generated from Templates/Baseline
Adds initial readme #4
@ -1,26 +1,34 @@
|
|||||||
name: ci
|
name: ci
|
||||||
|
|
||||||
run-name: docker pipeline
|
|
||||||
|
|
||||||
on:
|
on:
|
||||||
push:
|
push:
|
||||||
#branches: none #[ main ]
|
branches:
|
||||||
tags-ignore:
|
- 'main'
|
||||||
- '*'
|
tags:
|
||||||
|
- 'v*'
|
||||||
pull_request:
|
pull_request:
|
||||||
#branches: none # [ main ]
|
branches:
|
||||||
# Allows you to run this workflow manually from the Actions tab
|
- 'main'
|
||||||
workflow_dispatch:
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
test-build:
|
docker:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
container:
|
container:
|
||||||
image: catthehacker/ubuntu:act-latest
|
image: catthehacker/ubuntu:act-latest
|
||||||
steps:
|
steps:
|
||||||
#-
|
-
|
||||||
# name: Set up QEMU
|
name: Docker meta
|
||||||
# uses: actions/setup-qemu-action@v2
|
id: meta
|
||||||
|
uses: actions/metadata-action@v4
|
||||||
|
with:
|
||||||
|
images: |
|
||||||
|
gitea.ocram85.com/ocram85/swarmproxy
|
||||||
|
tags: |
|
||||||
|
type=ref,event=branch
|
||||||
|
type=ref,event=pr
|
||||||
|
type=semver,pattern={{version}}
|
||||||
|
type=semver,pattern={{major}}.{{minor}}
|
||||||
-
|
-
|
||||||
name: Set up Docker Buildx
|
name: Set up Docker Buildx
|
||||||
uses: actions/setup-buildx-action@v2
|
uses: actions/setup-buildx-action@v2
|
||||||
@ -36,5 +44,6 @@ jobs:
|
|||||||
name: Build and push
|
name: Build and push
|
||||||
uses: actions/build-push-action@v4
|
uses: actions/build-push-action@v4
|
||||||
with:
|
with:
|
||||||
push: false
|
push: ${{ github.event_name != 'pull_request' }}
|
||||||
tags: gitea.ocram85.com/ocram85/swarmproxy:next
|
tags: ${{ steps.meta.outputs.tags }}
|
||||||
|
labels: ${{ steps.meta.outputs.labels }}
|
||||||
|
@ -1,50 +0,0 @@
|
|||||||
name: deployment
|
|
||||||
|
|
||||||
run-name: tag based container build and push
|
|
||||||
|
|
||||||
on:
|
|
||||||
push:
|
|
||||||
branches:
|
|
||||||
- 'master'
|
|
||||||
tags:
|
|
||||||
- 'v*'
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
deployment-job:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
container:
|
|
||||||
image: catthehacker/ubuntu:act-latest
|
|
||||||
steps:
|
|
||||||
-
|
|
||||||
name: Docker meta
|
|
||||||
id: meta
|
|
||||||
uses: actions/metadata-action@v4
|
|
||||||
with:
|
|
||||||
images: |
|
|
||||||
gitea.ocram85.com/ocram85/swarmproxy
|
|
||||||
tags: |
|
|
||||||
type=semver,pattern={{version}}
|
|
||||||
type=semver,pattern={{major}}.{{minor}}
|
|
||||||
-
|
|
||||||
name: Set up QEMU
|
|
||||||
uses: actions/setup-qemu-action@v2
|
|
||||||
-
|
|
||||||
name: Set up Docker Buildx
|
|
||||||
uses: actions/setup-buildx-action@v2
|
|
||||||
-
|
|
||||||
name: Login to Gitea Package Registry
|
|
||||||
uses: actions/login-action@v2
|
|
||||||
with:
|
|
||||||
registry: gitea.ocram85.com
|
|
||||||
username: ${{ secrets.USERNAME }}
|
|
||||||
#password: ${{ secrets.PASSWORD }}
|
|
||||||
password: ${{ secrets.TOKEN }}
|
|
||||||
-
|
|
||||||
name: Build and push
|
|
||||||
uses: actions/build-push-action@v4
|
|
||||||
with:
|
|
||||||
push: ${{ github.event_name != 'pull_request' }}
|
|
||||||
tags: ${{ steps.meta.outputs.tags }}
|
|
||||||
labels: ${{ steps.meta.outputs.labels }}
|
|
||||||
#tags: gitea.ocram85.com/ocram85/swarmproxy:next2
|
|
||||||
|
|
29
.gitea/workflows/test.yaml
Normal file
29
.gitea/workflows/test.yaml
