[f2n]

Thanks for posting, turns out one of these was mine. I forgot that it existed. 1213 days of uptime, still running Debian Wheezy (don't worry, i'm bringing it up to date now)

[akerro]

Tor project should have an official Docker image, we could just use it with watchtower, it would autoupdate itself.

https://github.com/v2tec/watchtower

[Operyl]

Does docker have container signing yet? If not, this sounds like it could be a disaster waiting to happen (just compromise dockerhuv credentials!)

[sphix0r]

There is, but it seems to be disabled by default.

https://docs.docker.com/engine/security/trust/content_trust/

[mschuster91]

This, actually, should be part of Docker itself. Thank you!

[bcaa7f3a8bbc]

Thanks for running a Tor relay, even better, Tor relays! Please consider to check the right sidebar for new versions on https://blog.torproject.org/, add Debian repos from Tor Project instead of using default repo, and read [tor-relays]* mailing list routinely. It's a fun read comparable to Hacker News, well, sometimes.

* https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-re...

[f2n]

I had the Tor Project's repos added, but I guess no auto updates.

[OrangeTux]

Is it hard to create a Tor node? And is it juridically safe to be an owner of a Tor node?

[gonehome]

I wrote this how to a few years ago: https://tor.stackexchange.com/questions/6567/how-do-i-manual...

Hopefully it's easier now than it was then.

As others said relay nodes are safe and low risk to run. I wouldn't run an exit node without looking into the legal risk and having a plan.

[maeln]

It is pretty easy to setup if you know the basic of administrating a GNU/Linux or BSD machine. It is better if you also know a bit about security on those system too (at least how to configure the firewall).

When it come to the legal part, it depends.

Being a exit-node can be very tricky. In some country, you will have to register has a telecommunication provider in order not to be considered liable for whatever comes out of your relay.

Being a guard-node (the "entry" node for tor client) is usually safe but can still create some trouble. For example, the virus WannaCry was using Tor to connect to its C&C servers. Due to this, some Tor guard node got seized by the French police because they saw WannaCry connect to the IP of those guard node and I guessed, decided that it was necessary to seize them for their investigations ...

But you can configure your node to never be chosen has a guard node and to be just a relay and not a exit node. The node will be the middle man between a guard and a exit node and that should be completely safe, unless you live in a country where technology to circumvent censorship are prohibited.

[moviuro]

A TOR relay is pretty safe. You're just a middle-man and have no clue about what's going on.

Your IP is still going into every single blacklist of corporate gateways though (because F5, etc. don't care): so don't host multiple services on that IP/server.

An exit node is the most dangerous position to be in, because that's were all the bad stuff can be seen.

[exikyut]

It's very easy, but yes, you cannot control what data exits it.

I'm just as curious as you what the GP's internet setup looks like.

[strken]

The GP didn't necessarily say he was running an exit relay, only that he was running a relay of some kind. As far as I know it's a lot less perilous to run a middle relay.

[swirepe]

snap install tor-middle-relay

https://snapcraft.io/tor-middle-relay

[maeln]

The same happened to me. I was pretty sure that the VPS that was running the node was shutdown but it turn out it was still running.

[penagwin]

Where does one host this without getting SWATTED?