[TOR] http tunnel capability

2026-01-11 02:11:01 +01:00 · 2025-02-13 09:04:18 +00:00
parent 4ebacf00f1
commit c160c390a9
4 changed files with 26 additions and 9 deletions
--- a/tor/CHANGELOG.md
+++ b/tor/CHANGELOG.md
@@ -13,3 +13,7 @@
 ## 5.0.1-4 (14-08-2024)

 - Add execution permission for permission for /etc/s6-overlay/s6-overlay/s6-rc.d/init-tor/run file
+
+## 5.0.2-1 (13-02-2025)
+
+- HTTP tunneling
--- a/tor/README.md
+++ b/tor/README.md
@@ -42,6 +42,10 @@ The installation of this add-on is pretty straightforward and not different in c

 You should follow to the initial guide for configuring base addon options. Here will described only extra options in comparisons with base:

+### Option: `http_tunnel`
+
+Setting this option to true opens port 9080 to listen for connections from HTTP-speaking applications. Enabling this feature allows you to use other applications on your network to use the Tor network via http proxy.
+
 ### Option: `bridges`

 > Ensure the option value is clear to avoid unintended use of transport plugins and bridges.
--- a/tor/config.json
+++ b/tor/config.json
@@ -21,13 +21,16 @@
      "8123:80"
    ],
    "socks": false,
+    "http_tunnel": false,
    "stealth": false
  },
  "ports": {
-    "9050/tcp": 9050
+    "9050/tcp": 9050,
+    "9080/tcp": 9080
  },
  "ports_description": {
-    "9050/tcp": "Tor SOCKS proxy port"
+    "9050/tcp": "Tor SOCKS proxy port",
+    "9080/tcp": "Tor HTTP tunnel port"
  },
  "schema": {
    "bridges": [
@@ -42,10 +45,11 @@
      "match(^(.*:)?(?:[0-9]{1,4}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])?$)"
    ],
    "socks": "bool",
+    "http_tunnel": "bool",
    "stealth": "bool"
  },
  "slug": "tor",
  "startup": "services",
  "url": "https://github.com/alexbelgium/hassio-addons",
-  "version": "5.0.1-4"
-}
+  "version": "5.0.2-1"
+}
--- a/tor/rootfs/etc/s6-overlay/s6-rc.d/init-tor/run
+++ b/tor/rootfs/etc/s6-overlay/s6-rc.d/init-tor/run
@@ -89,10 +89,15 @@ else
    echo 'SOCKSPort 127.0.0.1:9050' >> "${torrc}"
 fi

+# Configure Http tunnel port
+if bashio::config.true 'http_tunnel'; then
+    echo 'HTTPTunnelPort 9080' >> "${torrc}"
+fi
+
 # Configure hidden services
 if bashio::config.true 'hidden_services'; then
    echo "HiddenServiceDir ${hidden_service_dir}" >> "${torrc}"
-    
+
    for port in $(bashio::config 'ports'); do
        count=$(echo "${port}" | sed 's/[^:]//g'| awk '{ print length }')
        if [[ "${count}" == 0 ]]; then
@@ -134,13 +139,13 @@ then

    # Add client for OBFS transport
    echo "ClientTransportPlugin obfs2,obfs3,obfs4,scramblesuit exec /usr/local/bin/obfs4proxy managed" >> "${torrc}"
-    
+
    # Add client for Snowflake transport
    echo "ClientTransportPlugin snowflake exec /usr/local/bin/snowflake" >> "${torrc}"

    # Add client for WebTunnel transport
    echo "ClientTransportPlugin webtunnel exec /usr/local/bin/webtunnel" >> "${torrc}"
-    
+
    # Add bridges
    while read -r bridge; do
        bashio::log.info "Bridge ${bridge}"
@@ -178,7 +183,7 @@ then
    while read -r clientname; do
        # Generate key is they do not exist yet
        if ! bashio::fs.file_exists "${authorized_clients_dir}/${clientname}.auth"
-        then 
+        then
            key=$(openssl genpkey -algorithm x25519)

            private_key=$(
@@ -226,7 +231,7 @@ then
            bashio::log.red "Private key:"
            bashio::log.red "${private_key}"
            bashio::log.red
-            bashio::log.red 
+            bashio::log.red
        else
            bashio::log.info "Keys for ${clientname} already exists; skipping..."
        fi