scriptos/3proxy-docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

chore: Repo umstrukturiert – Doku, Gitea-Workflow und Bereinigung
All checks were successful
Release Docker Image / Build & Push Docker Image (release) Successful in 3m25s
Details

Browse Source
This commit is contained in:
Patrick Asmus
2026-04-06 15:58:57 +02:00
parent 4a3948a995
commit f2562747d7
18 changed files with 311 additions and 1199 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
.gitea/workflows/release-docker.yml Normal file
View File

@@ -0,0 +1,70 @@
# 3proxy-docker CI - Release Docker Build
# Wird ausgelöst, wenn ein Release veröffentlicht wird (Tag-Format: v0.1.0)
# Baut das Docker-Image und pusht es in die Gitea Container Registry mit :latest und :vX.Y.Z Tags
name: Release Docker Image
on:
release:
types: [published]
workflow_dispatch:
env:
IMAGE_NAME: 3proxy
jobs:
docker:
name: Build & Push Docker Image
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Extract version from tag
id: version
run: |
# Release-Tag aus dem Release-Event, oder letzter Git-Tag bei workflow_dispatch
TAG="${{ github.event.release.tag_name }}"
if [ -z "$TAG" ]; then
TAG="$(git describe --tags --abbrev=0 2>/dev/null || echo '')"
fi
if [ -z "$TAG" ]; then
echo "::error::Kein Tag gefunden. Bitte zuerst ein Release oder Tag erstellen."
exit 1
fi
echo "tag=${TAG}" >> "$GITHUB_OUTPUT"
# 'v'-Präfix für Docker-Tag entfernen
VERSION="${TAG#v}"
echo "version=${VERSION}" >> "$GITHUB_OUTPUT"
# Protokoll (https://) aus der REGISTRY_URL für Docker-Tags entfernen
REGISTRY="${{ vars.REGISTRY_URL }}"
REGISTRY="${REGISTRY#https://}"
REGISTRY="${REGISTRY#http://}"
echo "registry=${REGISTRY}" >> "$GITHUB_OUTPUT"
- name: Login to Gitea Container Registry
uses: docker/login-action@v3
with:
registry: ${{ vars.REGISTRY_URL }}
username: ${{ secrets.REGISTRY_USER }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: |
${{ steps.version.outputs.registry }}/${{ secrets.REGISTRY_USER }}/${{ env.IMAGE_NAME }}:latest
${{ steps.version.outputs.registry }}/${{ secrets.REGISTRY_USER }}/${{ env.IMAGE_NAME }}:${{ steps.version.outputs.tag }}
labels: |
org.opencontainers.image.title=3proxy
org.opencontainers.image.description=Leichtgewichtiger Proxyserver (HTTP & SOCKS5) als Docker-Container
org.opencontainers.image.version=${{ steps.version.outputs.version }}
org.opencontainers.image.source=${{ github.server_url }}/${{ github.repository }}
org.opencontainers.image.licenses=WTFPL

3
.github/CODEOWNERS vendored
View File

@@ -1,3 +0,0 @@
# @link <https://help.github.com/en/articles/about-code-owners>
* @tarampampam

17
.github/dependabot.yml vendored
View File

@@ -1,17 +0,0 @@
# yaml-language-server: $schema=https://json.schemastore.org/dependabot-2.0.json
# docs: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/customizing-dependency-updates
version: 2
updates:
- package-ecosystem: github-actions
directory: /
groups: {github-actions: {patterns: ['*']}}
schedule: {interval: monthly}
assignees: [tarampampam]
- package-ecosystem: docker
directory: /
groups: {docker: {patterns: ['*']}}
schedule: {interval: monthly}
assignees: [tarampampam]

13
.github/release.yml vendored
View File

@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://json.schemastore.org/github-release-config.json
# docs: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes
changelog:
categories:
- title: 🛠 Fixes
labels: [type:fix, type:bug]
- title: 🚀 Features
labels: [type:feature, type:feature_request]
- title: 📦 Dependency updates
labels: [dependencies]
- title: Other Changes
labels: ['*']

