Compare commits

..

15 Commits

Author SHA1 Message Date
08d5be0469 prepare release (#23)
All checks were successful
ci / docker (push) Successful in 15s
release / release (push) Successful in 58s
#### 📖 Summary

- update changelog

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] CI pipeline tests
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Reviewed-on: #23
2024-06-20 17:35:18 +02:00
cd9ed77875 chore(deps): update actions/metadata-action action to v5 (#20)
All checks were successful
ci / docker (push) Successful in 17s
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/metadata-action](https://gitea.ocram85.com/actions/metadata-action) | action | major | `v4` -> `v5` |

---

### Release Notes

<details>
<summary>actions/metadata-action (actions/metadata-action)</summary>

### [`v5`](https://gitea.ocram85.com/actions/metadata-action/compare/v4...v5)

[Compare Source](https://gitea.ocram85.com/actions/metadata-action/compare/v4...v5)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xODkuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE4OS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #20
Reviewed-by: OCram85 <marco.blessing@googlemail.com>
Co-authored-by: renovate-bot <renovate@ocram85.com>
Co-committed-by: renovate-bot <renovate@ocram85.com>
2024-06-20 17:30:36 +02:00
1c03c5475e chore(deps): update actions/login-action action to v3 (#19)
All checks were successful
ci / docker (push) Successful in 15s
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/login-action](https://gitea.ocram85.com/actions/login-action) | action | major | `v2` -> `v3` |

---

### Release Notes

<details>
<summary>actions/login-action (actions/login-action)</summary>

### [`v3`](https://gitea.ocram85.com/actions/login-action/compare/v2...v3)

[Compare Source](https://gitea.ocram85.com/actions/login-action/compare/v2...v3)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xODkuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE4OS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #19
Reviewed-by: OCram85 <marco.blessing@googlemail.com>
Co-authored-by: renovate-bot <renovate@ocram85.com>
Co-committed-by: renovate-bot <renovate@ocram85.com>
2024-06-20 17:28:52 +02:00
440382036c chore(deps): update actions/checkout action to v4 (#18)
All checks were successful
ci / docker (push) Successful in 15s
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://gitea.ocram85.com/actions/checkout) | action | major | `v3` -> `v4` |

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

### [`v4`](https://gitea.ocram85.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417)

[Compare Source](https://gitea.ocram85.com/actions/checkout/compare/v3...v4)

-   Bump the minor-npm-dependencies group across 1 directory with 4 updates by [@&#8203;dependabot](https://github.com/dependabot) in https://github.com/actions/checkout/pull/1739
-   Bump actions/checkout from 3 to 4 by [@&#8203;dependabot](https://github.com/dependabot) in https://github.com/actions/checkout/pull/1697
-   Check out other refs/\* by commit by [@&#8203;orhantoy](https://github.com/orhantoy) in https://github.com/actions/checkout/pull/1774
-   Pin actions/checkout's own workflows to a known, good, stable version. by [@&#8203;jww3](https://github.com/jww3) in https://github.com/actions/checkout/pull/1776

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xODkuMSIsInVwZGF0ZWRJblZlciI6IjM3LjQwOC4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #18
Reviewed-by: OCram85 <marco.blessing@googlemail.com>
Co-authored-by: renovate-bot <renovate@ocram85.com>
Co-committed-by: renovate-bot <renovate@ocram85.com>
2024-06-20 17:27:13 +02:00
ea2389b63f chore(deps): update alpine docker tag to v3.20.0 (#16)
All checks were successful
ci / docker (push) Successful in 17s
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine | final | minor | `3.18.4` -> `3.20.0` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC40MC4yIiwidXBkYXRlZEluVmVyIjoiMzcuMzc3LjUiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=-->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #16
Reviewed-by: OCram85 <marco.blessing@googlemail.com>
Co-authored-by: renovate-bot <renovate@ocram85.com>
Co-committed-by: renovate-bot <renovate@ocram85.com>
2024-06-20 17:25:47 +02:00
f0b5a81964 chore(deps): update actions/setup-buildx-action action to v3 (#21)
All checks were successful
ci / docker (push) Successful in 14s
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-buildx-action](https://gitea.ocram85.com/actions/setup-buildx-action) | action | major | `v2` -> `v3` |

---

### Release Notes

<details>
<summary>actions/setup-buildx-action (actions/setup-buildx-action)</summary>

### [`v3`](https://gitea.ocram85.com/actions/setup-buildx-action/compare/v2...v3)

[Compare Source](https://gitea.ocram85.com/actions/setup-buildx-action/compare/v2...v3)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xODkuMSIsInVwZGF0ZWRJblZlciI6IjM3LjE4OS4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #21
Reviewed-by: OCram85 <marco.blessing@googlemail.com>
Co-authored-by: renovate-bot <renovate@ocram85.com>
Co-committed-by: renovate-bot <renovate@ocram85.com>
2024-06-20 17:24:30 +02:00
cd035239a7 chore(deps): update actions/build-push-action action to v6 (#22)
All checks were successful
ci / docker (push) Successful in 15s
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/build-push-action](https://gitea.ocram85.com/actions/build-push-action) | action | major | `v4` -> `v6` |

---

### Release Notes

<details>
<summary>actions/build-push-action (actions/build-push-action)</summary>

### [`v6`](https://gitea.ocram85.com/actions/build-push-action/compare/v5...v6)

[Compare Source](https://gitea.ocram85.com/actions/build-push-action/compare/v5...v6)

### [`v5`](https://gitea.ocram85.com/actions/build-push-action/compare/v4...v5)

[Compare Source](https://gitea.ocram85.com/actions/build-push-action/compare/v4...v5)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MTMuMiIsInVwZGF0ZWRJblZlciI6IjM3LjQxMy4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZSJdfQ==-->

Reviewed-on: #22
Reviewed-by: OCram85 <marco.blessing@googlemail.com>
Co-authored-by: renovate-bot <renovate@ocram85.com>
Co-committed-by: renovate-bot <renovate@ocram85.com>
2024-06-20 17:22:51 +02:00
3c6ca573f1 Update alpine Docker tag to v3.18.4 (#15)
All checks were successful
ci / docker (push) Successful in 39s
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| alpine | final | patch | `3.18.2` -> `3.18.4` |

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC40MC4yIiwidXBkYXRlZEluVmVyIjoiMzQuNDAuMiJ9-->

Reviewed-on: #15
Co-authored-by: renovate-bot <renovate@ocram85.com>
Co-committed-by: renovate-bot <renovate@ocram85.com>
2023-10-09 16:08:45 +02:00
9b7e2151ec adds timezone support (#14)
All checks were successful
ci / docker (push) Successful in 16s
#### 📖 Summary

- adds tzdate packaqge
- add TZ env

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] CI pipeline tests
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Reviewed-on: #14
2023-10-09 16:00:04 +02:00
fde7eee1ec fix logo source link
All checks were successful
ci / docker (push) Successful in 18s
2023-07-13 14:18:38 +02:00
d80b583252 Adds examples docs (#13)
All checks were successful
ci / docker (push) Successful in 15s
release / release (push) Successful in 30s
#### 📖 Summary

- adding 3 examples
- adding example docs

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] CI pipeline tests
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #13
2023-07-13 14:01:45 +02:00
2c63a3a6fb add full Swarmproxy example (#12)
All checks were successful
ci / docker (push) Successful in 26s
#### 📖 Summary

- adds docker-compose.yml full stack example
- fix typos

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] CI pipeline tests
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #12
2023-07-13 10:52:17 +02:00
d0090a7e9a Add Readme content (#11)
All checks were successful
ci / docker (push) Successful in 16s
#### 📖 Summary

- Add basic help about Swarmproxy
- Update changelog
- prepare next release

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] CI pipeline tests
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #11
2023-07-12 17:25:31 +02:00
3161d332af use absolute urls for action calls (#10)
All checks were successful
ci / docker (push) Successful in 28s
#### 📖 Summary

- try to use absolute urls for internal actions. -> Testing renovate github-action workaround with this

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] CI pipeline tests
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #10
2023-07-12 14:19:26 +02:00
cf6593f58f adds renovate support (#8)
All checks were successful
ci / docker (push) Successful in 36s
#### 📖 Summary

- testing renovate support with gitea-actions

#### 📑 Test Plan

> 💡 Select your test plan for the code changes.

- [x] CI pipeline tests
- [ ] Custom test
- [ ] No test plan

##### Details / Justification

<!-- Add your test details or justification for missing tests here. -->

#### 📚 Additional Notes

<!-- A place for additional detail notes. -->

Co-authored-by: OCram85 <marco.blessing@googlemail.com>
Reviewed-on: #8
2023-07-12 14:01:39 +02:00
14 changed files with 750 additions and 32 deletions

View File

@ -20,7 +20,7 @@ jobs:
- -
name: Docker meta name: Docker meta
id: meta id: meta
uses: actions/metadata-action@v4 uses: https://gitea.ocram85.com/actions/metadata-action@v5
with: with:
images: | images: |
gitea.ocram85.com/ocram85/swarmproxy gitea.ocram85.com/ocram85/swarmproxy
@ -31,10 +31,10 @@ jobs:
type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}}.{{minor}}
- -
name: Set up Docker Buildx name: Set up Docker Buildx
uses: actions/setup-buildx-action@v2 uses: https://gitea.ocram85.com/actions/setup-buildx-action@v3
- -
name: Login to Gitea Package Registry name: Login to Gitea Package Registry
uses: actions/login-action@v2 uses: https://gitea.ocram85.com/actions/login-action@v3
with: with:
registry: gitea.ocram85.com registry: gitea.ocram85.com
username: ${{ secrets.USERNAME }} username: ${{ secrets.USERNAME }}
@ -42,7 +42,7 @@ jobs:
password: ${{ secrets.TOKEN }} password: ${{ secrets.TOKEN }}
- -
name: Build and push name: Build and push
uses: actions/build-push-action@v4 uses: https://gitea.ocram85.com/actions/build-push-action@v6
with: with:
push: ${{ github.event_name != 'pull_request' }} push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }} tags: ${{ steps.meta.outputs.tags }}

View File

@ -9,16 +9,16 @@ jobs:
release: release:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: https://gitea.ocram85.com/actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0
- name: setup go - name: setup go
uses: actions/setup-go@v3 uses: https://gitea.ocram85.com/actions/setup-go@v3
with: with:
go-version: '>=1.20.1' go-version: '>=1.20.1'
- name: Use Go Action - name: Use Go Action
id: use-go-action id: use-go-action
uses: actions/release-action@main uses: https://gitea.ocram85.com/actions/release-action@main
with: with:
files: |- files: |-
CHANGELOG.md CHANGELOG.md

