Szwendacz/ContainersWorkspace
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

tor config updates

Browse source
This commit is contained in:
Maciej Lebiest 2023-03-26 20:02:57 +02:00
parent 741b40bb3a
commit 12419e71e2
2 changed files with 7 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -56,12 +56,12 @@ cd tor/;
podman build -t tornode .; podman build -t tornode .;
chmod 777 ./data ./logs; chmod 777 ./data ./logs;
# run # run (network host for easy port bind on ipv6)
podman run -d --read-only \ podman run -d --read-only --network host \
-v "/home/user/torrc.conf:/torrc:rw,Z" \ -v "/home/user/torrc.conf:/torrc:rw,Z" \
-v "/home/user/tor/logs:/var/log:Z,rw" \ -v "/home/user/tor/logs:/var/log:Z,rw" \
-v "/home/user/tor/data:/var/lib/tor:Z,rw" \ -v "/home/user/tor/data:/var/lib/tor:Z,rw" \
--name tornode -p 443:443 -p 9091:9091 tornode:latest --name tornode tornode:latest
# prepare systemd service for reboot persistence # prepare systemd service for reboot persistence
podman generate systemd --new --name tornode > /etc/systemd/system/tornode.service; podman generate systemd --new --name tornode > /etc/systemd/system/tornode.service;

9
tor/torrc.conf Normal file → Executable file
View file

@ -89,6 +89,7 @@ RunAsDaemon 0
## Required: what port to advertise for incoming Tor connections. ## Required: what port to advertise for incoming Tor connections.
ORPort 443 ORPort 443
ORPort [<your public ipv6>]:443
## If you want to listen on a port other than the one advertised in ## If you want to listen on a port other than the one advertised in
## ORPort (e.g. to advertise 443 but bind to 9090), you can do it as ## ORPort (e.g. to advertise 443 but bind to 9090), you can do it as
## follows. You'll need to do ipchains or other port forwarding ## follows. You'll need to do ipchains or other port forwarding
@ -101,8 +102,6 @@ ORPort 443
## The IP address or full DNS name for incoming connections to your ## The IP address or full DNS name for incoming connections to your
## relay. Leave commented out and Tor will guess. ## relay. Leave commented out and Tor will guess.
#
#Address tor.example.com
## If you have multiple network interfaces, you can specify one for ## If you have multiple network interfaces, you can specify one for
## outgoing traffic to use. ## outgoing traffic to use.
@ -118,7 +117,7 @@ ORPort 443
## Nicknames must be between 1 and 19 characters inclusive, and must ## Nicknames must be between 1 and 19 characters inclusive, and must
## contain only the characters [a-zA-Z0-9]. ## contain only the characters [a-zA-Z0-9].
## If not set, "Unnamed" will be used. ## If not set, "Unnamed" will be used.
#Nickname ididnteditheconfig Nickname MyUniqueNickname
## Define these to limit how much relayed traffic you will allow. Your ## Define these to limit how much relayed traffic you will allow. Your
## own traffic is still unthrottled. Note that RelayBandwidthRate must ## own traffic is still unthrottled. Note that RelayBandwidthRate must
@ -129,7 +128,7 @@ ORPort 443
#RelayBandwidthRate 100 KBytes # Throttle traffic to 100KB/s (800Kbps) #RelayBandwidthRate 100 KBytes # Throttle traffic to 100KB/s (800Kbps)
#RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb) #RelayBandwidthBurst 200 KBytes # But allow bursts up to 200KB (1600Kb)
RelayBandwidthRate 20 MBytes # Throttle traffic to 100KB/s (800Kbps) RelayBandwidthRate 20 MBytes # Throttle traffic to 100KB/s (800Kbps)
RelayBandwidthBurst 35 MBytes # But allow bursts up to 200KB (1600Kb) RelayBandwidthBurst 40 MBytes # But allow bursts up to 200KB (1600Kb)
## Use these to restrict the maximum traffic per day, week, or month. ## Use these to restrict the maximum traffic per day, week, or month.
## Note that this threshold applies separately to sent and received bytes, ## Note that this threshold applies separately to sent and received bytes,
@ -156,7 +155,6 @@ RelayBandwidthBurst 35 MBytes # But allow bursts up to 200KB (1600Kb)
#ContactInfo Random Person <nobody AT example dot com> #ContactInfo Random Person <nobody AT example dot com>
## You might also include your PGP or GPG fingerprint if you have one: ## You might also include your PGP or GPG fingerprint if you have one:
#ContactInfo 0xFFFFFFFF Random Person <nobody AT example dot com> #ContactInfo 0xFFFFFFFF Random Person <nobody AT example dot com>
ContactInfo
## Uncomment this to mirror directory information for others. Please do ## Uncomment this to mirror directory information for others. Please do
## if you have enough bandwidth. ## if you have enough bandwidth.
DirPort 9091 # what port to advertise for directory connections DirPort 9091 # what port to advertise for directory connections
@ -234,6 +232,7 @@ DirPort 9091 # what port to advertise for directory connections
#ExitPolicy accept *4:119 # accept nntp ports on IPv4 only as well as default exit policy #ExitPolicy accept *4:119 # accept nntp ports on IPv4 only as well as default exit policy
#ExitPolicy accept6 *6:119 # accept nntp ports on IPv6 only as well as default exit policy #ExitPolicy accept6 *6:119 # accept nntp ports on IPv6 only as well as default exit policy
ExitPolicy reject *:* # no exits allowed ExitPolicy reject *:* # no exits allowed
ExitRelay 0
## Bridge relays (or "bridges") are Tor relays that aren't listed in the ## Bridge relays (or "bridges") are Tor relays that aren't listed in the
## main directory. Since there is no complete public list of them, even an ## main directory. Since there is no complete public list of them, even an