Closed dmp1ce closed 6 years ago
Hi @dmp1ce , can you provide me your torrc and your command to run tor? Thanks a lot.
The init script is here: https://github.com/DarkIsDude/tor-server/blob/master/scripts/docker-entrypoint
and yes, I don't init tor as chriswayg/tor-server.
I changed the Dockerfile.tor
image to your image and ran docker-compose build && docker-compose up -d
. The service kept restarting and several lines were added to the torrc
every time it started I think.
$ cat torrc
### /etc/torrc ###
# see /etc/torrc/torrc.default and https://www.torproject.org/docs/tor-manual.html.en
# server's public ip address (usually automatic)
#address 10.10.10.10
# port to advertise for incoming tor connections.
# common ports are 9001, 443
orport 9001
# mirror directory information for others (optional)
# common ports are 9030, 80
dirport 9030
# run as a relay only (not as an exit node)
exitpolicy reject *:* # no exits allowed
# set limits
relaybandwidthrate 500 kb # throttle traffic to
relaybandwidthburst 1000 kb # but allow bursts up to
#maxmeminqueues 512 mb # limit memory usage to
# run tor as obfuscated bridge
#servertransportplugin obfs3 exec /usr/bin/obfsproxy managed
#servertransportlistenaddr obfs3 0.0.0.0:54444
#bridgerelay 1
# run tor only as a server (no local applications)
socksport 0
# run tor as a regular user (do not change this)
user debian-tor
datadirectory /var/lib/tor
# enable control port for arm
controlport 9051
cookieauthentication 1
# if no nickname or contactinfo is set, docker-entrypoint will use
# the environment variables to add nickname/contactinfo here
nickname xxx # only use letters and numbers
contactinfo xxx
$ cat docker-compose.yml
version: '2'
services:
tor:
build:
dockerfile: Dockerfile.tor
context: .
restart: always
ports:
- "9001:9001"
- "9030:9030"
volumes:
- ./torrc:/etc/tor/torrc
$ cat Dockerfile.tor
FROM chriswayg/tor-server
MAINTAINER David Parrish <daveparrish@tutanota.com>
RUN apt-get update && apt-get install -y --no-install-recommends tor-arm && \
apt-get -y purge --auto-remove $build_deps && \
apt-get clean && rm -r /var/lib/apt/lists/*
EXPOSE 9051
Thanks for your PR. I hope this solve your issue?
Actually, no, it didn't fix my issue like I had hoped. Here is the errors I am getting. Do you have any ideas why I'm getting errors?
tor_1 | ========================================================
tor_1 | Tor version 0.2.9.14 (git-a211f886ad759cab).
tor_1 | ### /etc/torrc ###
tor_1 | # see /etc/torrc/torrc.default and https://www.torproject.org/docs/tor-manual.html.en
tor_1 |
tor_1 | # Server's public IP Address (usually automatic)
tor_1 | #Address 10.10.10.10
tor_1 |
tor_1 | # Port to advertise for incoming Tor connections.
tor_1 | # common ports are 9001, 443
tor_1 | ORPort 9001
tor_1 |
tor_1 | # Mirror directory information for others (optional)
tor_1 | # common ports are 9030, 80
tor_1 | DirPort 9030
tor_1 |
tor_1 | # Run as a relay only (not as an exit node)
tor_1 | ExitPolicy reject *:* # no exits allowed
tor_1 |
tor_1 | # Set limits
tor_1 | RelayBandwidthRate 500 KB # Throttle traffic to
tor_1 | RelayBandwidthBurst 1000 KB # But allow bursts up to
tor_1 | #MaxMemInQueues 512 MB # Limit Memory usage to
tor_1 |
tor_1 | # Run Tor as obfuscated bridge
tor_1 | #ServerTransportPlugin obfs3 exec /usr/bin/obfsproxy managed
tor_1 | #ServerTransportListenAddr obfs3 0.0.0.0:54444
tor_1 | #BridgeRelay 1
tor_1 |
tor_1 | # Run Tor only as a server (no local applications)
tor_1 | SocksPort 0
tor_1 |
tor_1 | # Run Tor as a regular user (do not change this)
tor_1 | User debian-tor
tor_1 | DataDirectory /var/lib/tor
tor_1 |
tor_1 | # Enable control port for arm
tor_1 | ControlPort 9051
tor_1 | CookieAuthentication 1
tor_1 |
tor_1 | # If no Nickname or ContactInfo is set, docker-entrypoint will use
tor_1 | # the environment variables to add Nickname/ContactInfo here
tor_1 | Nickname xxx # only use letters and numbers
tor_1 | ContactInfo xxx
tor_1 | ========================================================
tor_1 |
tor_1 | Mar 16 16:30:38.318 [notice] Tor 0.2.9.14 (git-a211f886ad759cab) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0f and Zlib 1.2.8.