View File

@ -1 +1,15 @@
FOSS
gitea
Gitea
LOGLEVEL
MAXCLIENTS
ocram
Quickstart
swarmproxy
Swarmproxy
tbd tbd
tinyproxy
Tinyproxy
TINYPROXY
UID
USR

View File

@ -65,6 +65,7 @@
"path": "${workspaceRoot}/.vscode/dictionaries/project-words.txt", "path": "${workspaceRoot}/.vscode/dictionaries/project-words.txt",
"description": "Words used in this project", "description": "Words used in this project",
"addWords": true "addWords": true
}, },
"custom": true "custom": true
} }

37
.vscode/tasks.json vendored Normal file
View File

@ -0,0 +1,37 @@
{
"version": "2.0.0",
"tasks": [
{
"label": "Update GiteaChangelog",
"type": "shell",
"command": [
"mv 'CHANGELOG.md' 'CHANGELOG.back' &&",
"changelog -m '${input:Milestone}' --token '${input:GiteaToken}' -c .changelog.yml generate > CHANGELOG.md &&",
"echo '' >> CHANGELOG.md &&",
"cat CHANGELOG.back >> CHANGELOG.md &&",
"rm CHANGELOG.back"
],
"problemMatcher": []
}
],
"inputs": [
{
"id": "GiteaToken",
"type": "command",
"command": "shellCommand.execute",
"args": {
"command": "echo $GITEA_TOKEN",
"description": "Your personal Gitea access token"
}
},
{
"id": "Milestone",
"type": "command",
"command": "shellCommand.execute",
"args": {
"description": "Select or enter a open milestone",
"command": "tea milestone ls -f title --output simple"
}
}
]
}

View File

@ -1,4 +1,17 @@
## [v0.1.0](https://gitea.ocram85.com/OCram85/swarmproxy/releases/tag/v0.1.0) - 2023-07-12 ## [v0.1.1](https://gitea.ocram85.com/OCram85/swarmproxy/releases/tag/v0.1.1) - 2024-06-20
* ✨ FEATURES
* Adds timezone support (#14)
* 🤖 DEPENDENCIES
* Chore(deps): update actions/build-push-action action to v6 (#22)
* Chore(deps): update actions/setup-buildx-action action to v3 (#21)
* Chore(deps): update actions/metadata-action action to v5 (#20)
* Chore(deps): update actions/login-action action to v3 (#19)
* Chore(deps): update actions/checkout action to v4 (#18)
* Chore(deps): update alpine docker tag to v3.20.0 (#16)
* Update alpine Docker tag to v3.18.4 (#15)
## [v0.1.0](https://gitea.ocram85.com/OCram85/swarmproxy/releases/tag/v0.1.0) - 2023-07-13
* ✨ FEATURES * ✨ FEATURES
* Adds entrypoint (#6) * Adds entrypoint (#6)
@ -6,3 +19,10 @@
* 📦 BUILD * 📦 BUILD
* Add gitea release action (#7) * Add gitea release action (#7)
* Finalize ci (#5) * Finalize ci (#5)
* Setup basic action based ci (#3)
* 🤖 DEPENDENCIES
* Use absolute urls for action calls (#10)
* Adds renovate support (#8)
* ⚙️ META
* Add Readme content (#11)
* Adds initial readme (#4)

View File

@ -1,4 +1,4 @@
FROM alpine:3.18.2 FROM alpine:3.20.0
# Set labels manually, each build service differs in used or predefined labels. # Set labels manually, each build service differs in used or predefined labels.
LABEL maintainer="OCram85" LABEL maintainer="OCram85"
@ -29,11 +29,12 @@ ENV LOGLEVEL "Info"
ENV MAXCLIENTS "600" ENV MAXCLIENTS "600"
ENV FILTER_FILE "/app/filter" ENV FILTER_FILE "/app/filter"
ENV TZ "Europe/Berlin"
# get existing packages # get existing packages
# curl for healthchecks and debugging # curl for healthchecks and debugging
RUN apk add --no-cache \ RUN apk add --no-cache \
tinyproxy curl tinyproxy curl tzdata
COPY entrypoint.sh /app/entrypoint.sh COPY entrypoint.sh /app/entrypoint.sh

