[tor-bugs] #33461 [Circumvention/Obfs4]: Multiarch docker obfs4 bridge

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Feb 26 19:08:12 UTC 2020 

#33461: Multiarch docker obfs4 bridge
--------------------------------------+------------------------------------
 Reporter:  thymbahutymba             |          Owner:  (none)
     Type:  enhancement               |         Status:  new
 Priority:  Medium                    |      Component:
                                      |  Circumvention/Obfs4
  Version:                            |       Severity:  Normal
 Keywords:  docker, obfs4, multiarch  |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+------------------------------------
 Having more images enables the bridge operators to directly pull an image
 instead of modifying the Dockerfile and consequently building that image.
 For example, the supported architectures can be x86_64, aarch64 and arm.
 In order to do so we can have multiple {{{Dockerfile.arch}}} where is used
 https://github.com/multiarch/qemu-user-static in order to build such
 image.

 For example in the Dockerfile.arm file the content should be something
 like:
 {{{
 # Base docker image
 FROM multiarch/qemu-user-static:x86_64-arm as qemu
 FROM arm32v7/debian:buster-slim
 COPY --from=qemu /usr/bin/qemu-arm-static /usr/bin

 # Install remaining dependencies.
 RUN apt-get update && apt-get install -y \
     tor                 \
     tor-geoipdb \
     obfs4proxy  \
     libcap2-bin \
     --no-install-recommends

 # Allow obfs4proxy to bind to ports < 1024.
 RUN setcap cap_net_bind_service=+ep /usr/bin/obfs4proxy
 RUN setcap cap_net_bind_service=+ep /usr/bin/tor

 # Our torrc is generated at run-time by the script start-tor.sh.
 RUN rm /etc/tor/torrc
 RUN chown debian-tor:debian-tor /etc/tor
 RUN chown debian-tor:debian-tor /var/log/tor

 COPY start-tor.sh /usr/local/bin
 RUN chmod 0755 /usr/local/bin/start-tor.sh

 COPY get-bridge-line /usr/local/bin
 RUN chmod 0755 /usr/local/bin/get-bridge-line

 USER debian-tor

 CMD [ "/usr/local/bin/start-tor.sh" ]
 }}}

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33461>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list