From f2e9dec181181b181f7edca43ec16d4ed67e4dda Mon Sep 17 00:00:00 2001 From: Jake Jarvis Date: Thu, 29 Dec 2022 11:54:34 -0500 Subject: [PATCH] fixes --- .github/workflows/build-and-push.yml | 16 ++++++++-------- Dockerfile | 20 +++++++++++++------- 2 files changed, 21 insertions(+), 15 deletions(-) diff --git a/.github/workflows/build-and-push.yml b/.github/workflows/build-and-push.yml index 200df0e..27f1f03 100644 --- a/.github/workflows/build-and-push.yml +++ b/.github/workflows/build-and-push.yml @@ -13,7 +13,7 @@ on: permissions: contents: read - # packages: write + packages: write jobs: build-image: @@ -27,18 +27,18 @@ jobs: with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - # - uses: docker/login-action@v2 - # if: github.event_name != 'pull_request' - # with: - # registry: ghcr.io - # username: ${{ github.actor }} - # password: ${{ secrets.GITHUB_TOKEN }} + - uses: docker/login-action@v2 + if: github.event_name != 'pull_request' + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} - uses: docker/metadata-action@v4 id: meta with: images: | jakejarvis/tor - # ghcr.io/jakejarvis/tor + ghcr.io/jakejarvis/tor flavor: | latest=auto tags: | diff --git a/Dockerfile b/Dockerfile index f94fc04..0b8a2d7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,8 @@ FROM ubuntu:22.04 -LABEL maintainer "Jake Jarvis " +LABEL maintainer "Jake Jarvis " \ + repository="https://github.com/jakejarvis/tor-docker" \ + # https://docs.github.com/en/free-pro-team@latest/packages/managing-container-images-with-github-container-registry/connecting-a-repository-to-a-container-image#connecting-a-repository-to-a-container-image-on-the-command-line + org.opencontainers.image.source="https://github.com/jakejarvis/tor-docker" ARG DEBIAN_FRONTEND=noninteractive @@ -7,34 +10,37 @@ RUN apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ ca-certificates \ apt-transport-https \ - apt-utils \ lsb-release \ - gnupg \ curl \ + gnupg \ # Add torproject.org repository for stable Tor && curl -fsSL https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor -o /usr/share/keyrings/tor-archive-keyring.gpg \ - && echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main \ -deb-src [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/tor.list >/dev/null \ + && echo "deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main \ +deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/tor.list >/dev/null \ # Install Tor with GeoIP && apt-get update \ && apt-get install --no-install-recommends --no-install-suggests -y \ tor \ tor-geoipdb \ + deb.torproject.org-keyring \ obfs4proxy \ iputils-ping \ # Tidy up && apt-get purge --auto-remove -y \ apt-transport-https \ - apt-utils \ lsb-release \ - gnupg \ curl \ + gnupg \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* # Copy entrypoint script COPY ./entrypoint.sh /usr/local/bin/docker-entrypoint +# Tor data should be persisted on the host +VOLUME /var/lib/tor + +# Run as non-root user USER debian-tor ENTRYPOINT ["docker-entrypoint"]