View File

@ -6,23 +6,41 @@
<p align="center"> <p align="center">
<a href="https://gitea.ocram85.com/OCram85/swarmproxy/"> <a href="https://gitea.ocram85.com/OCram85/swarmproxy/">
<img <img
src="/OCram85/swarmproxy/raw/branch/main/assets/social-logo.png" src="assets/social-logo.png"
alt="swarmproxy" alt="Swarmproxy - Tame your traffic"
> >
</a> </a>
</p> </p>
<h1 align="center">
Swarmproxy - Tame your traffic
</h1>
<p align="center"> <p align="center">
Swarmproxy is a simple http/https proxy for outbound traffic in a docker swarm cluster. 🦁 Swarmproxy is a simple http proxy to limit your outbound traffic.
</p> </p>
## :book: About ## 📖 About
## 🤖 Quickstart Swarmproxy is a simply way to integrate a http proxy in your Docker swarm cluster or any other container network.
It acts as an centralized proxy to limit your outbound / egress traffic. You can also add a whitelist filter to
limit the allowed domains. There is also an option to use a upstream proxy.
### What does Swarmproxy for you?
Enterprise and production environments often face more stringent security requirements.
Therefore, unfiltered Internet access may be prohibited.
So Swarmproxy could help you with these features:
- ✔️ Prevent direct web access from Container workload.
- ✔️ Upstream proxy with or without authentication
- ✔️ Optional domain based whitelist filter.
### What does Swarmproxy not?
Swarmproxy is just a supercharged Tinyproxy where you can point your container workload to.
- ☣️ Swarmproxy does not block the web access or other traffic if you workload doesn't use a proxy
- ☣️ It's not a firewall, thus it does not customize your iptables or any other firewall policies.
## 🚀 Quickstart
### 1. ⚡ Get the image 📦 ### 1. ⚡ Get the image 📦
@ -31,9 +49,12 @@ You can download the image from the Gitea embedded container registry: `gitea.oc
- `latest`, `main` - Is based on the lasted master branch commit. - `latest`, `main` - Is based on the lasted master branch commit.
- `1`, `0.1`, `0.1.0` - tag based version. - `1`, `0.1`, `0.1.0` - tag based version.
> **💡 NOTE: See the [packages page](https://gitea.ocram85.com/OCram85/-/packages/container/swarmproxy/latest) for latest version and all other available tags.** > **💡 NOTE: See the [packages page](https://gitea.ocram85.com/OCram85/-/packages/container/swarmproxy/latest)
> for latest version and all other available tags.**
### 2.a Run as Docker Swarm Stack ### 2. 🛡️ Run as Docker Swarm Stack
This example shows all available configuration keys / environment variables for Swarmproxy.
```yaml ```yaml
version: "3.8" version: "3.8"
@ -55,12 +76,14 @@ networks:
services: services:
swarmproxy: swarmproxy:
# Do not use the `latest` tag in production!
image: gitea.ocram85.com/OCram85/swarmproxy:latest image: gitea.ocram85.com/OCram85/swarmproxy:latest
deploy: deploy:
replicas: 1 replicas: 1
#secrets: #secrets:
# - upstream-proxy # - upstream-proxy
environment: environment:
- LOGLEVEL=Info
# Recommended settings # Recommended settings
# Use an optional upstream proxy # Use an optional upstream proxy
#- UPSTREAM_PROXY= #- UPSTREAM_PROXY=
@ -73,25 +96,28 @@ services:
#- TINYPROXY_GID=5123 #- TINYPROXY_GID=5123
#- PORT=8888 #- PORT=8888
#- TIMEOUT=600 #- TIMEOUT=600
#- LOGLEVEL=Info
#- MAXCLIENTS=600 #- MAXCLIENTS=600
#- FILTER_FILE=/app/filter #- FILTER_FILE=/app/filter
volumes: volumes:
# You can mount a single filter file into the container. # You can mount a single filter file into the container.
# To reload the file use the docker kill -s USR1 <container_id| container_name> command. # To reload the file use the docker kill -s USR1 <container_id| container_name> command.
- ./filter.txt:/app/filter:ro # - ./filter.txt:/app/filter:ro
configs: #configs:
- source: filter_file # - source: filter_file
target: /app/filter # target: /app/filter
networks: networks:
egress: egress:
aliases: aliases:
- swarmproxy - swarmproxy
- proxy - proxy
``` ```
## 🚀 Examples
See the [Readme](examples/) docs in the examples folder...
## 💣 Known Issues
## 😡 We're Using GitHub Under Protest ## 😡 We're Using GitHub Under Protest
This project is currently **mirrored** to GitHub. This is not ideal; GitHub is a This project is currently **mirrored** to GitHub. This is not ideal; GitHub is a
@ -117,11 +143,11 @@ code in Copilot.
## 🙏 Credits ## 🙏 Credits
swarmproxy is based on the following projects and wouldn't be possible without them: Swarmproxy is based on the following projects and wouldn't be possible without them:
- [Tinyproxy](https://github.com/tinyproxy/tinyproxy) - The Tinyproxy project itself - [Tinyproxy](https://github.com/tinyproxy/tinyproxy) - The Tinyproxy project itself
- [docker-tinyproxy](https://github.com/kalaksi/docker-tinyproxy) - A containerized tinyproxy variant. - [docker-tinyproxy](https://github.com/kalaksi/docker-tinyproxy) - A containerized Tinyproxy variant.
- [docker-tinyproxy](https://github.com/ajoergensen/docker-tinyproxy) - A containerized tinyproxy variant. - [docker-tinyproxy](https://github.com/ajoergensen/docker-tinyproxy) - A containerized Tinyproxy variant.
## ⚖️ License (AGPLv3) ## ⚖️ License (AGPLv3)

View File

@ -27,7 +27,7 @@ EOF
function addUpstreamConfig() { function addUpstreamConfig() {
[ -z "$UPSTREAM_PROXY_FILE" ] || export UPSTREAM_PROXY=$(cat $UPSTREAM_PROXY_FILE) [ -z "$UPSTREAM_PROXY_FILE" ] || export UPSTREAM_PROXY=$(cat $UPSTREAM_PROXY_FILE)
[ -z "$UPSTREAM_PROXY" ] || echo "upstream http $UPSTREAM_PROXY \".\"" >> "$CONFIG" [ -z "$UPSTREAM_PROXY" ] || echo "Upstream http $UPSTREAM_PROXY " >> "$CONFIG"
} }
function addFilterConfig() { function addFilterConfig() {

