From 3b8e72951300aeacffde331ec30df9d470e1294d Mon Sep 17 00:00:00 2001 From: OCram85 Date: Mon, 10 Jul 2023 14:10:16 +0200 Subject: [PATCH 1/6] fix links --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 1822218..b5e68b0 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,6 @@ swarmproxy is based on the following projects and wouldn't be possible without them: -- [https://github.com/tinyproxy/tinyproxy](Tinyproxy) - The Tinyproxy project itself -- [https://github.com/kalaksi/docker-tinyproxy](docker-tinyproxy) - A containerized tinyproxy variant. -- [https://github.com/ajoergensen/docker-tinyproxy](docker-tinyproxy) - A containerized tinyproxy variant. +- [Tinyproxy](https://github.com/tinyproxy/tinyproxy) - The Tinyproxy project itself +- [docker-tinyproxy](https://github.com/kalaksi/docker-tinyproxy) - A containerized tinyproxy variant. +- [docker-tinyproxy](https://github.com/ajoergensen/docker-tinyproxy) - A containerized tinyproxy variant. -- 2.45.2 From 2d48e86543110e6c206efe6331c4eb055ee64780 Mon Sep 17 00:00:00 2001 From: OCram85 Date: Mon, 10 Jul 2023 15:08:13 +0200 Subject: [PATCH 2/6] wip --- README.md | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/README.md b/README.md index b5e68b0..78d788c 100644 --- a/README.md +++ b/README.md @@ -30,6 +30,29 @@ > :bulb: tbd... +## 😡 We're Using GitHub Under Protest + +This project is currently **mirrored** to GitHub. This is not ideal; GitHub is a +proprietary, trade-secret system that is not Free and Open Source Software +(FOSS). We are deeply concerned about using a proprietary system like GitHub +to develop our FOSS project. We have an +[open Gitea repository ](https://gitea.ocram85.com/CodeServer/arkanum/issues) where the +project contributors are actively discussing how we can move away from GitHub +in the long term. We urge you to read about the +[Give up GitHub](https://GiveUpGitHub.org) campaign from +[the Software Freedom Conservancy](https://sfconservancy.org) to understand +some of the reasons why GitHub is not a good place to host FOSS projects. + +If you are a contributor who personally has already quit using GitHub, please +[check this resource](https://gitea.ocram85.com/CodeServer/arkanum) for how to send us contributions without +using GitHub directly. + +Any use of this project's code by GitHub Copilot, past or present, is done +without our permission. We do not consent to GitHub's use of this project's +code in Copilot. + +![Logo of the GiveUpGitHub campaign](https://sfconservancy.org/img/GiveUpGitHub.png) + ## 🙏 Credits swarmproxy is based on the following projects and wouldn't be possible without them: @@ -37,3 +60,25 @@ swarmproxy is based on the following projects and wouldn't be possible without t - [Tinyproxy](https://github.com/tinyproxy/tinyproxy) - The Tinyproxy project itself - [docker-tinyproxy](https://github.com/kalaksi/docker-tinyproxy) - A containerized tinyproxy variant. - [docker-tinyproxy](https://github.com/ajoergensen/docker-tinyproxy) - A containerized tinyproxy variant. + +## ⚖️ License (AGPLv3) + +![AGPL](https://www.gnu.org/graphics/agplv3-155x51.png) + +``` +Arkanum - Code-Server container optimized for daily use. +Copyright (C) 2022 "OCram85 " + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU Affero General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU Affero General Public License for more details. + +You should have received a copy of the GNU Affero General Public License +along with this program. If not, see . +``` -- 2.45.2 From 167ca2f41f9a606ed1eb026b4e2ca79f59563626 Mon Sep 17 00:00:00 2001 From: OCram85 Date: Mon, 10 Jul 2023 15:10:46 +0200 Subject: [PATCH 3/6] update triggers --- .gitea/workflows/ci.yaml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml index 897a0d5..f35a097 100644 --- a/.gitea/workflows/ci.yaml +++ b/.gitea/workflows/ci.yaml @@ -4,13 +4,10 @@ run-name: docker pipeline on: push: - #branches: none #[ main ] - tags-ignore: - - '*' + branches: [ '*' ] + tags-ignore: [ '*' ] pull_request: - #branches: none # [ main ] - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: + branches: [ main ] jobs: test-build: -- 2.45.2 