[tor-bugs] #32550 [Circumvention]: Static tor in docker container

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Nov 19 22:05:35 UTC 2019 

#32550: Static tor in docker container
---------------------------+-------------------------------
 Reporter:  thymbahutymba  |          Owner:  (none)
     Type:  enhancement    |         Status:  new
 Priority:  Medium         |      Component:  Circumvention
  Version:                 |       Severity:  Normal
 Keywords:                 |  Actual Points:
Parent ID:                 |         Points:
 Reviewer:                 |        Sponsor:
---------------------------+-------------------------------
 I was wondering about how to improve the docker image. The current version
 of provided image, in such case for bridges, uses debian. This ends up in
 a "big" image that, in my honest opinion waste a lot of space.
 In order to improve the deployment and the space required by such
 container, which can be even extended for all relay, I wrote a Makefile
 for statically build tor. Once there is a statically build of tor, it
 should be enough provide just it inside the container.

 {{{
 PREFIX=$(shell pwd)/dist
 RELEASE=$(shell pwd)/release

 TOR=https://dist.torproject.org
 TOR_VER=0.4.1.6

 LIBEVENT=https://github.com/libevent/libevent/releases/download
 LIBEVENT_VER=2.1.11-stable

 OPENSSL=https://github.com/openssl/openssl/archive
 OPENSSL_VER=1_0_2t

 ZLIB=https://zlib.net
 ZLIB_VER=1.2.11

 CLEAN_DIRS=$(dir .)

 all: tor

 tor: tor-${TOR_VER} libevent libseccomp zlib openssl
     cd $< && \
         ./configure \
             --prefix=${RELEASE}             \
             --enable-static-tor             \
             --with-openssl-dir=${PREFIX}    \
             --with-libevent-dir=${PREFIX}   \
             --with-zlib-dir=${PREFIX}       \
             --disable-asciidoc              \
             --disable-system-torrc          \
             --disable-seccomp               \
         && $(MAKE) $(MAKEFLAGS) && $(MAKE) install

 libevent: libevent-${LIBEVENT_VER}
     cd  $< && \
         ./configure --prefix=${PREFIX} --enable-shared=no && \
         $(MAKE) $(MAKEFLAGS) && $(MAKE) install

 openssl: OpenSSL_${OPENSSL_VER}
     cd $< && \
         ./config no-shared no-dso no-zlib --prefix=${PREFIX} && \
         $(MAKE) depend && $(MAKE) $(MAKEFLAGS) && $(MAKE) install_sw

 zlib: zlib-${ZLIB_VER}
     cd $< && \
         ./configure --prefix=${PREFIX} --static && \
         $(MAKE) $(MAKEFLAGS) && $(MAKE) install

 ## Download and extract source if required

 tor-${TOR_VER}:
     wget -qO- ${TOR}$@.tar.gz | \
         bsdtar xzf -

 libevent-${LIBEVENT_VER}:
     wget -qO- ${LIBEVENT}/release-${LIBEVENT_VER}/$@.tar.gz | \
         bsdtar xzf -

 OpenSSL_${OPENSSL_VER}:
     wget -qO- ${OPENSSL}/$@.tar.gz | \
         bsdtar xzf -
     mv openssl-$@ $@

 zlib-${ZLIB_VER}:
     wget -qO- ${ZLIB}/$@.tar.gz | \
         bsdtar xzf -
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32550>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list