#31834: Make obfs4 Docker image more usable -------------------------------+------------------------------- Reporter: phw | Owner: phw Type: defect | Status: assigned Priority: Medium | Milestone: Component: Circumvention | Version: Severity: Normal | Resolution: Keywords: docker, s30-o24a2 | Actual Points: Parent ID: #31281 | Points: 1 Reviewer: | Sponsor: Sponsor30-can -------------------------------+-------------------------------
Old description: > Here is some feedback we got from an operator (see > [https://www.securimancy.com/dockerizing-tor-bridge/ this blog post] for > the full story): > > * Make it easier to get the bridge's fingerprint and/or bridge line. At > the moment, users have to spawn a shell in the container, which is > tedious. > * Maybe provide a docker-compose file. > * Improve our > [https://community.torproject.org/relay/setup/bridge/docker/ official > setup instructions]. [https://dip.torproject.org/torproject/anti- > censorship/docker-obfs4-bridge These instructions] were more helpful to > an operator. > * Add a note that operators can run `docker logs <container>` to check if > it's up and running. > * Mention concerns regarding permanence: Ideally, a container should run > as long as possible. > * Allow running a bridge on a port <1024 (as per mrphs's request in > comment:2). New description: Here is some feedback we got from an operator (see [https://www.securimancy.com/dockerizing-tor-bridge/ this blog post] for the full story): * ~~Make it easier to get the bridge's fingerprint and/or bridge line. At the moment, users have to spawn a shell in the container, which is tedious.~~ * Maybe provide a docker-compose file. * ~~Improve our [https://community.torproject.org/relay/setup/bridge/docker/ official setup instructions]. [https://dip.torproject.org/torproject/anti- censorship/docker-obfs4-bridge These instructions] were more helpful to an operator.~~ * ~~Add a note that operators can run `docker logs <container>` to check if it's up and running.~~ * Mention concerns regarding permanence: Ideally, a container should run as long as possible. * ~~Allow running a bridge on a port <1024 (as per mrphs's request in comment:2).~~ -- Comment (by phw): Here's a brief update with what I've managed to address so far: > Make it easier to get the bridge's fingerprint and/or bridge line. At the moment, users have to spawn a shell in the container, which is tedious. [[br]] Commit [https://dip.torproject.org/torproject/anti-censorship/docker- obfs4-bridge/commit/d2335c91ecc04e2236158ed80bd432ee8b07e6bd d2335c91] adds a script that determines the bridge line. Users can run it like this: {{{ $ docker exec 9d66b756b3cc get-bridge-line obfs4 1.2.3.4:1234 A177E491C751488E7ADA397C7E47E4B3155723BD cert=KrQlXDh826TGTSywmtRaAZkq/dLI45m3Jl/drkYeaVD1ykghcJeFjyubff6hf1ZMG7ujeA iat-mode=0 }}} [[br]] > Improve our [https://community.torproject.org/relay/setup/bridge/docker/ official setup instructions]. [https://dip.torproject.org/torproject/anti- censorship/docker-obfs4-bridge These instructions] were more helpful to an operator. [[br]] I improved [https://community.torproject.org/relay/setup/bridge/docker/ our official instructions] in commit [https://gitweb.torproject.org/project/web/community.git/commit/?id=bfe821bc6466793d8cffdec579b43df219dd28e5 bfe821bc]. [[br]] > Add a note that operators can run `docker logs <container>` to check if it's up and running. [[br]] Documented in commit [https://gitweb.torproject.org/project/web/community.git/commit/?id=bfe821bc6466793d8cffdec579b43df219dd28e5 bfe821bc] and made possible in commit [https://dip.torproject.org/torproject/anti-censorship/docker- obfs4-bridge/commit/1f5fd1e8a094f15c4a98cd84040b33bda1861481 1f5fd1e8]. [[br]] > Allow running a bridge on a port <1024 (as per mrphs's request in comment:2). [[br]] Fixed in commit [https://dip.torproject.org/torproject/anti-censorship /docker-obfs4-bridge/commit/aceb0c10a326ed5276d3bf291d3c6b5c7945cd26 aceb0c10]. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31834#comment:6> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs