caspertian 2018-10-05
InstallDockerandTorNetworkandProxyServiceonCentOS7
HowtorunTornetworkandProxyService
Itisdocker,soonlythingweneedonourtargetmachineisdocker.Notor,noproxy,nopython,nojava,justdockerenvironment.Thiswilldoworkforalltheotherdockerapplicationsaswell.
Sointhefuture,thetargetmachinewillbecleanandclear.Notjavaversionconflict,nopythonversionconflict,nootherinstallationissues.
MytargetserverisCentOS7
First,checkthesoftwaredatabaseindex
>sudoyumcheck-update
InstallDockerService
>curl-fsSLhttps://get.docker.com/|sh
StarttheDockerService
>sudosystemctlstartdocker
Aftertheinstallation,wecancheck
>docker--version
Dockerversion18.06.1-ce,builde68fc7a
DirectlyinstallprivoxyonCentOSfromSourceCode
https://wiki.polaire.nl/doku.php?id=centos7_privoxy
http://www.privoxy.org/sf-download-mirror/Sources/3.0.26%20%28stable%29/
Hereisthecommandtofetchtheprivoxysourcecode
>wgethttp://www.privoxy.org/sf-download-mirror/Sources/3.0.26%20%28stable%29/privoxy-3.0.26-stable-src.tar.gz
Installthebuildtoolweneed
>sudoyumgroupinstalldevelopmenttools
>sudoyuminstallzlib-develpcre-develw3m
Unzipthefile
>tarzxvfprivoxy-3.0.26-stable-src.tar.gz
Buildthesource
>cdprivoxy-3.0.26-stable
>autoheader
>autoconf
>./configure--with-user=privoxy--with-group=privoxy--prefix=/home/carl/tool/privoxy-3.0.26
>make
>make-ninstall
>make-sinstallUSER=privoxyGROUP=privoxy
Userprivoxyandgroupprivoxynotworking,soIswitchtousemycurrentsudousercarl,thiscommandcanstartthatservice
sudo/opt/privoxy/sbin/privoxy--pidfile/opt/privoxy/var/run/privoxy.pid--usercarl/opt/privoxy/etc/config2>/dev/null
Copythescripttoworkingdirectory
>sudocpprivoxy-generic.init/etc/init.d/privoxy
>sudochkconfig--addprivoxy
>sudochkconfigprivoxyon
Editthe/etc/init.d/privoxyasfollow:
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/xpg4/bin:/usr/bin:/sbin:/bin:/opt/privoxy/sbin
P_NAME=Privoxy
#Pathtoexecutable.
P_DAEMON=privoxy
#FullpathtolocationofPrivoxyconfigfile.
P_CONF_FILE=/opt/privoxy/etc/config
#FullpathtoPIDfilelocation.Locationmustbewritableby
#whoeverrunsthisscriptandbyPrivoxyitself.
P_PIDFILE=/opt/privoxy/var/run/privoxy.pid
#Ifuncommented,thisscriptwilltrytorunasUSER=privoxy,which
#mayrequirespecialhandlingofconfig,*.action,trust,logfile,
#jarfile,andpidfile.
P_USER=carl
Commandcanwork
>sudoserviceprivoxystart
Theprivoxyconfigurationwillbeasfollow:
forward-socks5t/127.0.0.1:9050.
listen-address0.0.0.0:8119
SetUptheTorfromCommandLine
sudoyuminstalltor
Generatethepasswordfortor
>echoHashedControlPassword$(tor--hash-password“xxxxxxxx")
Addthesetothefileend
>sudoless/etc/tor/torrc
ControlPort9051
ControlListenAddress0.0.0.0
HashedControlPassword16:xxxxxxxxxxxxxx
Checkthepermissionofonedirectory
>chmod400/run/tor
SomeTips
Optionalcommandsifyouneeded
>sudoyum-config-manager--disablechromium-el6
>sudousermod-aGdockercarl
HereistheDockerinformation
start.sh
#!/bin/sh-ex
#starttheservice
/etc/init.d/privoxystart
tor
HereistheMakefile
IMAGE=sillycat/public
TAG=centos-tornetwork-1.0
NAME=centos-tornetwork-1.0
prepare:
wgethttp://www.privoxy.org/sf-download-mirror/Sources/3.0.26%20%28stable%29/privoxy-3.0.26-stable-src.tar.gz-Pinstall/
docker-context:
build:docker-context
dockerbuild-t$(IMAGE):$(TAG).