35
examples/1-minimal.yml Normal file
View File

@ -0,0 +1,35 @@
version: "3.8"
networks:
egress:
attachable: true
backend:
internal: true
services:
swarmproxy:
image: gitea.ocram85.com/ocram85/swarmproxy:latest
deploy:
replicas: 1
environment:
- LOGLEVEL=Info
networks:
egress:
aliases:
- proxy
curl:
image: curlimages/curl:8.1.2
command: ["-I", "-x", "proxy:8888", "https://google.com"]
depends_on:
- swarmproxy
deploy:
replicas: 1
restart_policy:
condition: on-failure
delay: 10s
max_attempts: 5
window: 120s
networks:
- backend
- egress

64
examples/2-upstream.yml Normal file
View File

@ -0,0 +1,64 @@
version: "3.8"
# Setting up 3 default networks to act as dummy:
# - backend : internal only network
# - dmz : dmz network with connections allowed from internal and external
# - egress : dummy egress zone with fake upstream proxy
networks:
egress:
attachable: true
dmz:
attachable: true
backend:
internal: true
services:
# Creating a fake upstream proxy
upstream:
image: gitea.ocram85.com/ocram85/swarmproxy:latest
deploy:
replicas: 1
environment:
- LOGLEVEL=Info
networks:
egress:
aliases:
- upstream
# Creating our swarmproxy instance to use the external upstream proxy
swarmproxy:
# Do not use the `latest` tag in production!
image: gitea.ocram85.com/ocram85/swarmproxy:latest
depends_on:
- upstream
deploy:
replicas: 1
environment:
- LOGLEVEL=Info
- UPSTREAM_PROXY=upstream:8888
networks:
dmz:
aliases:
- swarmproxy
- proxy
egress:
# container workload example which tries to communicate through our swarmproxy instance
# http request / response:
# [curl container] <---|req/res|---> [swarmproxy] <---|req/res|---> [upstream] <---|req/res|---> [target]
curl:
image: curlimages/curl:8.1.2
command: ["-I", "-x", "proxy:8888", "https://google.com"]
depends_on:
- upstream
- swarmproxy
deploy:
replicas: 1
restart_policy:
condition: on-failure
delay: 10s
max_attempts: 5
window: 120s
networks:
- backend
- dmz

101
examples/3-external.yml Normal file
View File

@ -0,0 +1,101 @@
version: "3.8"
# IMPORTANT: Run the following command to add the required filter config file:
# echo "google.com" | docker config create filter_file -
configs:
filter_file:
external: true
# IMPORTANT: Run the following command to add the required filter config file:
# echo "upstream:8888" | docker secret create upstream-proxy -
secrets:
upstream-proxy:
external: true
# Setting up 3 default networks to act as dummy:
# - backend : internal only network
# - dmz : dmz network with connections allowed from internal and external
# - egress : dummy egress zone with fake upstream proxy
networks:
egress:
attachable: true
dmz:
attachable: true
backend:
internal: true
services:
# Creating a fake upstream proxy
upstream:
image: gitea.ocram85.com/ocram85/swarmproxy:latest
deploy:
replicas: 1
environment:
- LOGLEVEL=Info
networks:
egress:
aliases:
- upstream
# Creating our swarmproxy instance to use the external upstream proxy
swarmproxy:
# Do not use the `latest` tag in production!
image: gitea.ocram85.com/ocram85/swarmproxy:latest
depends_on:
- upstream
deploy:
replicas: 1
environment:
- LOGLEVEL=Info
#- UPSTREAM_PROXY=upstream:8888
- UPSTREAM_PROXY_FILE=/run/secrets/upstream-proxy
- FILTER_FILE=/app/filter
configs:
- source: filter_file
target: /app/filter
secrets:
- upstream-proxy
networks:
dmz:
aliases:
- swarmproxy
- proxy
egress:
# container workload example whicht tries to communicate through our swarmproxy instance
# http request / response:
# [curl container] <---|req/res|---> [swarmproxy] <---|req/res|---> [upstream] <---|req/res|---> [target]
curl:
image: curlimages/curl:8.1.2
command: ["-I", "-x", "proxy:8888", "https://google.com"]
depends_on:
- upstream
- swarmproxy
deploy:
replicas: 1
restart_policy:
condition: on-failure
delay: 10s
max_attempts: 5
window: 120s
networks:
- backend
- dmz
# Example for blocked request if there is no matching domain in the filter file.
curl-blocked:
image: curlimages/curl:8.1.2
command: ["-I", "-x", "proxy:8888", "https://amazon.com"]
depends_on:
- upstream
- swarmproxy
deploy:
replicas: 1
restart_policy:
condition: on-failure
delay: 10s
max_attempts: 5
window: 120s
networks:
- backend
- dmz

