From dc938d6f3a1b4c25103e54b71d646efa56315438 Mon Sep 17 00:00:00 2001
From: Aleksandr Beshkenadze <beshkenadze@gmail.com>
Date: Sat, 2 Dec 2023 19:58:14 +0200
Subject: [PATCH 1/3] Build obfs4proxy from go package

---
 Dockerfile | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 6c5085e..9d8014b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,3 +1,21 @@
+# Dockerfile for Tor Relay Server with obfs4proxy (Multi-Stage build)
+FROM golang:alpine AS go-build
+
+
+# Install Go for building obfs4proxy.
+RUN apk --no-cache add --update go git  ca-certificates
+RUN mkdir -p /go/src /go/bin
+RUN chmod -R 644 /go
+ENV GOPATH /go
+ENV PATH /go/bin:$PATH
+WORKDIR /go
+# Build /go/bin/obfs4proxy & /go/bin/meek-server
+RUN go install -v gitlab.com/yawning/obfs4.git/obfs4proxy@latest \
+    && go install -v git.torproject.org/pluggable-transports/meek.git/meek-server@latest 
+
+# Copy the binaries to /usr/local/bin
+RUN cp /go/bin/* /usr/local/bin/
+
 FROM alpine:3.18
 
 LABEL maintainer="Peter Dave Hello <hsu@peterdavehello.org>"
@@ -7,12 +25,15 @@ LABEL version="latest"
 RUN echo '@edge https://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories && \
     echo '@edge https://dl-cdn.alpinelinux.org/alpine/edge/testing'   >> /etc/apk/repositories && \
     apk -U upgrade && \
-    apk -v add tor@edge obfs4proxy@edge curl && \
+    apk -v add tor@edge curl && \
     chmod 700 /var/lib/tor && \
     rm -rf /var/cache/apk/* && \
     tor --version
 COPY --chown=tor:root torrc /etc/tor/
 
+# Copy obfs4proxy & meek-server
+COPY --from=go-build /usr/local/bin/ /usr/local/bin/
+
 HEALTHCHECK --timeout=10s --start-period=60s \
     CMD curl --fail --socks5-hostname localhost:9150 -I -L 'https://www.facebookwkhpilnemxj7asaniu7vnjjbiltxjqhye3mhbshg7kx5tfyd.onion/' || exit 1
 

From dfdcc38a14642cbe62609c67576db9f6a8307f47 Mon Sep 17 00:00:00 2001
From: Aleksandr Beshkenadze <beshkenadze@gmail.com>
Date: Sat, 2 Dec 2023 21:17:15 +0200
Subject: [PATCH 2/3] Adds a conf bridges template. Updates the ReadME with a
 usage guide. Cleaning up the Dockerfile.

---
 .gitignore            |  1 +
 Dockerfile            | 20 +++++++++-----------
 README.md             | 31 +++++++++++++++++++++++++++++++
 bridges.conf.template |  7 +++++++
 torrc                 |  2 ++
 5 files changed, 50 insertions(+), 11 deletions(-)
 create mode 100644 .gitignore
 create mode 100644 bridges.conf.template

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..c3c5128
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+bridges.conf
diff --git a/Dockerfile b/Dockerfile
index 9d8014b..ac34257 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,17 +1,16 @@
-# Dockerfile for Tor Relay Server with obfs4proxy (Multi-Stage build)
 FROM golang:alpine AS go-build
 
-
 # Install Go for building obfs4proxy.
-RUN apk --no-cache add --update go git  ca-certificates
-RUN mkdir -p /go/src /go/bin
-RUN chmod -R 644 /go
+RUN apk --no-cache --update add go git ca-certificates \
+    && mkdir -p /go/src /go/bin \
+    && chmod -R 644 /go 
+
 ENV GOPATH /go
 ENV PATH /go/bin:$PATH
 WORKDIR /go
-# Build /go/bin/obfs4proxy & /go/bin/meek-server
-RUN go install -v gitlab.com/yawning/obfs4.git/obfs4proxy@latest \
-    && go install -v git.torproject.org/pluggable-transports/meek.git/meek-server@latest 
+
+# Build /go/bin/obfs4proxy
+RUN go install -v gitlab.com/yawning/obfs4.git/obfs4proxy@latest
 
