Skip to content

GitLab

Closed (moved)
(moved)
Created by Trac@tracbot

Static tor in docker container

I was wondering about how to improve the docker image. The current version of provided image, in such case for bridges, uses debian. This ends up in a "big" image that, in my honest opinion waste a lot of space. In order to improve the deployment and the space required by such container, which can be even extended for all relay, I wrote a Makefile for statically build tor. Once there is a statically build of tor, it should be enough provide just it inside the container.

PREFIX=$(shell pwd)/dist
RELEASE=$(shell pwd)/release

TOR=https://dist.torproject.org
TOR_VER=0.4.1.6

LIBEVENT=https://github.com/libevent/libevent/releases/download
LIBEVENT_VER=2.1.11-stable

OPENSSL=https://github.com/openssl/openssl/archive
OPENSSL_VER=1_0_2t

ZLIB=https://zlib.net
ZLIB_VER=1.2.11

CLEAN_DIRS=$(dir .)

all: tor

tor: tor-${TOR_VER} libevent libseccomp zlib openssl
    cd $< && \
        ./configure \
            --prefix=${RELEASE}             \
            --enable-static-tor             \
            --with-openssl-dir=${PREFIX}    \
            --with-libevent-dir=${PREFIX}   \
            --with-zlib-dir=${PREFIX}       \
            --disable-asciidoc              \
            --disable-system-torrc          \
            --disable-seccomp               \
        && $(MAKE) $(MAKEFLAGS) && $(MAKE) install

libevent: libevent-${LIBEVENT_VER}
    cd  $< && \
        ./configure --prefix=${PREFIX} --enable-shared=no && \
        $(MAKE) $(MAKEFLAGS) && $(MAKE) install

openssl: OpenSSL_${OPENSSL_VER}
    cd $< && \
        ./config no-shared no-dso no-zlib --prefix=${PREFIX} && \
        $(MAKE) depend && $(MAKE) $(MAKEFLAGS) && $(MAKE) install_sw

zlib: zlib-${ZLIB_VER}
    cd $< && \
        ./configure --prefix=${PREFIX} --static && \
        $(MAKE) $(MAKEFLAGS) && $(MAKE) install

## Download and extract source if required

tor-${TOR_VER}:
    wget -qO- ${TOR}$@.tar.gz | \
        bsdtar xzf -

libevent-${LIBEVENT_VER}:
    wget -qO- ${LIBEVENT}/release-${LIBEVENT_VER}/$@.tar.gz | \
        bsdtar xzf -

OpenSSL_${OPENSSL_VER}:
    wget -qO- ${OPENSSL}/$@.tar.gz | \
        bsdtar xzf -
    mv openssl-$@ $@

zlib-${ZLIB_VER}:
    wget -qO- ${ZLIB}/$@.tar.gz | \
        bsdtar xzf -

Trac:
Username: thymbahutymba

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information