From f21dc4ee37f580a5af857c1c1c7ea4be4daf78cc Mon Sep 17 00:00:00 2001
From: Wonderfall <wonderfall@schrodinger.io>
Date: Sun, 8 May 2016 00:37:04 +0200
Subject: [PATCH] tor: compile from source and verify tarball using gpg

---
 tor/Dockerfile | 39 +++++++++++++++++++++++++++++++--------
 1 file changed, 31 insertions(+), 8 deletions(-)

diff --git a/tor/Dockerfile b/tor/Dockerfile
index 9871b62..0cbcc1d 100644
--- a/tor/Dockerfile
+++ b/tor/Dockerfile
@@ -1,16 +1,39 @@
-FROM alpine:edge
+FROM alpine:3.3
 
 ARG ARM_VERSION=1.4.5.0
+ARG TOR_VERSION=0.2.7.6
+ARG TOR_USER_ID=45553
+
 ENV TERM=xterm
 
-VOLUME /tor /torconfig
+VOLUME /usr/local/etc/tor
 
-RUN echo "@testing http://nl.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
- && apk -U add tor@testing python openssl ca-certificates \
- && wget -q https://www.atagar.com/arm/resources/static/arm-${ARM_VERSION}.tar.bz2 -P /tmp \
- && tar xjf /tmp/arm-${ARM_VERSION}.tar.bz2 -C /tmp && cd /tmp/arm && ./install \
- && rm -rf /var/cache/apk/* /tmp/* \
- && chown -R tor /etc/tor /tor /torconfig
+RUN BUILD_DEPS=" \
+    libevent-dev \
+    openssl-dev \
+    build-base \
+    gnupg \
+    ca-certificates" \
+ && apk -U add \
+    ${BUILD_DEPS} \
+    python \
+    libevent \
+    openssl \
+ && cd /tmp \
+ && wget -q https://www.torproject.org/dist/tor-${TOR_VERSION}.tar.gz \
+ && wget -q https://www.torproject.org/dist/tor-${TOR_VERSION}.tar.gz.asc \
+ && gpg --keyserver keys.gnupg.net --recv-keys 0x165733EA \
+ && gpg --verify tor-0.2.7.6.tar.gz.asc \
+ && tar xzf tor-${TOR_VERSION}.tar.gz \
+ && cd tor-${TOR_VERSION} \
+ && ./configure --disable-asciidoc \
+ && make && make install \
+ && adduser -H -D -s /sbin/nologin -u ${TOR_USER_ID} tor \
+ && cd /tmp \
+ && wget -q https://www.atagar.com/arm/resources/static/arm-${ARM_VERSION}.tar.bz2  \
+ && tar xjf /tmp/arm-${ARM_VERSION}.tar.bz2 && cd arm && ./install \
+ && apk del ${BUILD_DEPS} \
+ && rm -rf /var/cache/apk/* /tmp/*
 
 EXPOSE 9001 9030
 USER tor