 # Copy the binaries to /usr/local/bin
 RUN cp /go/bin/* /usr/local/bin/
@@ -24,10 +23,9 @@ LABEL version="latest"
 
 RUN echo '@edge https://dl-cdn.alpinelinux.org/alpine/edge/community' >> /etc/apk/repositories && \
     echo '@edge https://dl-cdn.alpinelinux.org/alpine/edge/testing'   >> /etc/apk/repositories && \
-    apk -U upgrade && \
-    apk -v add tor@edge curl && \
+    apk -v --no-cache --update add tor@edge curl && \
     chmod 700 /var/lib/tor && \
-    rm -rf /var/cache/apk/* && \
+    mkdir -p /etc/tor/torrc.d && \
     tor --version
 COPY --chown=tor:root torrc /etc/tor/
 
diff --git a/README.md b/README.md
index eba8b35..274200b 100644
--- a/README.md
+++ b/README.md
@@ -90,6 +90,37 @@ Use the prefix `ghcr.io/` if you prefer to use GitHub Container Registry.
     docker stop tor-socks-proxy
     ```
 
+## Configuration with Custom Bridges
+
+### Description
+
+To enhance privacy and bypass censorship, users can configure the `tor-socks-proxy` Docker container to use custom Tor bridges. The steps involve copying a template configuration file, obtaining bridge lines from the Tor Bridge Relay Database, and saving them to a configuration file. 
+
+**Procedure:**
+
+1. **Copy Configuration Template:**
+   - Copy `bridges.conf.template` to `bridges.conf`.
+
+2. **Obtain Bridge Lines:**
+   - Visit the Tor Bridge Relay Database at [https://bridges.torproject.org/bridges?transport=obfs4](https://bridges.torproject.org/bridges?transport=obfs4).
+   - Select bridge lines that use the `obfs4` transport.
+
+3. **Update Configuration File:**
+   - Save the obtained bridge lines to `bridges.conf`. 
+   - Format each line as shown below:
+
+     ```conf
+     Bridge obfs4 [IP Address]:[Port] [Fingerprint] cert=[Certificate] iat-mode=0
+     ```
+
+### Basic Example of Running with Custom Bridges
+
+Run the Docker container with the updated bridges configuration:
+
+```sh
+docker run -d --restart=always --name tor-socks-proxy -p 0.0.0.0:9100:9150 -v $(pwd)/bridges.conf:/etc/tor/torrc.d/bridges.conf peterdavehello/tor-socks-proxy
+```
+
 ## IP renewal
 
 - Tor changes circuit automatically every 10 minutes by default, which usually bring you the new IP address, it's affected by `MaxCircuitDirtiness` config, you can override it with your own `torrc`, or edit the config file and restart the container. See the official [manual](https://www.torproject.org/docs/tor-manual.html.en) for more details.
diff --git a/bridges.conf.template b/bridges.conf.template
new file mode 100644
index 0000000..d166954
--- /dev/null
+++ b/bridges.conf.template
@@ -0,0 +1,7 @@
+UseBridges 1
+ClientTransportPlugin obfs4 exec /usr/local/bin/obfs4proxy
+#Obtain bridge lines from Tor Bridge Relay Database (https://bridges.torproject.org/bridges?transport=obfs4)
+# See example below
+#Bridge obfs4 xx.xxx.xxx.xxx:0000 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx cert=xxxxxxxxxxxxxxxxxxx iat-mode=0
+#Bridge obfs4 xx.xxx.xxx.xxx:0000 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx cert=xxxxxxxxxxxxxxxxxxx iat-mode=0
+
diff --git a/torrc b/torrc
index 1cbee66..707c7cd 100644
--- a/torrc
+++ b/torrc
@@ -3,3 +3,5 @@ Log notice stdout
 DNSPort 0.0.0.0:8853
 SocksPort 0.0.0.0:9150
 DataDirectory /var/lib/tor
+
+%include /etc/tor/torrc.d/*.conf
\ No newline at end of file

From 258536732ba74bec09b020d18d5cdfdcd8c4c687 Mon Sep 17 00:00:00 2001
From: Aleksandr Beshkenadze <beshkenadze@gmail.com>
Date: Sat, 2 Dec 2023 21:22:58 +0200
Subject: [PATCH 3/3] Add a new line.

---
 torrc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/torrc b/torrc
index 707c7cd..61110c0 100644
--- a/torrc
+++ b/torrc
@@ -4,4 +4,4 @@ DNSPort 0.0.0.0:8853
 SocksPort 0.0.0.0:9150
 DataDirectory /var/lib/tor
 
-%include /etc/tor/torrc.d/*.conf
\ No newline at end of file
+%include /etc/tor/torrc.d/*.conf