407
examples/Readme.md Normal file
View File

@ -0,0 +1,407 @@
---
gitea: none
include_toc: true
---
# 📘 Examples
This folder contains some examples you can use to start building your Swarmproxy stack.
## Basic example `(1-minimal.yml)`
### Source
> 🗄️ File: [1-minimal.yml](1-minimal.yml)
### Description
This is the mos basic example. It contains the Swarmproxy service and curl als helper. Just deploy the stack and
inspect the logs form the containers.
### Usage
```bash
docker stack deploy -c 1-minimal.yml swarmproxy-mini
```
### Container Logs
- Swarmproxy:
```
🦁 FILTER_FILE not found or set.
🦁 Final Swarmproxy config 🦁
3
Group 5123
8
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
StatHost "tinyproxy.stats"
StatFile "/usr/share/tinyproxy/stats.html"
LogLevel Info
MaxClients 600
ViaProxyName "Swarmproxy"
Allow 127.0.0.1/8
Allow 10.0.0.0/8
🦁 Starting Tinyproxy...
args count: 3
args value: -c /app/proxy.conf -d
NOTICE Jul 13 11:10:23.360 [1]: Initializing tinyproxy ...
NOTICE Jul 13 11:10:23.360 [1]: Reloading config file
INFO Jul 13 11:10:23.360 [1]: Stathost set to "tinyproxy.stats"
INFO Jul 13 11:10:23.360 [1]: Setting "Via" header to 'Swarmproxy'
NOTICE Jul 13 11:10:23.360 [1]: Reloading config file finished
INFO Jul 13 11:10:23.360 [1]: listen_sock called with addr = '(NULL)'
INFO Jul 13 11:10:23.360 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6]
INFO Jul 13 11:10:23.360 [1]: listening on fd [3]
INFO Jul 13 11:10:23.360 [1]: trying to listen on host[::], family[10], socktype[1], proto[6]
INFO Jul 13 11:10:23.360 [1]: listening on fd [4]
INFO Jul 13 11:10:23.360 [1]: Not running as root, so not changing UID/GID.
INFO Jul 13 11:10:23.360 [1]: Setting the various signals.
INFO Jul 13 11:10:23.360 [1]: Starting main loop. Accepting connections.
CONNECT Jul 13 11:10:29.845 [1]: Connect (file descriptor 5): 10.0.35.4
CONNECT Jul 13 11:10:29.845 [1]: Request (file descriptor 5): CONNECT google.com:443 HTTP/1.1
INFO Jul 13 11:10:29.845 [1]: No upstream proxy for google.com
INFO Jul 13 11:10:29.845 [1]: opensock: opening connection to google.com:443
INFO Jul 13 11:10:29.955 [1]: opensock: getaddrinfo returned for google.com:443
CONNECT Jul 13 11:10:29.959 [1]: Established connection to host "google.com" using file descriptor 6.
INFO Jul 13 11:10:29.959 [1]: Not sending client headers to remote machine
INFO Jul 13 11:10:30.033 [1]: Closed connection between local client (fd:5) and remote client (fd:6)
```
- Curl:
```
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
HTTP/1.0 200 Connection established
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 220 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
Proxy-agent: tinyproxy/1.11.1
HTTP/2 301
location: https:xt/html; charset=UTF-8
content-security//www.google.com/
content-type: te-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-gEktpIC_xSqk9njjM0KANA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
date: Thu, 13 Jul 2023 11:10:29 GMT
expires: Thu, 13 Jul 2023 11:10:29 GMT
cache-control: private, max-age=2592000
server: gws
content-length: 220
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+663; expires=Sat, 12-Jul-2025 11:10:29 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
```
## Upstream proxy example `(2-upstream.yml)`
### Source
> 🗄️ File: [2-upstream.yml](2-upstream.yml)
### Description
The upstream example contains another Swarmproxy instance as fake upstream proxy. The client connects to it's
configured Swarmproxy instance which forwards the query to the upstream.
### Usage
```bash
docker stack deploy -c 2-upstream.yml swarmproxy-upstream
```
### Container Logs
- Upstream
```
🦁 FILTER_FILE not found or set.
🦁 Final Swarmproxy config 🦁
3
Group 5123
8
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
StatHost "tinyproxy.stats"
StatFile "/usr/share/tinyproxy/stats.html"
LogLevel Info
MaxClients 600
ViaProxyName "Swarmproxy"
Allow 127.0.0.1/8
Allow 10.0.0.0/8
🦁 Starting Tinyproxy...
args count: 3
args value: -c /app/proxy.conf -d
NOTICE Jul 13 11:18:50.279 [1]: Initializing tinyproxy ...
NOTICE Jul 13 11:18:50.279 [1]: Reloading config file
INFO Jul 13 11:18:50.279 [1]: Stathost set to "tinyproxy.stats"
INFO Jul 13 11:18:50.279 [1]: Setting "Via" header to 'Swarmproxy'
NOTICE Jul 13 11:18:50.279 [1]: Reloading config file finished
INFO Jul 13 11:18:50.279 [1]: listen_sock called with addr = '(NULL)'
INFO Jul 13 11:18:50.279 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6]
INFO Jul 13 11:18:50.279 [1]: listening on fd [3]
INFO Jul 13 11:18:50.279 [1]: trying to listen on host[::], family[10], socktype[1], proto[6]
INFO Jul 13 11:18:50.279 [1]: listening on fd [4]
INFO Jul 13 11:18:50.279 [1]: Not running as root, so not changing UID/GID.
INFO Jul 13 11:18:50.279 [1]: Setting the various signals.
INFO Jul 13 11:18:50.279 [1]: Starting main loop. Accepting connections.
```