run:
dockerrun-d-p9051:9051-p8119:8119--name$(NAME)$(IMAGE):$(TAG)
debug:
dockerrun-p9051:9051-p8119:8119--name$(NAME)-ti$(IMAGE):$(TAG)/bin/bash
clean:
dockerstop${NAME}
dockerrm${NAME}
logs:
dockerlogs${NAME}
publish:
dockerpush${IMAGE}
HereistheDockerfilewithallthestepsandDetails
#RunaTorNetworkServer
#PreparetheOS
FROMcentos:7
MAINTAINERCarlLuo<[email protected]>
#upgradethesystem
RUNyum-yupdate
#Preparethedenpendencies
RUNyuminstall-yepel-release
RUNyuminstall-ytor
RUNyumgroupinstall-ydevelopmenttools
RUNyuminstall-ywgetgccmake
RUNyuminstall-yzlib-develpcre-develw3m
#setuptorconfiguration
RUNecho"ControlPort9051">>/etc/tor/torrc
RUNecho"ControlListenAddress0.0.0.0">>/etc/tor/torrc
RUNechoHashedControlPassword$(tor--hash-password"xxxxxxxxx"|tail-n1)>>/etc/tor/torrc
RUNrm-fr/run/tor/
RUNmkdir/run/tor
RUNchmod400/run/tor
#manuallyinstallprivoxy
RUNadduserprivoxy
RUNusermod-aGwheelprivoxy
RUNmkdir/install/
RUNmkdir/tool/
ADDinstall/privoxy-3.0.26-stable-src.tar.gz/install/
WORKDIR/install/privoxy-3.0.26-stable
RUNautoheader
RUNautoconf
RUN./configure--with-user=privoxy--with-group=wheel--prefix=/tool/privoxy-3.0.26
RUNmake
RUNmake-ninstall
RUNmake-sinstallUSER=privoxyGROUP=wheel
#setupforwardconfiguration
RUNecho"forward-socks5t/127.0.0.1:9050.">>/tool/privoxy-3.0.26/etc/config
RUNecho"listen-address0.0.0.0:8119">>/tool/privoxy-3.0.26/etc/config
ADDconf/privoxy/etc/init.d/privoxy
RUNchmoda+x/etc/init.d/privoxy
#setuptheapp
EXPOSE90518119
RUNmkdir-p/app/
ADDstart.sh/app/
WORKDIR/app/
CMD["./start.sh"]
The/etc/init.d/privoxyScripttostarttheservice
#!/bin/sh
###########################################################################
#
#File:$Source:/cvsroot/ijbswa/current/privoxy-generic.init,v$
#
#Purpose:Thisscripttakescareofstartingandstoppingprivoxy.
#Itissupposedtoworkcross-platformandthusdoesn't
#dotoomuch.WhenpackagingPrivoxyit'srecommendedto
#writeaplatform-specificstartscriptinsteadofusing
#thisone.
#
#Copyright:WrittenbyandCopyright(C)2001,2002the
#Privoxyteam.http://www.privoxy.org/
#
#Thisprogramisfreesoftware;youcanredistributeit
#and/ormodifyitunderthetermsoftheGNUGeneral
#PublicLicenseaspublishedbytheFreeSoftware
#Foundation;eitherversion2oftheLicense,or(at
#youroption)anylaterversion.
#
#Thisprogramisdistributedinthehopethatitwill
#beuseful,butWITHOUTANYWARRANTY;withouteventhe
#impliedwarrantyofMERCHANTABILITYorFITNESSFORA
#PARTICULARPURPOSE.SeetheGNUGeneralPublic
#Licenseformoredetails.
#
#TheGNUGeneralPublicLicenseshouldbeincludedwith
#thisfile.Ifnot,youcanviewitat
#http://www.gnu.org/copyleft/gpl.html
#orwritetotheFreeSoftwareFoundation,Inc.,59
#TemplePlace-Suite330,Boston,MA02111-1307,USA.
