Order of package-installation prevents new versions of tor from being installed

[reformat0r]

I noticed that when building the image using the latest Dockerfile, an outdated version of tor is being installed.
The reason seems to be that the signing keys are expired:

The following signatures were invalid: EXPKEYSIG 74A941BA219EC810 deb.torproject.org archive signing key

I think the issue lies with the fact that deb.torproject.org-keyring and tor are being installed in the same transaction, meaning that when apt checks which version of tor to install, the keys are not yet updated.

tor-server/Dockerfile

Lines 38 to 43 in 2a9ed8e

	&& apt-get install --no-install-recommends --no-install-suggests -y \
	pwgen \
	iputils-ping \
	tor \
	tor-geoipdb \
	deb.torproject.org-keyring \

I resolved the issue by first executing apt-get install deb.torproject.org-keyring on its own, before installing tor:

 # Install tor with GeoIP and obfs4proxy & backup torrc \
 && apt-get update \
 && apt-get install deb.torproject.org-keyring -y \
 && apt-get install --no-install-recommends --no-install-suggests -y \
        pwgen \
        iputils-ping \
        tor \
        tor-geoipdb

[andrewbpowers]

Great work!

How to you install the "tor-server" or build the image after this changes?