- Swarmproxy
```
🦁 FILTER_FILE not found or set.
🦁 Final Swarmproxy config 🦁
3
Group 5123
8
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
StatHost "tinyproxy.stats"
StatFile "/usr/share/tinyproxy/stats.html"
LogLevel Info
MaxClients 600
ViaProxyName "Swarmproxy"
Allow 127.0.0.1/8
Allow 10.0.0.0/8
Upstream http upstream:8888
🦁 Starting Tinyproxy...
args count: 3
args value: -c /app/proxy.conf -d
NOTICE Jul 13 11:22:46.583 [1]: Initializing tinyproxy ...
NOTICE Jul 13 11:22:46.583 [1]: Reloading config file
INFO Jul 13 11:22:46.583 [1]: Stathost set to "tinyproxy.stats"
INFO Jul 13 11:22:46.583 [1]: Setting "Via" header to 'Swarmproxy'
INFO Jul 13 11:22:46.583 [1]: Added upstream http upstream:8888 for [default]
NOTICE Jul 13 11:22:46.583 [1]: Reloading config file finished
INFO Jul 13 11:22:46.583 [1]: listen_sock called with addr = '(NULL)'
INFO Jul 13 11:22:46.583 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6]
INFO Jul 13 11:22:46.583 [1]: listening on fd [3]
INFO Jul 13 11:22:46.583 [1]: trying to listen on host[::], family[10], socktype[1], proto[6]
INFO Jul 13 11:22:46.583 [1]: listening on fd [4]
INFO Jul 13 11:22:46.583 [1]: Not running as root, so not changing UID/GID.
INFO Jul 13 11:22:46.583 [1]: Setting the various signals.
INFO Jul 13 11:22:46.583 [1]: Starting main loop. Accepting connections.
CONNECT Jul 13 11:23:02.916 [1]: Connect (file descriptor 5): 10.0.38.4
CONNECT Jul 13 11:23:02.916 [1]: Request (file descriptor 5): CONNECT google.com:443 HTTP/1.1
INFO Jul 13 11:23:02.916 [1]: Found upstream proxy http upstream:8888 for google.com
INFO Jul 13 11:23:02.916 [1]: opensock: opening connection to upstream:8888
INFO Jul 13 11:23:02.916 [1]: opensock: getaddrinfo returned for upstream:8888
CONNECT Jul 13 11:23:02.917 [1]: Established connection to upstream proxy "upstream" using file descriptor 6.
INFO Jul 13 11:23:03.182 [1]: Closed connection between local client (fd:5) and remote client (fd:6)
```
- Curl
```
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
HTTP/1.0 200 Connection established
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 220 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
Via: 1.1 Swarmproxy (tinyproxy/1.11.1)
Proxy-agent: tinyproxy/1.11.1
HTTP/2 301
location: https://www.google.com/
content-type: text/html; charset=UTF-8
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-g1lolRpzk2b93t4bhY80uA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
date: Thu, 13 Jul 2023 11:23:03 GMT
expires: Thu, 13 Jul 2023 11:23:03 GMT
cache-control: private, max-age=2592000
server: gws
content-length: 220
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+481; expires=Sat, 12-Jul-2025 11:23:03 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
```
## Fullstack example with external secrets and config `(3-external.yml)`
### Source
> 🗄️ File: [3-upstream.yml](3-upstream.yml)
### Description
This stack is based on the previous upstream example. It's modified to show these additional features:
- Using external docker secret to set up an upstream proxy. Should be used when upstream needs authentication
- Mounting a docker config as filter file
- filtering queries by domains
- added curl-blocked service to show output if target domain is not in whitelist
### Usage
```bash
echo "google.com" | docker config create filter_file -
echo "upstream:8888" | docker secret create upstream-proxy -
docker stack deploy -c 1-minimal.yml swarmproxy-mini
```
### Container Logs
- Upstream
```
🦁 FILTER_FILE not found or set.
🦁 Final Swarmproxy config 🦁
3
Group 5123
8
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
StatHost "tinyproxy.stats"
StatFile "/usr/share/tinyproxy/stats.html"
LogLevel Info
MaxClients 600
ViaProxyName "Swarmproxy"
Allow 127.0.0.1/8
Allow 10.0.0.0/8
🦁 Starting Tinyproxy...
args count: 3
args value: -c /app/proxy.conf -d
NOTICE Jul 13 11:37:47.554 [1]: Initializing tinyproxy ...
NOTICE Jul 13 11:37:47.554 [1]: Reloading config file
INFO Jul 13 11:37:47.554 [1]: Stathost set to "tinyproxy.stats"
INFO Jul 13 11:37:47.554 [1]: Setting "Via" header to 'Swarmproxy'
NOTICE Jul 13 11:37:47.554 [1]: Reloading config file finished
INFO Jul 13 11:37:47.554 [1]: listen_sock called with addr = '(NULL)'
INFO Jul 13 11:37:47.554 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6]
INFO Jul 13 11:37:47.554 [1]: listening on fd [3]
INFO Jul 13 11:37:47.554 [1]: trying to listen on host[::], family[10], socktype[1], proto[6]
INFO Jul 13 11:37:47.554 [1]: listening on fd [4]
INFO Jul 13 11:37:47.554 [1]: Not running as root, so not changing UID/GID.
INFO Jul 13 11:37:47.554 [1]: Setting the various signals.
INFO Jul 13 11:37:47.554 [1]: Starting main loop. Accepting connections.
CONNECT Jul 13 11:38:22.698 [1]: Connect (file descriptor 5): 10.0.40.4
CONNECT Jul 13 11:38:22.699 [1]: Request (file descriptor 5): CONNECT google.com:443 HTTP/1.1
