.                                                 | 9150         |\n| TORRC_APPEND   | A block of configuration appended at the end of the torrc file. |              |\n\nNote that the defaults are the same as TOR's default if the\nconfiguration option is not set.\n\nYou can use the `-m` option of Docker to mount a custom template in the\nimage at `/etc/tor/torrc.template`. The templating engine\n(`envsubst`) will only replace specific environment variables in the\ntemplate. These are controlled by the environment variable\n`SHELL_FORMAT` (the default list is\n`${DATA_DIRECTORY},${LOG_LEVEL},${LOG_FILE},${SOCKS_HOSTNAME},${SOCKS_PORT}`). If\nyou create a custom template with extra variables in it, you can set\nyour own list using the environment variable `SHELL_FORMAT` or you can\njust append the extra variables to the existing list using the\nenvironment variable `SHELL_FORMAT_EXTRA`. Be careful to escape the\n`$` characters since you don't want them to be interpolated when\ndefining `SHELL_FORMAT` or `SHELL_FORMAT_EXTRA`.\n\nThe out-of-the-box torrc.template also loads any file in the\n`/etc/torrc.d/` directory with the `.conf` extension so you can\nmount your custom torrc configuration file(s) there. This is similar\nto the `TORRC_APPEND` environment variable but using files instead.\n\nIf you set the `SKIP_TEMPLATE` variable to `true`, the whole\ntemplating logic will be disabled and the configuration file\n/etc/tor/torrc will be used. In that case you must provide that file\nby mounting it (or adding it to your custom image built from this\none). Otherwise TOR will refuse to start with the following messages:\n\n```Text\n[warn] Unable to open configuration file \"/etc/tor/torrc\".\n[err] Reading config failed--see warnings above\n```\n\n### Permissions\n\nBy default `tor-wrapper.sh` will adjust the permissions on the data\ndirectory to avoid a warning on start up that says `Fixing permissions\non directory ...`. This can be disabled by setting the value of\nenvironment variable `SET_PERMISSIONS` to `false`.\n\n### Debugging\n\nFor troubleshooting, you can enable verbose logging by setting the\nvalue of environment variable `DEBUG` to `true`.\n\n## Software Bill of Materials (SBOM)\n\nTo get the SBOM for the latest image (in SPDX JSON format), use the\nfollowing command:\n\n```bash\ndocker buildx imagetools inspect leplusorg/tor --format '{{ json (index .SBOM \"linux/amd64\").SPDX }}'\n```\n\nReplace `linux/amd64` by the desired platform (`linux/amd64`, `linux/arm64` etc.).\n\n### Sigstore\n\n[Sigstore](https://docs.sigstore.dev) is trying to improve supply\nchain security by allowing you to verify the origin of an\nartifcat. You can verify that the jar that you use was actually\nproduced by this repository. This means that if you verify the\nsignature of the ristretto jar, you can trust the integrity of the\nwhole supply chain from code source, to CI/CD build, to distribution\non Maven Central or whever you got the jar from.\n\nYou can use the following command to verify the latest image using its\nsigstore signature attestation:\n\n```bash\ncosign verify leplusorg/tor --certificate-identity-regexp 'https://github\\.com/leplusorg/docker-tor/\\.github/workflows/.+' --certificate-oidc-issuer 'https://token.actions.githubusercontent.com'\n```\n\nThe output should look something like this:\n\n```text\nVerification for index.docker.io/leplusorg/xml:main --\nThe following checks were performed on each of these signatures:\n  - The cosign claims were validated\n  - Existence of the claims in the transparency log was verified offline\n  - The code-signing certificate was verified using trusted certificate authority certificates\n\n[{\"critical\":...\n```\n\nFor instructions on how to install `cosign`, please read this [documentation](https://docs.sigstore.dev/cosign/system_config/installation/).\n\n## Request configuration change\n\nPlease use [this link](https://github.com/leplusorg/docker-tor/issues/new?assignees=thomasleplus\u0026labels=enhancement\u0026template=feature_request.md\u0026title=%5BFEAT%5D) (GitHub account required) to suggest a change in this image configuration or to expose a new TOR configuration option.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleplusorg%2Fdocker-tor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fleplusorg%2Fdocker-tor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleplusorg%2Fdocker-tor/lists"}