From 555447f32c21047925e60b4e6240170c6449de58 Mon Sep 17 00:00:00 2001 From: OCram85 Date: Mon, 10 Jul 2023 17:17:59 +0200 Subject: [PATCH 4/6] fix upstream config --- Dockerfile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index a291253..3dfaed1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,6 +23,7 @@ ENV TINYPROXY_UID 5123 ENV TINYPROXY_GID 5123 ENV UPSTREAM_PROXY "" +ENV UPSTREAM_PROXY_FILE "" ENV PORT "8888" ENV TIMEOUT "600" ENV LOGLEVEL "Info" @@ -49,8 +50,6 @@ LogLevel $LOGLEVEL MaxClients $MAXCLIENTS ViaProxyName "tinyproxy" -#upstream http $UPSTREAM_PROXY "." - Filter "$FILTER_FILE" FilterURLs Off FilterCaseSensitive Off @@ -58,8 +57,14 @@ FilterDefaultDeny Yes Allow 127.0.0.1/8 Allow 10.0.0.0/8 + EOF +RUN set -eu && \ + CONFIG='/etc/tinyproxy/tinyproxy.conf' && \ + [ -z "$UPSTREAM_PROXY_FILE" ] || export UPSTREAM_PROXY=$(cat $UPSTREAM_PROXY_FILE) && \ + [ -z "$UPSTREAM_PROXY" ] || echo "upstream http $UPSTREAM_PROXY \".\"" >> "$CONFIG" + RUN chown -R ${TINYPROXY_UID}:${TINYPROXY_GID} /etc/tinyproxy /var/log/tinyproxy USER ${TINYPROXY_UID}:${TINYPROXY_GID} -- 2.45.2 From 5e1cf5bcd180e0168c05546f5e54948d3ebf7d49 Mon Sep 17 00:00:00 2001 From: OCram85 Date: Mon, 10 Jul 2023 17:23:33 +0200 Subject: [PATCH 5/6] wip --- README.md | 72 +++++++++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 60 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 78d788c..c047b20 100644 --- a/README.md +++ b/README.md @@ -17,18 +17,66 @@

- swarmproxy docker image + Swarmproxy is a simple http/https proxy for outbound traffic in a docker swarm cluster.

-

- - Main Branch Build Status - -

+## :book: About -## :book: General +## 🤖 Quickstart -> :bulb: tbd... +### 1. ⚡ Get the image 📦 + +You can download the image from the gitea embedded container registry: `gitea.ocram85.com/ocram85/swarmproxy` with these tags: + +- `latest` - Is based on the lasted master branch commit. +- `next` - Is a test build based on the pull request +- `1`, `0.1`, `0.1.0` - tag based version. + +> **💡 NOTE: See the [packages page](https://gitea.ocram85.com/OCram85/-/packages/container/swarmproxy/latest) for latest version and all other available tags.** + +### 2.a Run as Docker Swarm Stack + +```yaml +version: "3.8" + +secrets: + upstream-proxy: + external: true + +services: + swarmproxy: + image: gitea.ocram85.com/OCram85/swarmproxy:latest + environment: + # mandatory environment variables + - UPSTREAM_PROXY= + # Set UPSTREAM_PROXY as docker secret if your upstream needs authentication + # Eg.: http://user:password@upstream.intra:3128 + #- UPSTREAM_PROXY_FILE=/run/secrets/UPSTREAM_PROXY + + # optional settings + #- TINYPROXY_UID=5123 + #- TINYPROXY_GID=5123 + #- PORT=8888 + #- TIMEOUT=600 + #- LOGLEVEL=Info + #- MAXCLIENTS=600 + #- FILTER_FILE=/ety/tinyproxy/filter + deploy: + replicas: 1 + volumes: + # mount a single file into the container if you need the modify it afterwards + # You can reload the file with `kill -s USR1 $(pidof tinyproxy)` + - ./filter.txt:/etc/tinyproxy/filter:ro + # Use a docker config or volume in production + - + networks: + - egress + +networks: + egress: + attachable: true + #external: true +``` ## 😡 We're Using GitHub Under Protest @@ -36,7 +84,7 @@ This project is currently **mirrored** to GitHub. This is not ideal; GitHub is a proprietary, trade-secret system that is not Free and Open Source Software (FOSS). We are deeply concerned about using a proprietary system like GitHub to develop our FOSS project. We have an -[open Gitea repository ](https://gitea.ocram85.com/CodeServer/arkanum/issues) where the +[open Gitea repository ](https://gitea.ocram85.com/OCram85/swarmproxy/issues) where the project contributors are actively discussing how we can move away from GitHub in the long term. We urge you to read about the [Give up GitHub](https://GiveUpGitHub.org) campaign from @@ -44,7 +92,7 @@ in the long term. We urge you to read about the some of the reasons why GitHub is not a good place to host FOSS projects. If you are a contributor who personally has already quit using GitHub, please -[check this resource](https://gitea.ocram85.com/CodeServer/arkanum) for