INFO Jul 13 11:38:22.699 [1]: No upstream proxy for google.com
INFO Jul 13 11:38:22.699 [1]: opensock: opening connection to google.com:443
INFO Jul 13 11:38:26.704 [1]: opensock: getaddrinfo returned for google.com:443
CONNECT Jul 13 11:38:26.708 [1]: Established connection to host "google.com" using file descriptor 6.
INFO Jul 13 11:38:26.708 [1]: Not sending client headers to remote machine
INFO Jul 13 11:38:26.785 [1]: Closed connection between local client (fd:5) and remote client (fd:6)
```
- Swarmproxy
```
🦁 Final Swarmproxy config 🦁

3
Group 5123

8
Timeout 600
DefaultErrorFile "/usr/share/tinyproxy/default.html"
StatHost "tinyproxy.stats"
StatFile "/usr/share/tinyproxy/stats.html"
LogLevel Info
MaxClients 600
ViaProxyName "Swarmproxy"
Allow 127.0.0.1/8
Allow 10.0.0.0/8
Upstream http upstream:8888
Filter "/app/filter"
FilterURLs Off
FilterCaseSensitive Off
FilterDefaultDeny Yes
🦁 Starting Tinyproxy...
args count: 3
args value: -c /app/proxy.conf -d
NOTICE Jul 13 11:37:57.704 [1]: Initializing tinyproxy ...
NOTICE Jul 13 11:37:57.704 [1]: Reloading config file
INFO Jul 13 11:37:57.704 [1]: Stathost set to "tinyproxy.stats"
INFO Jul 13 11:37:57.704 [1]: Setting "Via" header to 'Swarmproxy'
INFO Jul 13 11:37:57.704 [1]: Added upstream http upstream:8888 for [default]
NOTICE Jul 13 11:37:57.704 [1]: Reloading config file finished
INFO Jul 13 11:37:57.704 [1]: listen_sock called with addr = '(NULL)'
INFO Jul 13 11:37:57.704 [1]: trying to listen on host[0.0.0.0], family[2], socktype[1], proto[6]
INFO Jul 13 11:37:57.704 [1]: listening on fd [3]
INFO Jul 13 11:37:57.704 [1]: trying to listen on host[::], family[10], socktype[1], proto[6]
INFO Jul 13 11:37:57.704 [1]: listening on fd [4]
INFO Jul 13 11:37:57.704 [1]: Not running as root, so not changing UID/GID.
INFO Jul 13 11:37:57.704 [1]: Setting the various signals.
INFO Jul 13 11:37:57.704 [1]: Starting main loop. Accepting connections.
CONNECT Jul 13 11:38:00.361 [1]: Connect (file descriptor 5): 10.0.39.4
CONNECT Jul 13 11:38:00.361 [1]: Request (file descriptor 5): CONNECT amazon.com:443 HTTP/1.1
NOTICE Jul 13 11:38:00.361 [1]: Proxying refused on filtered domain "amazon.com"
CONNECT Jul 13 11:38:14.022 [1]: Connect (file descriptor 5): 10.0.39.4
CONNECT Jul 13 11:38:14.022 [1]: Request (file descriptor 5): CONNECT amazon.com:443 HTTP/1.1
NOTICE Jul 13 11:38:14.022 [1]: Proxying refused on filtered domain "amazon.com"
CONNECT Jul 13 11:38:22.698 [1]: Connect (file descriptor 5): 10.0.39.4
CONNECT Jul 13 11:38:22.698 [1]: Request (file descriptor 5): CONNECT google.com:443 HTTP/1.1
INFO Jul 13 11:38:22.698 [1]: Found upstream proxy http upstream:8888 for google.com
INFO Jul 13 11:38:22.698 [1]: opensock: opening connection to upstream:8888
INFO Jul 13 11:38:22.698 [1]: opensock: getaddrinfo returned for upstream:8888
CONNECT Jul 13 11:38:22.698 [1]: Established connection to upstream proxy "upstream" using file descriptor 6.
CONNECT Jul 13 11:38:25.064 [1]: Connect (file descriptor 7): 10.0.39.4
CONNECT Jul 13 11:38:25.064 [1]: Request (file descriptor 7): CONNECT amazon.com:443 HTTP/1.1
NOTICE Jul 13 11:38:25.064 [1]: Proxying refused on filtered domain "amazon.com"
INFO Jul 13 11:38:26.785 [1]: Closed connection between local client (fd:5) and remote client (fd:6)
CONNECT Jul 13 11:38:36.285 [1]: Connect (file descriptor 5): 10.0.39.4
CONNECT Jul 13 11:38:36.285 [1]: Request (file descriptor 5): CONNECT amazon.com:443 HTTP/1.1
NOTICE Jul 13 11:38:36.285 [1]: Proxying refused on filtered domain "amazon.com"
```
- Curl
```
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
HTTP/1.0 200 Connection established
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- 0:00:02 --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- 0:00:03 --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0
0 220 0 0 0 0 0 0 --:--:-- 0:00:04 --:--:-- 0
Via: 1.1 Swarmproxy (tinyproxy/1.11.1)
Proxy-agent: tinyproxy/1.11.1
HTTP/2 301
location: https://www.google.com/
content-type: text/html; charset=UTF-8
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-UGtC_QXXA9WxUVfYPZJkJA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
date: Thu, 13 Jul 2023 11:38:26 GMT
expires: Thu, 13 Jul 2023 11:38:26 GMT
cache-control: private, max-age=2592000
server: gws
content-length: 220
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+670; expires=Sat, 12-Jul-2025 11:38:26 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
```
- Curl-blocked
```
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
HTTP/1.1 403 Filtered
curl: (56) CONNECT tunnel failed, response 403
Server: tinyproxy/1.11.1
Content-Type: text/html
Connection: close
```

12
renovate.json Normal file
View File

@ -0,0 +1,12 @@
{
"dependencyDashboard": true,
"docker": {
"enabled": true
},
"github-actions": {
"enabled": true,
"fileMatch": [
"^\\.gitea/workflows/[^/]+\\.ya?ml$"
]
}
}