tor-browser/Dockerfile

55 lines
1.6 KiB
Docker
Raw Normal View History

2016-02-27 18:19:26 +00:00
FROM debian
2016-02-27 17:56:39 +00:00
2016-04-10 15:27:48 +00:00
# TODO(hkjn): Use alpine as base.
2016-02-27 17:56:39 +00:00
MAINTAINER Henrik Jonsson <me@hkjn.me>
2016-08-14 09:39:23 +00:00
ENV TOR_VERSION 6.5a2-hardened
2016-06-19 15:27:43 +00:00
# Taken from https://dist.torproject.org/torbrowser/$TOR_VERSION/sha256sums-unsigned-build.txt
2016-08-14 09:39:23 +00:00
ENV SHA256_CHECKSUM 9b6dcc558ff386e8d4c1387f97f1830944bcc370aeb6202bead6c2cc063ed4ad
2016-02-27 17:56:39 +00:00
ENV LANG C.UTF-8
ENV RELEASE_FILE tor-browser-linux64-${TOR_VERSION}_ALL.tar.xz
ENV RELEASE_KEY 0x4E2C6E8793298290
ENV RELEASE_URL https://dist.torproject.org/torbrowser/${TOR_VERSION}/${RELEASE_FILE}
RUN apt-get update && \
apt-get install -y \
ca-certificates \
curl \
libasound2 \
libdbus-glib-1-2 \
libgtk2.0-0 \
libxrender1 \
libxt6 \
xz-utils && \
rm -rf /var/lib/apt/lists/*
ENV HOME /home/user
RUN useradd --create-home --home-dir $HOME user && \
chown -R user:user $HOME
WORKDIR /usr/local/bin
2016-04-10 15:27:48 +00:00
# TODO(hkjn): Stop having gpg import key command separate layer, if we
# can figure out why it's flaky and commonly gives "keys: key
# 4E2C6E8793298290 can't be retrieved, gpg: no valid OpenPGP data
# found."
RUN gpg --keyserver pgp.mit.edu --recv-keys $RELEASE_KEY
RUN curl --fail -O -sSL ${RELEASE_URL} && \
2016-02-27 17:56:39 +00:00
curl --fail -O -sSL ${RELEASE_URL}.asc && \
gpg --verify ${RELEASE_FILE}.asc && \
echo "$SHA256_CHECKSUM $RELEASE_FILE" > sha256sums.txt && \
sha256sum -c sha256sums.txt && \
2016-02-27 17:56:39 +00:00
tar --strip-components=1 -vxJf ${RELEASE_FILE} && \
rm -v ${RELEASE_FILE}* sha256sums.txt && \
2016-05-08 15:58:14 +00:00
mkdir /usr/local/bin/Browser/Downloads && \
2016-05-11 21:26:40 +00:00
chown -R user:user /usr/local/bin/Browser/Downloads
2016-02-27 17:56:39 +00:00
WORKDIR /usr/local/bin/Browser/Downloads
USER user
COPY [ "start.sh", "/usr/local/bin/" ]
2016-02-29 20:57:29 +00:00
CMD [ "start.sh" ]