how to send us contributions without +[check this resource](https://gitea.ocram85.com/OCram85/swarmproxy) for how to send us contributions without using GitHub directly. Any use of this project's code by GitHub Copilot, past or present, is done @@ -66,8 +114,8 @@ swarmproxy is based on the following projects and wouldn't be possible without t ![AGPL](https://www.gnu.org/graphics/agplv3-155x51.png) ``` -Arkanum - Code-Server container optimized for daily use. -Copyright (C) 2022 "OCram85 " +Swarmproxy - A simple http/https proxy for outbound traffic in a docker swarm cluster. +Copyright (C) 2023 "OCram85 " This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by -- 2.45.2 From 032381c0c7dbee43bfa4732df727299e17737c3a Mon Sep 17 00:00:00 2001 From: OCram85 Date: Tue, 11 Jul 2023 10:29:48 +0200 Subject: [PATCH 6/6] fix deployment --- .gitea/workflows/ci.yaml | 34 ++++++++++++++++-------- .gitea/workflows/deploy.yaml | 50 ------------------------------------ .gitea/workflows/test.yaml | 29 +++++++++++++++++++++ 3 files changed, 52 insertions(+), 61 deletions(-) delete mode 100644 .gitea/workflows/deploy.yaml create mode 100644 .gitea/workflows/test.yaml diff --git a/.gitea/workflows/ci.yaml b/.gitea/workflows/ci.yaml index f35a097..25e6d04 100644 --- a/.gitea/workflows/ci.yaml +++ b/.gitea/workflows/ci.yaml @@ -1,23 +1,34 @@ name: ci -run-name: docker pipeline - on: push: - branches: [ '*' ] - tags-ignore: [ '*' ] + branches: + - 'main' + tags: + - 'v*' pull_request: - branches: [ main ] + branches: + - 'main' + jobs: - test-build: + docker: runs-on: ubuntu-latest container: image: catthehacker/ubuntu:act-latest steps: - #- - # name: Set up QEMU - # uses: actions/setup-qemu-action@v2 + - + name: Docker meta + id: meta + uses: actions/metadata-action@v4 + with: + images: | + gitea.ocram85.com/ocram85/swarmproxy + tags: | + type=ref,event=branch + type=ref,event=pr + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} - name: Set up Docker Buildx uses: actions/setup-buildx-action@v2 @@ -33,5 +44,6 @@ jobs: name: Build and push uses: actions/build-push-action@v4 with: - push: false - tags: gitea.ocram85.com/ocram85/swarmproxy:next + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/.gitea/workflows/deploy.yaml b/.gitea/workflows/deploy.yaml deleted file mode 100644 index 1c75bb0..0000000 --- a/.gitea/workflows/deploy.yaml +++ /dev/null @@ -1,50 +0,0 @@ -name: deployment - -run-name: tag based container build and push - -on: - push: - branches: - - 'master' - tags: - - 'v*' - -jobs: - deployment-job: - runs-on: ubuntu-latest - container: - image: catthehacker/ubuntu:act-latest - steps: - - - name: Docker meta - id: meta - uses: actions/metadata-action@v4 - with: - images: | - gitea.ocram85.com/ocram85/swarmproxy - tags: | - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - - - name: Set up QEMU - uses: actions/setup-qemu-action@v2 - - - name: Set up Docker Buildx - uses: actions/setup-buildx-action@v2 - - - name: Login to Gitea Package Registry - uses: actions/login-action@v2 - with: - registry: gitea.ocram85.com - username: ${{ secrets.USERNAME }} - #password: ${{ secrets.PASSWORD }} - password: ${{ secrets.TOKEN }} - - - name: Build and push - uses: actions/build-push-action@v4 - with: - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - #tags: gitea.ocram85.com/ocram85/swarmproxy:next2 - diff --git a/.gitea/workflows/test.yaml b/.gitea/workflows/test.yaml new file mode 100644 index 0000000..c58dac3 --- /dev/null +++ b/.gitea/workflows/test.yaml @@ -0,0 +1,29 @@ +name: test + +run-name: docker pipeline + +on: [ 'push' ] + +jobs: + docker: + runs-on: ubuntu-latest + container: + image: catthehacker/ubuntu:act-latest + steps: + - + name: Set up Docker Buildx + uses: actions/setup-buildx-action@v2 + #- + # name: Login to Gitea Package Registry + # uses: actions/login-action@v2 + # with: + # registry: gitea.ocram85.com + # username: ${{ secrets.USERNAME }} + # password: ${{ secrets.TOKEN }} + - + name: Build and push + uses: actions/build-push-action@v4 + with: + push: false + #tags: gitea.ocram85.com/ocram85/swarmproxy:next + tags: ocram85/swarmproxy:test -- 2.45.2