From 9d5ceade364ed14666ef69c56636900980fe3e90 Mon Sep 17 00:00:00 2001 From: Paramtamtam <7326800+tarampampam@users.noreply.github.com> Date: Sat, 16 Jan 2021 01:16:25 +0500 Subject: [PATCH] 3proxy updated up to 0.9.3 (#1) --- .dockerignore | 8 +++ .github/CODEOWNERS | 3 + .github/dependabot.yml | 21 +++++++ .github/labeler.yml | 21 +++++++ .github/workflows/labeler.yml | 12 ++++ .github/workflows/release.yml | 31 ++++++----- .github/workflows/tests.yml | 83 +++++++++++++++++---------- 3proxy.cfg | 2 +- CHANGELOG.md | 6 ++ Dockerfile | 102 ++++++++++++++++++++++------------ docker-entrypoint.sh | 2 +- 11 files changed, 210 insertions(+), 81 deletions(-) create mode 100644 .dockerignore create mode 100644 .github/CODEOWNERS create mode 100644 .github/dependabot.yml create mode 100644 .github/labeler.yml create mode 100644 .github/workflows/labeler.yml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..4fcaf03 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,8 @@ +.editorconfig +.git +.github +.idea +.vscode +temp +tmp +LICENSE diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS new file mode 100644 index 0000000..a0c6fb4 --- /dev/null +++ b/.github/CODEOWNERS @@ -0,0 +1,3 @@ +# @link + +* @tarampampam diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..a988de8 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,21 @@ +# Docs: + +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + reviewers: + - "tarampampam" + assignees: + - "tarampampam" + + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "weekly" + reviewers: + - "tarampampam" + assignees: + - "tarampampam" diff --git a/.github/labeler.yml b/.github/labeler.yml new file mode 100644 index 0000000..8e8a461 --- /dev/null +++ b/.github/labeler.yml @@ -0,0 +1,21 @@ +docs: + - '**/*.md' + - '**/*.MD' + +.github: + - '.github/**/*' + +CI: + - '.github/workflows/**/*' + - '.github/actions/**/*' + +docker: + - 'Dockerfile' + - 'docker/**/*' + - '.dockerignore' + - 'docker-entrypoint.sh' + - '3proxy.cfg' + +dev: + - '.gitignore' + - '.editorconfig' diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml new file mode 100644 index 0000000..f7edd4c --- /dev/null +++ b/.github/workflows/labeler.yml @@ -0,0 +1,12 @@ +name: labeler + +on: [pull_request_target] + +jobs: + triage: + runs-on: ubuntu-20.04 + steps: + - uses: actions/labeler@v3 # Action page: + with: + repo-token: "${{ secrets.GITHUB_TOKEN }}" + sync-labels: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a8ae272..656afae 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -12,22 +12,27 @@ jobs: - name: Check out code uses: actions/checkout@v2 - - name: Generate image tag value - run: echo "::set-env name=IMAGE_TAG::${GITHUB_REF##*/[vV]}" # `/refs/tags/v1.2.3` -> `1.2.3` + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 # Action page: + id: buildx - - name: Make docker login + - name: Docker login in default registry run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_LOGIN }}" --password-stdin &> /dev/null + - name: Docker login in ghcr.io # Auth docs: + run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login ghcr.io -u tarampampam --password-stdin + + - name: Generate image tag value + id: tag + run: echo "::set-output name=value::`echo ${GITHUB_REF##*/} | sed -e 's/^[vV ]*//'`" # `/refs/tags/v1.2.3` -> `1.2.3` + - name: Build image run: | - docker build \ - --build-arg "BUILD_DATE=`date -u +'%Y-%m-%dT%H:%M:%SZ'`" \ - --tag "tarampampam/3proxy:${IMAGE_TAG}" \ + docker buildx build \ + --platform ${{ steps.buildx.outputs.platforms }} \ + --tag "tarampampam/3proxy:${{ steps.tag.outputs.value }} \ --tag "tarampampam/3proxy:latest" \ - -f ./Dockerfile . - - - name: Push version image - run: docker push "tarampampam/3proxy:${IMAGE_TAG}" - - - name: Push latest image - run: docker push "tarampampam/3proxy:latest" + --tag "ghcr.io/tarampampam/3proxy:${{ steps.tag.outputs.value }}" \ + --tag "ghcr.io/tarampampam/3proxy:latest" \ + --push \ + . diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index a54abeb..7f813fa 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -11,27 +11,64 @@ on: - cron: '0 0 * * 0' # once in a week, docs: jobs: # Docs: - docker-image: - name: Build and use docker image - runs-on: ubuntu-latest + build-image: + name: Build docker image + runs-on: ubuntu-20.04 steps: - name: Check out code uses: actions/checkout@v2 - name: Build docker image - run: docker build -f ./Dockerfile --tag image:local . + run: docker build -f ./Dockerfile --tag 3proxy:local . - - name: Run docker image with default settings - run: | - docker run --rm -d \ - -p "3128:3128/tcp" \ - -p "1080:1080/tcp" \ - image:local + - name: Scan image + uses: anchore/scan-action@v2 # action page: + with: + image: 3proxy:local + fail-build: true + severity-cutoff: low # negligible, low, medium, high or critical + + - name: Save docker image + run: docker save 3proxy:local > ./docker-image.tar + + - name: Upload artifact + uses: actions/upload-artifact@v2 + with: + name: docker-image + path: ./docker-image.tar + + try-to-use: + name: Build and use docker image (auth ${{ matrix.auth }}) + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + auth: [yes, no] + needs: [build-image] + steps: + - name: Download builded docker image + uses: actions/download-artifact@v2 + with: + name: docker-image + path: .artifact + + - name: Prepare image to run + working-directory: .artifact + run: docker load < docker-image.tar + + - name: Start server without auth setup + if: matrix.auth != 'yes' + run: docker run --rm -d -p "3128:3128/tcp" -p "1080:1080/tcp" 3proxy:local + + - name: Start server with auth setup + if: matrix.auth == 'yes' + run: docker run --rm -d -p "3128:3128/tcp" -p "1080:1080/tcp" -e "PROXY_LOGIN=evil" -e "PROXY_PASSWORD=live" 3proxy:local - name: Pause - run: sleep 2 + run: sleep 3 - name: Try to use HTTP proxy + if: matrix.auth != 'yes' run: | curl -v --fail \ --proxy http://127.0.0.1:3128 \ @@ -40,6 +77,7 @@ jobs: # Docs: https://github.com/robots.txt - name: Try to use SOCKS proxy + if: matrix.auth != 'yes' run: | curl -v --fail \ --proxy socks5://127.0.0.1:1080 \ @@ -47,22 +85,8 @@ jobs: # Docs: --max-time 3 \ https://github.com/robots.txt - - name: Stop container - run: docker stop $(docker ps -a --filter ancestor=image:local -q) - - - name: Run docker image with auth settings - run: | - docker run --rm -d \ - -p "3128:3128/tcp" \ - -p "1080:1080/tcp" \ - -e "PROXY_LOGIN=evil" \ - -e "PROXY_PASSWORD=live" \ - image:local - - - name: Pause - run: sleep 2 - - - name: Try to use HTTP proxy + - name: Try to use HTTP proxy (with auth) + if: matrix.auth == 'yes' run: | curl -v --fail \ --proxy http://127.0.0.1:3128 \ @@ -71,7 +95,8 @@ jobs: # Docs: --max-time 3 \ https://github.com/robots.txt - - name: Try to use SOCKS proxy + - name: Try to use SOCKS proxy (with auth) + if: matrix.auth == 'yes' run: | curl -v --fail \ --proxy socks5://127.0.0.1:1080 \ @@ -81,4 +106,4 @@ jobs: # Docs: https://github.com/robots.txt - name: Stop container - run: docker stop $(docker ps -a --filter ancestor=image:local -q) + run: docker stop $(docker ps -a --filter ancestor=3proxy:local -q) diff --git a/3proxy.cfg b/3proxy.cfg index f932781..9a1b459 100644 --- a/3proxy.cfg +++ b/3proxy.cfg @@ -1,4 +1,4 @@ -#!/usr/bin/3proxy +#!/bin/3proxy config /etc/3proxy/3proxy.cfg # you may use system to execute some external command if proxy starts diff --git a/CHANGELOG.md b/CHANGELOG.md index 4a38b0c..f3f7550 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,12 @@ All notable changes to this package will be documented in this file. The format is based on [Keep a Changelog][keepachangelog] and this project adheres to [Semantic Versioning][semver]. +## v1.2.0 + +### Changed + +- 3proxy updated from `0.8.13` up to `0.9.3` + ## v1.1.0 ### Removed diff --git a/Dockerfile b/Dockerfile index 5a3c3e1..375c015 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,46 +1,48 @@ # Image page: -FROM alpine:latest as builder +FROM gcc:9.3 as builder -# e.g.: `docker build --build-arg "VERSION=0.8.13" .