Merge pull request 'docker_tor_documentation' (#22) from docker_tor_documentation into master

Reviewed-on: https://git.lolcat.ca/lolcat/4get/pulls/22

6 files changed, 199 insertions, 7 deletions

diff --git a/docker-compose.yaml b/docker-compose.yaml
index df41b23..2bba4ca 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -6,7 +6,6 @@ services:
     image: luuul/4get:latest
     restart: unless-stopped
     environment:
-      - FOURGET_VERSION=6
       - FOURGET_SERVER_NAME=4get.ca
 
     ports:
diff --git a/docker/gen_config.php b/docker/gen_config.php
index ceea117..b9e7730 100644
--- a/docker/gen_config.php
+++ b/docker/gen_config.php
@@ -66,10 +66,10 @@ foreach(($merged_config) as $key => $val){
             // Handle case when original type of field is array and there is a type mismatch when a comma separted string is passed, 
             // then split on comma if string (and not numeric, boolean, null, etc)
             // 
-            // except in the case where the inital value in default config is null. Assuming null
+            // except in the case where the inital value in default config is null or boolean. Assuming null and boolean
             // in default config will be never be assigned an array
             
-            if(gettype($from_config[$key]) != gettype($val) && !is_numeric($val) && !is_null($from_config[$key])) {
+            if(gettype($from_config[$key]) != gettype($val) && !is_numeric($val) && !is_null($from_config[$key]) && gettype($from_config[$key]) != "boolean") {
                 $stored_value = explode(",", $val);
             } 
             $output = $output . "\tconst " . $key . " = " . type_to_string($stored_value) . ";\n";
diff --git a/docker/tor/Dockerfile b/docker/tor/Dockerfile
new file mode 100644
index 0000000..9310f68
--- /dev/null
+++ b/docker/tor/Dockerfile
@@ -0,0 +1,18 @@
+FROM alpine:edge
+
+RUN apk add --no-cache curl tor 
+
+EXPOSE 9050
+
+HEALTHCHECK --interval=60s --timeout=15s --start-period=20s \
+    CMD curl -x socks5h://127.0.0.1:9050 'https://check.torproject.org/api/ip' | grep -qm1 -E '"IsTor"\s*:\s*true'
+
+
+# default owner is tor, but running as root to avoid docker volume mount issue
+RUN chown -R root:root /var/lib/tor
+
+VOLUME ["/var/lib/tor/4get"]
+
+COPY ./torrc /etc/tor/torrc
+
+ENTRYPOINT ["/usr/bin/tor"]
diff --git a/docker/tor/torrc b/docker/tor/torrc
new file mode 100644
index 0000000..da32a7a
--- /dev/null
+++ b/docker/tor/torrc
@@ -0,0 +1 @@
+SocksPort 0.0.0.0:9050
diff --git a/docs/docker.md b/docs/docker.md
index e56b5ca..6a94197 100644
--- a/docs/docker.md
+++ b/docs/docker.md
@@ -72,7 +72,6 @@ services:
     image: luuul/4get:latest
     restart: unless-stopped
     environment:
-      - FOURGET_VERSION=6
       - FOURGET_PROTO=http
       - FOURGET_SERVER_NAME=4get.ca
 
@@ -91,7 +90,6 @@ services:
     image: luuul/4get:latest
     restart: unless-stopped
     environment:
-      - FOURGET_VERSION=6
       - FOURGET_PROTO=https
       - FOURGET_SERVER_NAME=4get.ca
 
@@ -117,7 +115,6 @@ services:
     image: luuul/4get:latest
     restart: unless-stopped
     environment:
-      - FOURGET_VERSION=6
       - FOURGET_PROTO=http
       - FOURGET_SERVER_NAME=4get.ca
       - FOURGET_BOT_PROTECTION=1
@@ -140,7 +137,6 @@ services:
     image: luuul/4get:latest
     restart: unless-stopped
     environment:
-      - FOURGET_VERSION=6
       - FOURGET_PROTO=http
       - FOURGET_SERVER_NAME=4get.ca
 