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
name: test
|
||||||
|
|
||||||
|
run-name: docker pipeline
|
||||||
|
|
||||||
|
on: [ 'push' ]
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
docker:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
container:
|
||||||
|
image: catthehacker/ubuntu:act-latest
|
||||||
|
steps:
|
||||||
|
-
|
||||||
|
name: Set up Docker Buildx
|
||||||
|
uses: actions/setup-buildx-action@v2
|
||||||
|
#-
|
||||||
|
# name: Login to Gitea Package Registry
|
||||||
|
# uses: actions/login-action@v2
|
||||||
|
# with:
|
||||||
|
# registry: gitea.ocram85.com
|
||||||
|
# username: ${{ secrets.USERNAME }}
|
||||||
|
# password: ${{ secrets.TOKEN }}
|
||||||
|
-
|
||||||
|
name: Build and push
|
||||||
|
uses: actions/build-push-action@v4
|
||||||
|
with:
|
||||||
|
push: false
|
||||||
|
#tags: gitea.ocram85.com/ocram85/swarmproxy:next
|
||||||
|
tags: ocram85/swarmproxy:test
|
@ -23,6 +23,7 @@ ENV TINYPROXY_UID 5123
|
|||||||
ENV TINYPROXY_GID 5123
|
ENV TINYPROXY_GID 5123
|
||||||
|
|
||||||
ENV UPSTREAM_PROXY ""
|
ENV UPSTREAM_PROXY ""
|
||||||
|
ENV UPSTREAM_PROXY_FILE ""
|
||||||
ENV PORT "8888"
|
ENV PORT "8888"
|
||||||
ENV TIMEOUT "600"
|
ENV TIMEOUT "600"
|
||||||
ENV LOGLEVEL "Info"
|
ENV LOGLEVEL "Info"
|
||||||
@ -49,8 +50,6 @@ LogLevel $LOGLEVEL
|
|||||||
MaxClients $MAXCLIENTS
|
MaxClients $MAXCLIENTS
|
||||||
ViaProxyName "tinyproxy"
|
ViaProxyName "tinyproxy"
|
||||||
|
|
||||||
#upstream http $UPSTREAM_PROXY "."
|
|
||||||
|
|
||||||
Filter "$FILTER_FILE"
|
Filter "$FILTER_FILE"
|
||||||
FilterURLs Off
|
FilterURLs Off
|
||||||
FilterCaseSensitive Off
|
FilterCaseSensitive Off
|
||||||
@ -58,8 +57,14 @@ FilterDefaultDeny Yes
|
|||||||
|
|
||||||
Allow 127.0.0.1/8
|
Allow 127.0.0.1/8
|
||||||
Allow 10.0.0.0/8
|
Allow 10.0.0.0/8
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
RUN set -eu && \
|
||||||
|
CONFIG='/etc/tinyproxy/tinyproxy.conf' && \
|
||||||
|
[ -z "$UPSTREAM_PROXY_FILE" ] || export UPSTREAM_PROXY=$(cat $UPSTREAM_PROXY_FILE) && \
|
||||||
|
[ -z "$UPSTREAM_PROXY" ] || echo "upstream http $UPSTREAM_PROXY \".\"" >> "$CONFIG"
|
||||||
|
|
||||||
RUN chown -R ${TINYPROXY_UID}:${TINYPROXY_GID} /etc/tinyproxy /var/log/tinyproxy
|
RUN chown -R ${TINYPROXY_UID}:${TINYPROXY_GID} /etc/tinyproxy /var/log/tinyproxy
|
||||||
USER ${TINYPROXY_UID}:${TINYPROXY_GID}
|
USER ${TINYPROXY_UID}:${TINYPROXY_GID}
|
||||||
|
|
||||||
|
115
README.md
115
README.md
@ -17,23 +17,116 @@
|
|||||||
</h1>
|
</h1>
|
||||||
|
|
||||||
<p align="center">
|
<p align="center">
|
||||||
swarmproxy docker image
|
Swarmproxy is a simple http/https proxy for outbound traffic in a docker swarm cluster.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p align="center">
|
## :book: About
|
||||||
<a href="https://drone.ocram85.com/OCram85/swarmproxy">
|
|
||||||
<img src="https://drone.ocram85.com/api/badges/OCram85/swarmproxy/status.svg" alt="Main Branch Build Status">
|
|
||||||
</a>
|
|
||||||
</p>
|
|
||||||
|
|
||||||
## :book: General
|
## 🤖 Quickstart
|
||||||
|
|
||||||
> :bulb: tbd...
|
### 1. ⚡ Get the image 📦
|
||||||
|
|
||||||
|
You can download the image from the gitea embedded container registry: `gitea.ocram85.com/ocram85/swarmproxy` with these tags:
|
||||||
|
|
||||||
|
- `latest` - Is based on the lasted master branch commit.
|
||||||
|
- `next` - Is a test build based on the pull request
|
||||||
|
- `1`, `0.1`, `0.1.0` - tag based version.
