Compare commits
5 Commits
| Author | SHA1 | Date |
|---|---|---|
 zach
|
4601290976 | |
karubabu
|
be00dd0b41 | |
Otto Seiskari
|
e738e875bb | |
|
Otto Seiskari
|
2e97d33757 | |
|
Otto Seiskari
|
f1cf5237cd |
|
|
@ -1,3 +1,3 @@
|
|||
openvpn
|
||||
local
|
||||
shared
|
||||
*~
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
FROM ubuntu:bionic
|
||||
FROM ubuntu:jammy
|
||||
|
||||
RUN apt-get update && apt-get install -y firefox \
|
||||
curl sudo openvpn transmission \
|
||||
|
|
@ -24,3 +24,4 @@ COPY files/start-openvpn-blocking.sh /home/user/
|
|||
|
||||
ENV HOME /home/user
|
||||
ENTRYPOINT ["/bin/bash", "/home/user/start.sh"]
|
||||
CMD ['firefox']
|
||||
|
|
|
|||
|
|
@ -10,10 +10,10 @@ without any cookies, history or such.
|
|||
2. (optional) Create a directory `openvpn` and put your `openvpn.conf` there.
|
||||
Make sure it's called `openvpn.conf` and all extra files it may need are
|
||||
also in the `openvpn/` directory (this will be mounted in the container)
|
||||
3. Start container `./run.sh`
|
||||
3. Start container `./run.sh firefox`
|
||||
|
||||
Also `ASSERT_COUNTRY=Finland ./run.sh` to check that ifconfig.co thinks that
|
||||
the your IP address is in a given country before starting Firefox.
|
||||
Also `ASSERT_COUNTRY=Finland ./run.sh firefox` to check that ifconfig.co thinks
|
||||
that the your IP address is in a given country before starting Firefox.
|
||||
|
||||
### Disclaimer
|
||||
|
||||
|
|
|
|||
|
|
@ -1,12 +1,7 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
# If no profile ...
|
||||
if [ ! -d "$HOME/.mozilla" ]; then
|
||||
# create the default Firefox profile and put some settings there
|
||||
firefox -CreateProfile default
|
||||
mv $HOME/user.js `find $HOME/.mozilla/firefox -type d | grep .default`
|
||||
fi
|
||||
COMMAND="$1"
|
||||
echo "$COMMAND"
|
||||
|
||||
OPENVPN_CONF='/etc/openvpn/openvpn.conf'
|
||||
if [ -f "$OPENVPN_CONF" ]; then
|
||||
|
|
@ -29,5 +24,24 @@ if [ ! -z ${ASSERT_COUNTRY+x} ]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
# Start firefox
|
||||
firefox
|
||||
# If no profile ...
|
||||
if [ $COMMAND == "firefox" ]; then
|
||||
# create the default Firefox profile and put some settings there
|
||||
firefox &
|
||||
FIREFOX_PID=$!
|
||||
# Since some recent Firefox version, calling CreateProfile and copying
|
||||
# user.js stopped working on the first use for reasons I could not find on
|
||||
# Google and do not frankly care about. This is the workaround
|
||||
set +e
|
||||
while [ `find $HOME/.mozilla/firefox -type f | grep prefs.js | wc -l` == "0" ];
|
||||
do
|
||||
echo "... waiting for Firefox to start the first time"
|
||||
sleep 1
|
||||
done
|
||||
set -e
|
||||
echo "killing Firefox and copying settings"
|
||||
kill $FIREFOX_PID
|
||||
mv $HOME/user.js `find $HOME/.mozilla/firefox -maxdepth 1 -type d | grep .default-release`
|
||||
fi
|
||||
|
||||
$COMMAND
|
||||
|
|
|
|||
|
|
@ -9,3 +9,38 @@ user_pref("browser.onboarding.enabled", false);
|
|||
|
||||
// no tracking protection intro
|
||||
user_pref("privacy.trackingprotection.introCount", 100);
|
||||
|
||||
// use FF's fingeprinting blocker (spoofs various attributes and restricts canvas usage)
|
||||
user_pref("privacy.resistFingerprinting", true);
|
||||
|
||||
// FF's tracking protection
|
||||
user_pref("privacy.trackingprotection.enabled", true);
|
||||
|
||||
// Disable PDF's
|
||||
user_pref("pdfjs.disabled", true);
|
||||
|
||||
// Disable various suspicious telemetry things (from pyllyukko's user.js)
|
||||
user_pref("browser.safebrowsing.downloads.remote.enabled", false);
|
||||
user_pref("browser.selfsupport.url", "");
|
||||
user_pref("dom.flyweb.enabled", false);
|
||||
user_pref("toolkit.telemetry.enabled", false);
|
||||
user_pref("toolkit.telemetry.unified", false);
|
||||
user_pref("experiments.supported", false);
|
||||
user_pref("experiments.enabled", false);
|
||||
user_pref("experiments.manifest.uri", "");
|
||||
user_pref("network.allow-experiments", false);
|
||||
user_pref("breakpad.reportURL", "");
|
||||
user_pref("browser.tabs.crashReporting.sendReport", false);
|
||||
user_pref("browser.crashReports.unsubmittedCheck.enabled", false);
|
||||
user_pref("devtools.webide.enabled", false);
|
||||
user_pref("devtools.webide.autoinstallADBHelper", false);
|
||||
user_pref("devtools.webide.autoinstallFxdtAdapters", false);
|
||||
user_pref("devtools.debugger.remote-enabled", false);
|
||||
user_pref("devtools.chrome.enabled", false);
|
||||
user_pref("devtools.debugger.force-local", true);
|
||||
user_pref("loop.logDomains", false);
|
||||
user_pref("browser.pocket.enabled", false);
|
||||
user_pref("extensions.pocket.enabled", false);
|
||||
user_pref("extensions.shield-recipe-client.enabled", false);
|
||||
user_pref("app.shield.optoutstudies.enabled", false);
|
||||
user_pref("browser.newtabpage.activity-stream.feeds.section.topstories", false);
|
||||
|
|
|
|||
6
run.sh
6
run.sh
|
|
@ -2,8 +2,12 @@
|
|||
set -eux
|
||||
docker run -ti --rm -e DISPLAY \
|
||||
--cap-add=NET_ADMIN --device /dev/net/tun \
|
||||
--shm-size 256M \
|
||||
-v /tmp/.X11-unix:/tmp/.X11-unix \
|
||||
-v `pwd`/openvpn:/etc/openvpn \
|
||||
-v `pwd`/shared:/home/user/Downloads \
|
||||
-e ASSERT_COUNTRY \
|
||||
--name docker-vpn-browser-container \
|
||||
--dns 1.1.1.1 \
|
||||
docker-vpn-browser
|
||||
docker-vpn-browser \
|
||||
"$@"
|
||||
|
|
|
|||
Loading…
Reference in New Issue