#
###########################################################################
###BEGININITINFO
#Provides:privoxy
#Required-Start:
#Required-Stop:
#Default-Start:2345
#Default-Stop:016
#Short-Description:Startprivoxyatboottime
#Description:Startandstoptheprivacy-enhancingHTTPproxyprivoxy.
###ENDINITINFO
#NOTE:Thisscriptmayrequireeditingtoensureproperlocationof
#configfile,andtheprivoxyexecutable.Careshouldbetakentoensure
#logfileiswritableby$P_USER(logfileisdefinedinconfig),andthat
#thereissuitablewriteaccessfor$P_PIDFILE.
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/xpg4/bin:/usr/bin:/sbin:/bin:/tool/privoxy-3.0.26/sbin
P_NAME=Privoxy
#Pathtoexecutable.
P_DAEMON=privoxy
#FullpathtolocationofPrivoxyconfigfile.
P_CONF_FILE=/tool/privoxy-3.0.26/etc/config
#FullpathtoPIDfilelocation.Locationmustbewritableby
#whoeverrunsthisscriptandbyPrivoxyitself.
P_PIDFILE=/tool/privoxy-3.0.26/var/run/privoxy.pid
#Ifuncommented,thisscriptwilltrytorunasUSER=privoxy,which
#mayrequirespecialhandlingofconfig,*.action,trust,logfile,
#jarfile,andpidfile.
P_USER=privoxy
#Ifaprivoxyuserisspecified,letstrythat./bin/shdoesnotseemto
#knowabout$UID.
if[0=`id-u`];then
if[-n"$P_USER"];then
id$P_USER2>/dev/null>/dev/null
if[$?-eq0];then
P_USER_SETTINGS="--user$P_USER"
else
echo"User$P_USERdoesn'texist,exiting."
exit1
fi
else
#Theuserhassufficientrights,but$P_USERisn'tset
echo"RunningPrivoxyasrootisnotrecommended!"
P_USER_SETTINGS=""
fi
else
#TheuserhasinsufficientrightstorunPrivoxyas$P_USER
#andmaynotbeabletowriteordeletethePIDfile.
echo"Youaren'troot,expecttrouble!"
P_USER_SETTINGS=""
fi
if[!-f$P_CONF_FILE];then
echo"Can'tfind$P_CONF_FILE,exiting."
exit1
fi
case"$1"in
start)
if[-f$P_PIDFILE];then
ifkill-0`cat$P_PIDFILE`;then
echo"Error:$P_NAMEisalreadyrunning,exiting."
exit1
else
rm-f$P_PIDFILE
fi
fi
$P_DAEMON--pidfile$P_PIDFILE$P_USER_SETTINGS$P_CONF_FILE2>/dev/null
if[$?-eq0];then
echo"Starting$P_NAME,OK."
else
echo"Starting$P_NAME,Failed."
rm-f$P_PIDFILE
fi
;;
restart)
$0stop
$0start
;;
stop)
test!-f$P_PIDFILE&&echo"No$P_PIDFILEfilefound,exiting."&&exit1
kill`cat$P_PIDFILE`&&rm-f$P_PIDFILE&&\
echo"Stopping$P_NAME,OK."||echo"Stopping$P_NAME,failed."
;;
*)
echo"Usage:$0{start|stop|restart}"
exit1
;;
esac
exit0
HowtoVerifythat?
HowtochangetheIP
>echo-e'AUTHENTICATE“xxxxxxxxx"\r\nsignalNEWNYM\r\nQUIT'|nclocalhost9051
ChecktheIP
>curl-xlocalhost:8118http://icanhazip.com/
HowtochangetheIPfromremote
>echo-e'AUTHENTICATE“xxxxxxxxx"\r\nsignalNEWNYM\r\nQUIT'|ncubuntu-master9051
ChecktheIPfromRemote
>curl-xcentos-dev1:8118http://icanhazip.com/
References:
https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-centos-7
https://hub.docker.com/_/centos/
https://linuxacademy.com/community/posts/show/topic/21629-docker-failed-to-get-dbus-connection-operation-not-permitted
https://serverfault.com/questions/824975/failed-to-get-d-bus-connection-operation-not-permitted
https://github.com/CentOS/sig-cloud-instance-images/issues/45
https://www.rosehosting.com/blog/how-to-create-a-sudo-user-on-centos-7/