adding bridge support to tor-container #74
Conversation
|
thanks for this pull request. much appreciated. starting from your code, i've worked on a "revamp" implementing a more radical approach:
it will provide a few benefits:
i've submitted a pull request to your repo with all these modifications. feel free to merge it if it's fine for you. then we'll merge your updated pull request into this repo. |
|
Thank you for the "revamp" I really like the new approach specially the part that applies the new config without a full upgrade, that is perfect ux wise. |
|
it's just a personal preference for config properties as simple as possible (semantically speaking). anyway, i don't have strong feelings against a single config property per bridge (the connection strings are generated on a website managed by the torproject. thus we can reasonably expect that these strings continue to allow direct copy/pastes in tor config). if you think that it would improve the ux, i can submit a new pull request implementing a single config property per bridge. |
I believe having a single line per bridge would be more intuitive for the users, if you agree let's make it that way. |
|
done (commit d901b61) |
|
A most welcome addition, however, there's one problem. Tor is still being built by cloing the git repo at torproject.com. If access to torproject.com is blocked, this doesn't work. Alternative would be to download the source from a website clone. For example: https://www.theonionrouter.com/tor-0.3.5.8.tar.gz If the script were changed to pull the source tar instead of cloning from git a potential blocked user could edit the dockerfile and enter a clone he has access to. |
|
@burcakbaskan good point |
|
@burcakbaskan good observation. I have my friend test the installation from a place which not only has tor project censored but also restricted by docker from getting the docker and docker-compose due to u-s sanc tions. the easy solution for them is to use vpn during the setup. but they want to to be able to disconnect vpn after installation that is where the bridge idea came to my mind and I believe if someone is competent enough to install the dojo himself can handle the restricted access easily via vpn. |
|
I agree and I normally use VPN to bypass restrictions. However, having built-in alternatives is a safer approach. Our government blocked all OpenVPN based ISPs during protests at one point and some of the more well-known VPNs are still blocked. Also, you might be using VPN on other devices and simply hit the VPN connection limit, etc. Seriously though, thank you to both you for bringing this up and to kenshin-samourai for acting on it. I've been preaching better tor support to every developer I meet and Samourai has been the first one to act on this. |
The relay network is censored in some places and we need to be able to use bridges to overcome this issue. my approach was adding a template file for torrc (called
torrc.tpl) and a config file (calleddocker-tor.conf.tpl) for the user to add their bridges' addresses.In both
install-script.shandupgrade-script.shwe will copy thetorrc.tplthen append the user settings indocker-tor.conf.tplto make the maintorrcfile.Suppose user wants to disable or change the bridges, it could be simply done via
dojo.sh upgradecommand.I have tested both installation and upgrade process and they both work fine. documentation needs more work I believe. what do you think?