Remove Privoxy, use native Tor HTTP, warning on README.

Dockerfile

@@ -1,6 +1,6 @@
 FROM alpine:edge
 
-RUN apk add --no-cache haproxy ruby privoxy libevent libressl2.6-libcrypto libressl2.6-libssl zlib zstd xz-libs
+RUN apk add --no-cache haproxy ruby libevent libressl2.6-libcrypto libressl2.6-libssl zlib zstd xz-libs
 
 RUN apk --update add --virtual build-dependencies ruby-bundler ruby-dev git build-base automake autoconf libevent-dev libressl-dev zlib-dev ruby-nokogiri zstd-dev \
   && gem install --no-ri --no-rdoc socksify \
@@ -18,7 +18,6 @@ RUN apk --update add --virtual build-dependencies ruby-bundler ruby-dev git buil
 
 
 ADD haproxy.cfg.erb /usr/local/etc/haproxy.cfg.erb
-ADD privoxy.cfg.erb /usr/local/etc/privoxy.cfg.erb
 
 ADD start.rb /usr/local/bin/start.rb
 RUN chmod +x /usr/local/bin/start.rb

README.md

@@ -1,12 +1,17 @@
 alpine-tor
 ==================
 
+# PLEASE NOTE THAT THIS IS INSECURE FOR GENERAL USAGE
+# FORK THIS AND REMOVE TOR2WEB MODE IF YOU NEED SECURITY
+# OR USE THIS FOR YOUR OWN TOR2WEB NODE IF YOU UNDERSTAND HOW BAD THIS IS
+
+
 ```
                Docker Container
                -------------------------------------
-               (Optional)           <-> Tor Proxy 1
-Client <---->   Privoxy <-> HAproxy <-> Tor Proxy 2
-                                    <-> Tor Proxy n
+                        <-> Tor Proxy 1
+Client <---->   HAproxy <-> Tor Proxy 2
+                        <-> Tor Proxy n
 ```
 
 Parents
@@ -19,10 +24,6 @@ Parents
 __Why:__ Lots of IP addresses. One single endpoint for your client.
 Load-balancing by HAproxy.
 
-Optionaly adds support for [Privoxy](https://www.privoxy.org/) using
-`-e privoxy=1`, useful for http (default `8118`, changable via
-`-e privoxy_port=<port>`) proxy forward and ad removal.
-
 Environment Variables
 -----
  * `tors` - Integer, number of tor instances to run. (Default: 20)
@@ -32,9 +33,8 @@ Environment Variables
    seconds. (Default: 10 minutes)
  * `circuit_build_timeout` - Integer, CircuitBuildTimeout parameter value in
    seconds. (Default: 60 seconds)
- * `privoxy` - Boolean, whatever to run insance of privoxy in front of haproxy.
- * `privoxy_port` - Integer, port for privoxy. (Default: 8118)
- * `haproxy_port` - Integer, port for haproxy. (Default: 5566)
+ * `haproxy_port_http` - Integer, port for http tunneling. (Default: 8118)
+ * `haproxy_port_socks` - Integer, port for haproxy. (Default: 5566)
  * `haproxy_stats` - Integer, port for haproxy monitor. (Default: 2090)
  * `haproxy_login` and `haproxy_pass` - BasicAuth config for haproxy monitor.
    (Default: `admin` in both variables)
@@ -56,13 +56,10 @@ docker pull zeta0/alpine-tor:latest
 # start docker container
 docker run -d -p 5566:5566 -p 2090:2090 -e tors=25 zeta0/alpine-tor
 
-# start docker with privoxy enabled and exposed
-docker run -d -p 8118:8118 -p 2090:2090 -e tors=25 -e privoxy=1 zeta0/alpine-tor
-
 # test with ...
 curl --socks5 localhost:5566 http://httpbin.org/ip
 
-# or if privoxy enabled ...
+# or with http
 curl --proxy localhost:8118 http://httpbin.org/ip
 
 # or to run chromium with your new found proxy
@@ -85,4 +82,3 @@ Further Readings
  * [Tor Manual](https://www.torproject.org/docs/tor-manual.html.en)
  * [Tor Control](https://www.thesprawl.org/research/tor-control-protocol/)
  * [HAProxy Manual](http://cbonte.github.io/haproxy-dconv/index.html)
- * [Privoxy Manual](https://www.privoxy.org/user-manual/)

haproxy.cfg.erb

@@ -21,14 +21,30 @@ listen stats
   stats auth <%= login %>:<%= pass %>
 
 
-listen TOR-in
-  bind *:<%= port %>
+listen TOR-in-socks
+  bind *:<%= port_socks %>
   mode tcp
-  default_backend TOR
+  default_backend TORSocks
   balance roundrobin
 
-backend TOR
+listen TOR-in-http
+  bind *:<%= port_http %>
+  mode tcp
+  default_backend TORHTTP
+  balance roundrobin
+
+backend TORSocks
+  mode tcp
+  <% backends.each do |b| %>
+  <% if b[:name] == 'tor_socks' %>
+  server <%= b[:addr] %>:<%= b[:port] %> <%= b[:addr] %>:<%= b[:port] %> check
+  <% end %>
+  <% end %>
+
+backend TORHTTP
   mode tcp
   <% backends.each do |b| %>
+  <% if b[:name] == 'tor_http' %>
   server <%= b[:addr] %>:<%= b[:port] %> <%= b[:addr] %>:<%= b[:port] %> check
   <% end %>
+  <% end %>

start.rb

@@ -7,10 +7,12 @@
 
 module Service
   class Base
-    attr_reader :port
+    attr_reader :port_socks
+    attr_reader :port_http
 