` -ARG VERSION="0.8.13" +# e.g.: `docker build --build-arg "VERSION=0.9.3" .` +ARG VERSION="0.9.3" +# Fetch 3proxy sources RUN set -x \ - && apk add --no-cache \ - linux-headers \ - build-base \ - git \ - && git clone --branch ${VERSION} https://github.com/z3APA3A/3proxy.git /tmp/3proxy \ - && cd /tmp/3proxy \ - && echo '#define ANONYMOUS 1' >> /tmp/3proxy/src/3proxy.h \ + && git clone --branch "${VERSION}" https://github.com/z3APA3A/3proxy.git /tmp/3proxy + +WORKDIR /tmp/3proxy + +# Patch sources +RUN set -x \ + && echo '#define ANONYMOUS 1' >> ./src/3proxy.h \ + # proxy.c source: && sed -i 's~\(<\/head>\)~\1~' /tmp/3proxy/src/proxy.c \ - && cat ./src/proxy.c | grep '' \ - && make -f Makefile.Linux - -FROM alpine:latest - -# e.g.: `docker build --build-arg "BUILD_DATE=`date -u +'%Y-%m-%dT%H:%M:%SZ'`" .` -ARG BUILD_DATE - -LABEL \ - org.label-schema.name="3proxy" \ - org.label-schema.description="Tiny free proxy server" \ - org.label-schema.url="https://github.com/tarampampam/3proxy-docker" \ - org.label-schema.vcs-url="https://github.com/tarampampam/3proxy-docker" \ - org.label-schema.docker.cmd="docker run --rm -d -p \"3128:3128/tcp\" -p \"1080:1080/tcp\" this_image" \ - org.label-schema.vendor="tarampampam" \ - org.label-schema.build-date="$BUILD_DATE" \ - org.label-schema.license="WTFPL" \ - org.label-schema.schema-version="1.0" - -COPY 3proxy.cfg /etc/3proxy/3proxy.cfg -COPY docker-entrypoint.sh /docker-entrypoint.sh -COPY --from=builder /tmp/3proxy/src/3proxy /usr/bin/3proxy +h3,p{color:#bbb}\1~' ./src/proxy.c \ + && cat ./src/proxy.c | grep '' +# And compile +RUN set -x \ + && echo "" >> ./Makefile.Linux \ + && echo "PLUGINS = StringsPlugin TrafficPlugin PCREPlugin TransparentPlugin SSLPlugin" >> ./Makefile.Linux \ + && echo "LIBS = -l:libcrypto.a -l:libssl.a -ldl" >> ./Makefile.Linux \ + && make -f Makefile.Linux \ + && strip ./bin/3proxy \ + && strip ./bin/StringsPlugin.ld.so \ + && strip ./bin/TrafficPlugin.ld.so \ + && strip ./bin/PCREPlugin.ld.so \ + && strip ./bin/TransparentPlugin.ld.so \ + && strip ./bin/SSLPlugin.ld.so + +# Prepare filesystem for 3proxy running +FROM busybox:1.32-glibc as buffer + +# Copy binaries +COPY --from=builder /lib/x86_64-linux-gnu/libdl.so.* /lib/ +COPY --from=builder /tmp/3proxy/bin/3proxy /bin/ +COPY --from=builder /tmp/3proxy/bin/*.ld.so /usr/local/3proxy/libexec/ + +# Create unprivileged user RUN set -x \ - # Unprivileged user creation && adduser \ --disabled-password \ --gecos "" \ @@ -48,12 +50,38 @@ RUN set -x \ --shell /sbin/nologin \ --no-create-home \ --uid 10001 \ - 3proxy \ - && chown 3proxy:3proxy -R /etc/3proxy + 3proxy + +# Prepare files and directories +RUN set -x \ + && chown -R 10001:10001 /usr/local/3proxy \ + && chmod -R 550 /usr/local/3proxy \ + && chmod -R 555 /usr/local/3proxy/libexec \ + && chown -R root /usr/local/3proxy/libexec \ + && mkdir /etc/3proxy \ + && chown -R 10001:10001 /etc/3proxy + +# Copy our config and entrypoint script +COPY 3proxy.cfg /etc/3proxy/3proxy.cfg +COPY docker-entrypoint.sh /docker-entrypoint.sh + +# Split all buffered layers into one +FROM scratch + +LABEL \ + org.opencontainers.image.title="3proxy" \ + org.opencontainers.image.description="Tiny free proxy server" \ + org.opencontainers.image.url="https://github.com/tarampampam/3proxy-docker" \ + org.opencontainers.image.source="https://github.com/tarampampam/3proxy-docker" \ + org.opencontainers.image.vendor="Tarampampam" \ + org.opencontainers.image.licenses="WTFPL" + +# Import from builder +COPY --from=buffer / / # Use an unprivileged user USER 3proxy:3proxy ENTRYPOINT ["/docker-entrypoint.sh"] -CMD ["/usr/bin/3proxy", "/etc/3proxy/3proxy.cfg"] +CMD ["/bin/3proxy", "/etc/3proxy/3proxy.cfg"] diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index af6378e..5829308 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env sh +#!/bin/sh set -e PROXY_LOGIN=${PROXY_LOGIN:-} # string