@@ -150,3 +146,7 @@ services:
     volumes:
       - ./banners:/var/www/html/4get/banner
 ```
+
+##### Tor
+
+You can route incoming and outgoing requests through tor by following [docker tor documentation](./docker_tor.md)
diff --git a/docs/docker_tor.md b/docs/docker_tor.md
new file mode 100644
index 0000000..21ae698
--- /dev/null
+++ b/docs/docker_tor.md
@@ -0,0 +1,174 @@
+#### Overview
+
+This guide will walk you through using 4get in docker with tor running in
+another container. This guide covers how to make outgoing and incoming traffic
+go through tor.
+
+
+##### Starting tor
+
+This guide will use `luuul/tor` which is a simple image that installs and starts
+tor in an alpine container SocksPort set to 0.0.0.0:9050 
+
+For additional configuration you can mount your own `torrc` file to `/etc/tor/torrc` 
+Remember to set `SocksPort 0.0.0.0:9050` otherwise communication between containers won't work.
+
+You will see this warning `Other people on the Internet might find your computer and use it as an open proxy. Please don't allow this unless you have a good reason.`
+
+This setting is in the torrc of this `luuul/tor` image. If you mount your own torrc then that will be read instead.
+
+If you use `SocksPort 0.0.0.0:9050` anywhere make sure it is inaccessible to outside world.
+As long as you don't publish this port (-p or --publish) it shouldn't be accessible to outside world.
+
+
+Tor always starts a socks5 proxy on port 9050 by default.
+
+
+##### Route outgoing requests over tor
+
+create a folder named `proxies` and create a file in that folder named `onion.txt`
+this folder will be mounted to `/var/www/html/4get/data/proxies/`
+
+directory structure
+
+```
+proxies/
+  onion.txt
+```
+
+put the following content into `onion.txt`
+More information about this file available in [proxy documentation](./configure.md#Proxies).
+
+```
+# proxies/onion.txt
+# Note: "tor" is the service name of luuul/tor in docker-compose.yaml
+socks5:tor:9050::
+```
+
+create a file named `docker-compose.yaml` with the following content
+This docker compose file will run `luuul/tor` and `luuul/4get` and configure 4get to load `proxies/onion.txt` for outgoing requests.
+
+If you mount your own torrc make sure you include `SocksPort 0.0.0.0:9050`
+Read the warning in [starting tor](./docker_tor.md#Starting-tor)!
+
+```
+# docker-compose.yaml
+version: "3.7"
+
+services:
+  tor:
+    image: luuul/tor:latest
+    restart: unless-stopped
+    # Warning: Do not publish port 9050
+    
+  fourget:
+    image: luuul/4get:latest
+    restart: unless-stopped
+    environment:
+      - FOURGET_PROTO=http
+      - FOURGET_SERVER_NAME=4get.ca
+      # loads proxies/onion.txt
+      - FOURGET_PROXY_DDG="onion" 
+      - FOURGET_PROXY_BRAVE="onion"
+      - FOURGET_PROXY_FB="onion"
+      - FOURGET_PROXY_GOOGLE="onion"
+      - FOURGET_PROXY_QWANT="onion"
+      - FOURGET_PROXY_MARGINALIA="onion"
+      - FOURGET_PROXY_MOJEEK="onion"
+      - FOURGET_PROXY_SC="onion"
+      - FOURGET_PROXY_SPOTIFY="onion"
+      - FOURGET_PROXY_WIBY="onion"
+      - FOURGET_PROXY_CURLIE="onion"
+      - FOURGET_PROXY_YT="onion"
+      - FOURGET_PROXY_YEP="onion"
+      - FOURGET_PROXY_PINTEREST="onion"
+      - FOURGET_PROXY_SEZNAM="onion"
+      - FOURGET_PROXY_NAVER="onion"
+      - FOURGET_PROXY_GREPPR="onion"
+      - FOURGET_PROXY_CROWDVIEW="onion"
+      - FOURGET_PROXY_MWMBL="onion"
+      - FOURGET_PROXY_FTM="onion"
+      - FOURGET_PROXY_IMGUR="onion"
+      - FOURGET_PROXY_YANDEX_W="onion"
+      - FOURGET_PROXY_YANDEX_I="onion"
+      - FOURGET_PROXY_YANDEX_V="onion"
+
+    ports:
+      - "80:80"
+      
+    depends_on:
+     - tor
+     
+    volumes:
+      - ./proxies/:/var/www/html/4get/data/proxies/
+```
+
+You can now start both containers with `docker compose up -d`
+
+
+#### Route incoming requests over tor
+
+This will create a hidden service that will be accessible via an onion link.
+
+1. create a file named `torrc` with the following content
+
+```
+# torrc
+User root
+
+HiddenServiceDir /var/lib/tor/4get/
+HiddenServicePort 80 fourget:80
+
+```
+
+2. create a folder named "4get" which will contain your hidden service keys.
+
+Make sure it has permission `600` otherwise you will get an error
+
+> Permissions on directory /var/lib/tor/4get/ are too permissive.
+
+you can change permissions with 
+
+```
+chmod 600 4get
+```
+
+3. Create a folder named "data" that will contain your DataDirectory
+
+
+4. create a `docker-compose.yaml` with the following content
+
+```
+# docker-compose.yaml
+version: "3.7"
+
+services:
+  fourget:
+    image: luuul/4get:latest
+    restart: unless-stopped
+    environment:
+      - FOURGET_PROTO=http
+      - FOURGET_SERVER_NAME=4get.ca
+
+    depends_on:
+     - tor
+     
+  tor:
+    image: luuul/tor:latest
+    restart: unless-stopped
+    
+    volumes:
+      - ./torrc:/etc/tor/torrc
+      - ./4get:/var/lib/tor/4get
+      - ./data:/root/.tor
+```
+
+5. You can now start both with `docker compose up -d`
+
+6. print onion hostname with 
+
+```
+docker exec `docker ps -qf ancestor=luuul/tor:latest` sh -c "cat /var/lib/tor/4get/hostname"
+```
+
+or `cat ./4get/hostname`