[tor-bugs] #31834 [Circumvention]: Make obfs4 Docker image more usable

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Nov 20 18:50:32 UTC 2019


#31834: Make obfs4 Docker image more usable
-------------------------------+-------------------------------
 Reporter:  phw                |          Owner:  phw
     Type:  defect             |         Status:  assigned
 Priority:  Medium             |      Milestone:
Component:  Circumvention      |        Version:
 Severity:  Normal             |     Resolution:
 Keywords:  docker, s30-o24a2  |  Actual Points:
Parent ID:  #31281             |         Points:  1
 Reviewer:                     |        Sponsor:  Sponsor30-can
-------------------------------+-------------------------------

Old description:

> Here is some feedback we got from an operator (see
> [https://www.securimancy.com/dockerizing-tor-bridge/ this blog post] for
> the full story):
>
> * ~~Make it easier to get the bridge's fingerprint and/or bridge line. At
> the moment, users have to spawn a shell in the container, which is
> tedious.~~
> * Maybe provide a docker-compose file.
> * ~~Improve our
> [https://community.torproject.org/relay/setup/bridge/docker/ official
> setup instructions]. [https://dip.torproject.org/torproject/anti-
> censorship/docker-obfs4-bridge These instructions] were more helpful to
> an operator.~~
> * ~~Add a note that operators can run `docker logs <container>` to check
> if it's up and running.~~
> * Mention concerns regarding permanence: Ideally, a container should run
> as long as possible.
> * ~~Allow running a bridge on a port <1024 (as per mrphs's request in
> comment:2).~~

New description:

 Here is some feedback we got from an operator (see
 [https://www.securimancy.com/dockerizing-tor-bridge/ this blog post] for
 the full story):

 * ~~Make it easier to get the bridge's fingerprint and/or bridge line. At
 the moment, users have to spawn a shell in the container, which is
 tedious.~~
 * ~~Maybe provide a docker-compose file.~~
 * ~~Improve our
 [https://community.torproject.org/relay/setup/bridge/docker/ official
 setup instructions]. [https://dip.torproject.org/torproject/anti-
 censorship/docker-obfs4-bridge These instructions] were more helpful to an
 operator.~~
 * ~~Add a note that operators can run `docker logs <container>` to check
 if it's up and running.~~
 * ~~Mention concerns regarding permanence: Ideally, a container should run
 as long as possible.~~
 * ~~Allow running a bridge on a port <1024 (as per mrphs's request in
 comment:2).~~

--

Comment (by phw):

 > Maybe provide a docker-compose file.
 [[br]]
 [https://trac.torproject.org/projects/tor/ticket/31834#comment:5
 thymbahutymba's comment] convinced me that a Makefile is a better solution
 than a docker-compose file. I replaced the script deploy-container.sh with
 a Makefile in commit [https://dip.torproject.org/torproject/anti-
 censorship/docker-
 obfs4-bridge/commit/2dce6dc7a420e08f555faa46a07e4381af194f04 2dce6dc7].
 [[br]]
 > Mention concerns regarding permanence: Ideally, a container should run
 as long as possible.
 [[br]]
 I adopted thymbahutymba's idea of using a volume by adding docker's
 `--volume` argument to the Makefile.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31834#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list