-    def initialize(port)
-      @port = port
+    def initialize(port_socks, port_http)
+      @port_socks = port_socks
+      @port_http = port_http
     end
 
     def service_name
@@ -19,7 +21,7 @@ def service_name
 
     def start
       ensure_directories
-      $logger.info "starting #{service_name} on port #{port}"
+      $logger.info "starting #{service_name} on port #{port_socks}/#{port_http} [SOCKS/HTTP]"
     end
 
     def ensure_directories
@@ -34,24 +36,24 @@ def data_directory
     end
 
     def pid_file
-      "/var/run/#{service_name}/#{port}.pid"
+      "/var/run/#{service_name}/#{port_socks}.pid"
     end
 
     def executable
       self.class.which(service_name)
     end
 
     def stop
-      $logger.info "stopping #{service_name} on port #{port}"
+      $logger.info "stopping #{service_name} on port #{port_socks}/#{port_http} [SOCKS/HTTP]"
       if File.exists?(pid_file)
         pid = File.read(pid_file).strip
         begin
           self.class.kill(pid.to_i)
         rescue => e
-          $logger.warn "couldn't kill #{service_name} on port #{port}: #{e.message}"
+          $logger.warn "couldn't kill #{service_name} on port #{port_socks}/#{port_http} [SOCKS/HTTP]: #{e.message}"
         end
       else
-        $logger.info "#{service_name} on port #{port} was not running"
+        $logger.info "#{service_name} on port #{port_socks}/#{port_http} [SOCKS/HTTP] was not running"
       end
     end
 
@@ -87,28 +89,30 @@ class Tor < Base
     attr_reader :max_circuit_dirtiness
     attr_reader :circuit_build_timeout
 
-    def initialize(port)
-      @port = port
+    def initialize(port_socks, port_http)
+      @port_socks = port_socks
+      @port_http = port_http
       @new_circuit_period = ENV['new_circuit_period'] || 120
       @max_circuit_dirtiness = ENV['max_circuit_dirtiness'] || 600
       @circuit_build_timeout = ENV['circuit_build_timeout'] || 60
     end
 
     def data_directory
-      "#{super}/#{port}"
+      "#{super}/#{port_socks}"
     end
 
     def start
       super
       self.class.fire_and_forget(executable,
-                                 "--SocksPort #{port}",
+                                 "--SocksPort #{port_socks}",
+                                 "--HTTPTunnelPort #{port_http}",
                                  "--NewCircuitPeriod #{new_circuit_period}",
                                  "--MaxCircuitDirtiness #{max_circuit_dirtiness}",
                                  "--CircuitBuildTimeout #{circuit_build_timeout}",
                                  "--DataDirectory #{data_directory}",
                                  "--PidFile #{pid_file}",
                                  '--RunAsDaemon 1',
-                                 '--tor2web 1')
+                                 '--Tor2webMode 1')
     end
   end
 
@@ -118,7 +122,7 @@ class Proxy
 
     def initialize(id)
       @id = id
-      @tor = Tor.new(tor_port)
+      @tor = Tor.new(tor_port_socks, tor_port_http)
     end
 
     def start
@@ -131,11 +135,17 @@ def stop
       @tor.stop
     end
 
-    def tor_port
+    def tor_port_socks
       10000 + id
     end
 
-    alias_method :port, :tor_port
+    def tor_port_http
+      20000 + id
+    end
+
+    alias_method :port, :tor_port_socks
+    alias_method :port_socks, :tor_port_socks
+    alias_method :port_http, :tor_port_http
   end
 
   class Haproxy < Base
@@ -151,7 +161,8 @@ def initialize()
       @stats = ENV['haproxy_stats'] || 2090
       @login = ENV['haproxy_login'] || 'admin'
       @pass = ENV['haproxy_pass'] || 'admin'
-      @port = ENV['haproxy_port'] || 5566
+      @port_socks = ENV['haproxy_port_socks'] || 5566
+      @port_http = ENV['haproxy_port_http'] || 8118
     end
 
     def start
@@ -171,29 +182,8 @@ def soft_reload
     end
 
     def add_backend(backend)
-      @backends << {:name => 'tor', :addr => '127.0.0.1', :port => backend.port}
-    end
-
-    private
-    def compile_config
-      File.write(@config_path, ERB.new(File.read(@config_erb_path)).result(binding))
-    end
-  end
-
-  class Privoxy < Base
-    attr_reader :haproxy
-
-    def initialize()
-      @config_erb_path = "/usr/local/etc/privoxy.cfg.erb"
-      @config_path = "/usr/local/etc/privoxy.cfg"
-      @port = ENV['privoxy_port'] || 8118
-      @haproxy = ENV['haproxy_port'] || 5566
-    end
-
-    def start
-      super
-      compile_config
-      self.class.fire_and_forget(executable, "--no-daemon", "#{@config_path}", "| logger 2>&1")
+      @backends << {:name => 'tor_socks', :addr => '127.0.0.1', :port => backend.port_socks}
+      @backends << {:name => 'tor_http', :addr => '127.0.0.1', :port => backend.port_http}
     end
 
     private
@@ -217,11 +207,6 @@ def compile_config
 
 haproxy.start
 
-if ENV['privoxy']
-  privoxy = Service::Privoxy.new
-  privoxy.start
-end
-
 sleep 60
 
 loop do