add obfs4 bridges support

Dockerfile

@@ -1,17 +1,20 @@
 FROM alpine:edge
 
-RUN apk add 'tor' --no-cache \
+RUN apk update
+
+RUN apk add tor --no-cache \
   --repository http://dl-cdn.alpinelinux.org/alpine/edge/community \
   --repository http://dl-cdn.alpinelinux.org/alpine/edge/main \
   --allow-untrusted haproxy ruby privoxy
+RUN apk add --no-cache obfs4proxy \
+  --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing
 
 RUN apk --update add --virtual build-dependencies ruby-bundler ruby-dev  \
-  && apk add ruby-nokogiri --update-cache --repository http://dl-4.alpinelinux.org/alpine/v3.3/main/ \
-  && gem install --no-ri --no-rdoc socksify \
-  && apk del build-dependencies \
-  && rm -rf /var/cache/apk/*
-
+  && apk add ruby-nokogiri --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/edge/main/ \
+  && gem install --no-document socksify \
+  && apk del build-dependencies
 
+ADD torrc.erb       /usr/local/etc/torrc.erb
 ADD haproxy.cfg.erb /usr/local/etc/haproxy.cfg.erb
 ADD privoxy.cfg.erb /usr/local/etc/privoxy.cfg.erb
 
@@ -20,4 +23,4 @@ RUN chmod +x /usr/local/bin/start.rb
 
 EXPOSE 2090 8118 5566
 
-CMD ruby /usr/local/bin/start.rb
+CMD syslogd && ruby /usr/local/bin/start.rb

README.md

@@ -44,6 +44,7 @@ Environment Variables
    (Default: http://google.com)
  * `test_status` - Integer, HTTP status code for `test_url` in working case.
    (Default: 302)
+ * `tor_bridges` - A semicolon(;) seperated list of obfs4 bridges.
 
 Usage
 -----

start.rb

@@ -86,30 +86,36 @@ class Tor < Base
     attr_reader :new_circuit_period
     attr_reader :max_circuit_dirtiness
     attr_reader :circuit_build_timeout
+    attr_reader :bridges
 
     def initialize(port)
+      @config_erb_path = "/usr/local/etc/torrc.erb"
       @port = port
       @new_circuit_period = ENV['new_circuit_period'] || 120
       @max_circuit_dirtiness = ENV['max_circuit_dirtiness'] || 600
       @circuit_build_timeout = ENV['circuit_build_timeout'] || 60
+      @bridges = ENV.has_key?('tor_bridges') ? ENV['tor_bridges'].split(';') : []
     end
 
     def data_directory
       "#{super}/#{port}"
     end
 
+    def config_path
+      "#{data_directory}-torrc"
+    end
+
     def start
       super
+      compile_config
       self.class.fire_and_forget(executable,
-                                 "--SocksPort #{port}",
-                                 "--NewCircuitPeriod #{new_circuit_period}",
-                                 "--MaxCircuitDirtiness #{max_circuit_dirtiness}",
-                                 "--CircuitBuildTimeout #{circuit_build_timeout}",
-                                 "--DataDirectory #{data_directory}",
-                                 "--PidFile #{pid_file}",
-                                 "--Log \"warn syslog\"",
-                                 '--RunAsDaemon 1',
-                                 "| logger -t 'tor' 2>&1")
+                                 "-f #{config_path}",
+                                 "| logger -t 'tor#{port}' 2>&1")
+    end
+
+    private
+    def compile_config
+      File.write(config_path, ERB.new(File.read(@config_erb_path)).result(binding))
     end
   end
 
@@ -257,8 +263,8 @@ def compile_config
   proxies.each do |proxy|
     $logger.info "testing proxy #{proxy.id} (port #{proxy.port})"
     proxy.restart unless proxy.working?
-    $logger.info "sleeping for #{tor_instances} seconds"
-    sleep Integer(tor_instances)
+  $logger.info "sleeping for #{tor_instances} seconds"
+  sleep Integer(tor_instances)
   end
 
   $logger.info "sleeping for 60 seconds"

torrc.erb

@@ -0,0 +1,10 @@
+SocksPort <%= port %>
+NewCircuitPeriod <%= new_circuit_period %>
+MaxCircuitDirtiness <%= max_circuit_dirtiness %>
+CircuitBuildTimeout <%= circuit_build_timeout %>
+DataDirectory <%= data_directory %>
+PidFile <%= pid_file %>
+<% if bridges.length > 0 %>UseBridges 1
+ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy --managed<% bridges.each do |b| %>
+Bridge <%= b %><% end %><% end %>
+RunAsDaemon 1