|
||||||
|
|
||||||
|
> **💡 NOTE: See the [packages page](https://gitea.ocram85.com/OCram85/-/packages/container/swarmproxy/latest) for latest version and all other available tags.**
|
||||||
|
|
||||||
|
### 2.a Run as Docker Swarm Stack
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
secrets:
|
||||||
|
upstream-proxy:
|
||||||
|
external: true
|
||||||
|
|
||||||
|
services:
|
||||||
|
swarmproxy:
|
||||||
|
image: gitea.ocram85.com/OCram85/swarmproxy:latest
|
||||||
|
environment:
|
||||||
|
# mandatory environment variables
|
||||||
|
- UPSTREAM_PROXY=
|
||||||
|
# Set UPSTREAM_PROXY as docker secret if your upstream needs authentication
|
||||||
|
# Eg.: http://user:password@upstream.intra:3128
|
||||||
|
#- UPSTREAM_PROXY_FILE=/run/secrets/UPSTREAM_PROXY
|
||||||
|
|
||||||
|
# optional settings
|
||||||
|
#- TINYPROXY_UID=5123
|
||||||
|
#- TINYPROXY_GID=5123
|
||||||
|
#- PORT=8888
|
||||||
|
#- TIMEOUT=600
|
||||||
|
#- LOGLEVEL=Info
|
||||||
|
#- MAXCLIENTS=600
|
||||||
|
#- FILTER_FILE=/ety/tinyproxy/filter
|
||||||
|
deploy:
|
||||||
|
replicas: 1
|
||||||
|
volumes:
|
||||||
|
# mount a single file into the container if you need the modify it afterwards
|
||||||
|
# You can reload the file with `kill -s USR1 $(pidof tinyproxy)`
|
||||||
|
- ./filter.txt:/etc/tinyproxy/filter:ro
|
||||||
|
# Use a docker config or volume in production
|
||||||
|
-
|
||||||
|
networks:
|
||||||
|
- egress
|
||||||
|
|
||||||
|
networks:
|
||||||
|
egress:
|
||||||
|
attachable: true
|
||||||
|
#external: true
|
||||||
|
```
|
||||||
|
|
||||||
|
## 😡 We're Using GitHub Under Protest
|
||||||
|
|
||||||
|
This project is currently **mirrored** to GitHub. This is not ideal; GitHub is a
|
||||||
|
proprietary, trade-secret system that is not Free and Open Source Software
|
||||||
|
(FOSS). We are deeply concerned about using a proprietary system like GitHub
|
||||||
|
to develop our FOSS project. We have an
|
||||||
|
[open Gitea repository ](https://gitea.ocram85.com/OCram85/swarmproxy/issues) where the
|
||||||
|
project contributors are actively discussing how we can move away from GitHub
|
||||||
|
in the long term. We urge you to read about the
|
||||||
|
[Give up GitHub](https://GiveUpGitHub.org) campaign from
|
||||||
|
[the Software Freedom Conservancy](https://sfconservancy.org) to understand
|
||||||
|
some of the reasons why GitHub is not a good place to host FOSS projects.
|
||||||
|
|
||||||
|
If you are a contributor who personally has already quit using GitHub, please
|
||||||
|
[check this resource](https://gitea.ocram85.com/OCram85/swarmproxy) for how to send us contributions without
|
||||||
|
using GitHub directly.
|
||||||
|
|
||||||
|
Any use of this project's code by GitHub Copilot, past or present, is done
|
||||||
|
without our permission. We do not consent to GitHub's use of this project's
|
||||||
|
code in Copilot.
|
||||||
|
|
||||||
|
![Logo of the GiveUpGitHub campaign](https://sfconservancy.org/img/GiveUpGitHub.png)
|
||||||
|
|
||||||
## 🙏 Credits
|
## 🙏 Credits
|
||||||
|
|
||||||
swarmproxy is based on the following projects and wouldn't be possible without them:
|
swarmproxy is based on the following projects and wouldn't be possible without them:
|
||||||
|
|
||||||
- [https://github.com/tinyproxy/tinyproxy](Tinyproxy) - The Tinyproxy project itself
|
- [Tinyproxy](https://github.com/tinyproxy/tinyproxy) - The Tinyproxy project itself
|
||||||
- [https://github.com/kalaksi/docker-tinyproxy](docker-tinyproxy) - A containerized tinyproxy variant.
|
- [docker-tinyproxy](https://github.com/kalaksi/docker-tinyproxy) - A containerized tinyproxy variant.
|
||||||
- [https://github.com/ajoergensen/docker-tinyproxy](docker-tinyproxy) - A containerized tinyproxy variant.
|
- [docker-tinyproxy](https://github.com/ajoergensen/docker-tinyproxy) - A containerized tinyproxy variant.
|
||||||
|
|
||||||
|
## ⚖️ License (AGPLv3)
|
||||||
|
|
||||||
|
![AGPL](https://www.gnu.org/graphics/agplv3-155x51.png)
|
||||||
|
|
||||||
|
```
|
||||||
|
Swarmproxy - A simple http/https proxy for outbound traffic in a docker swarm cluster.
|
||||||
|
Copyright (C) 2023 "OCram85 <me@ocram85.com>"
|
||||||
|
|
||||||
|
This program is free software: you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU Affero General Public License as published by
|
||||||
|
the Free Software Foundation, either version 3 of the License, or
|
||||||
|
(at your option) any later version.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU Affero General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU Affero General Public License
|
||||||
|
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||||
|
```
|
||||||
|
Loading…
Reference in New Issue
Block a user