tor_1 | Mar 16 16:30:38.318 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning
tor_1 | Mar 16 16:30:38.318 [notice] Read configuration file "/etc/tor/torrc".
tor_1 | Mar 16 16:30:38.323 [notice] Based on detected system memory, MaxMemInQueues is set to 7494 MB. You can override this by setting MaxMemInQueues by hand.
tor_1 | Mar 16 16:30:38.324 [notice] Opening Control listener on 127.0.0.1:9051
tor_1 | Mar 16 16:30:38.324 [notice] Opening OR listener on 0.0.0.0:9001
tor_1 | Mar 16 16:30:38.324 [notice] Opening Directory listener on 0.0.0.0:9030
tor_1 | Mar 16 16:30:38.000 [warn] Couldn't open "/var/lib/tor/lock" for locking: Permission denied
tor_1 | Mar 16 16:30:38.000 [err] set_options(): Bug: Acting on config options left us in a broken state. Dying. (on Tor 0.2.9.14 )
I'm thinking my data in /var/lib/tor
is causing problems. Is there a migration path. Should I remove some of my files? Currently I have the following on version Tor 0.3.0.10
. Do I need to change anything for the newer versions?
# ls -alh /var/lib/tor/
total 55M
drwx------ 4 debian-tor debian-tor 4.0K Mar 16 16:56 .
drwxr-xr-x 1 root root 4.0K Sep 13 2017 ..
-rw------- 1 debian-tor debian-tor 20K Feb 22 20:24 cached-certs
-rw------- 1 debian-tor debian-tor 2.1M Mar 16 16:17 cached-consensus
-rw------- 1 debian-tor debian-tor 47M Mar 16 16:39 cached-descriptors
-rw------- 1 debian-tor debian-tor 0 Mar 16 16:39 cached-descriptors.new
-rw------- 1 debian-tor debian-tor 1.9M Mar 16 16:39 cached-microdesc-consensus
-rw------- 1 debian-tor debian-tor 4.0M Mar 16 16:50 cached-microdescs
-rw------- 1 debian-tor debian-tor 0 Mar 16 16:50 cached-microdescs.new
-rw------- 1 debian-tor debian-tor 32 Mar 16 16:56 control_auth_cookie
-rw------- 1 debian-tor debian-tor 53 Apr 2 2017 fingerprint
drwx------ 2 debian-tor debian-tor 4.0K Mar 16 14:00 keys
-rw------- 1 debian-tor debian-tor 0 Mar 16 16:56 lock
-rw------- 1 debian-tor debian-tor 7.8K Mar 16 16:56 state
drwx------ 2 debian-tor debian-tor 4.0K Mar 15 20:33 stats
It's really strange. I don't see this volume in your docker-compose.yml
. But you are rigth, I don't know but tor daemon can't access to lock file. Have tou tried if you remove all your files? This ls
is from your container or from anywhere else ?
Ok, I can reproduce it.
debian-tor is not the same user is both container (from mine repo and from @chriswayg repo). The name can be the same but the user id can be different...
Make a save of your data folder (/var/lib/tor
in container). Can you run this: docker run -it -rm -v YOUR_DATA_FOLDER:/opt/ doudou34/tor-server bash
. You have now a bash, go into /opt/
and run chown -R debian-tor:debian-tor .
. You can now exit container and check again? This resolve issue for me.
Yes. I think that will work. I think that is why the original repo had a line in the init script which set the permissions. What was the reason the line was taken out?
I don't know, a mistake... I merged your PR!
I'm referring to a3373715ccc3e0c13d1c15a5d1ae120ab010a603
Cool! Thanks!
That did it! I'm on the recommended version of Tor for my node finally.
Yeah, cool :) ! Great job ! Thanks a lot !
I took my torrc from the chriswayg/tor-server configuration and when running with darkisdude/tor-server the torrc gets several lines added to the end of the file which makes my configuration invalid and the services doesn't start up. Am I don't something wrong? Should I be able to use my torrc without it being modified?