7
.github/renovate.json vendored
View File

@@ -1,7 +0,0 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"github>tarampampam/.github//renovate/default",
":rebaseStalePrs"
]
}

22
.github/workflows/documentation.yml vendored
View File

@@ -1,22 +0,0 @@
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
name: 📚 Documentation
on:
push:
branches: [master, main]
paths: ['README.md']
jobs:
docker-hub-description:
name: Docker Hub Description
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKER_LOGIN }}
password: ${{ secrets.DOCKER_USER_PASSWORD }}
repository: tarampampam/3proxy

86
.github/workflows/release.yml vendored
View File

@@ -1,86 +0,0 @@
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
name: 🚀 Release
on:
release: {types: [published]}
workflow_dispatch: {}
jobs:
build-docker-image:
name: Build the docker image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_LOGIN }}
password: ${{ secrets.DOCKER_PASSWORD }}
- uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- {uses: gacts/github-slug@v1, id: slug}
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/build-push-action@v6
with:
context: .
push: true
platforms: linux/amd64,linux/arm64
tags: |
ghcr.io/${{ github.actor }}/3proxy:latest
ghcr.io/${{ github.actor }}/3proxy:${{ steps.slug.outputs.version }}
ghcr.io/${{ github.actor }}/3proxy:${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}
ghcr.io/${{ github.actor }}/3proxy:${{ steps.slug.outputs.version-major }}
docker.io/tarampampam/3proxy:latest
docker.io/tarampampam/3proxy:${{ steps.slug.outputs.version }}
docker.io/tarampampam/3proxy:${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}
docker.io/tarampampam/3proxy:${{ steps.slug.outputs.version-major }}
helm-pack:
name: Pack the Helm chart
runs-on: ubuntu-latest
needs: [build-docker-image]
defaults: {run: {working-directory: ./deployments/helm}}
steps:
- uses: actions/checkout@v4
- uses: azure/setup-helm@v4
- {uses: gacts/github-slug@v1, id: slug}
- run: |
helm package \
--app-version "${{ steps.slug.outputs.version }}" \
--version "${{ steps.slug.outputs.version }}" .
- uses: actions/upload-artifact@v4
with:
name: helm-chart
path: ./deployments/helm/*.tgz
if-no-files-found: error
retention-days: 1
helm-publish:
name: Put the Helm chart to the GitHub pages branch
runs-on: ubuntu-latest
needs: [helm-pack]
steps:
- {uses: actions/checkout@v4, with: {ref: gh-pages}}
- uses: azure/setup-helm@v4
- uses: actions/download-artifact@v4
with: {name: helm-chart, path: ./helm-charts}
- name: Update the index.yaml
run: |
helm repo index \
--url https://${{ github.actor }}.github.io/${{ github.event.repository.name }}/helm-charts/ \
--merge \
./helm-charts/index.yaml \
./helm-charts
- {uses: gacts/directory-listing@v1, with: {overwrite: true}}
- name: Commit and push the changes
run: |
git config user.name "${{ github.actor }}"
git config user.email "${{ github.actor }}@users.noreply.github.com"
git add .
git commit -m "Helm chart release"
git push origin gh-pages

114
.github/workflows/tests.yml vendored
View File

@@ -1,114 +0,0 @@
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
name: 🧪 Tests
on:
workflow_dispatch: {}
push:
branches: [master, main]
paths-ignore: ['**.md']
tags-ignore: ['**']
pull_request:
paths-ignore: ['**.md']
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
jobs:
gitleaks:
name: Check for GitLeaks
runs-on: ubuntu-latest
steps:
- {uses: actions/checkout@v4, with: {fetch-depth: 0}}
- uses: gacts/gitleaks@v1
lint-charts:
name: Lint the chart
runs-on: ubuntu-latest
defaults: {run: {working-directory: ./deployments/helm}}
steps:
- uses: actions/checkout@v4
- uses: azure/setup-helm@v4
- run: helm dependency update .
- run: helm template . > /dev/null
- run: helm lint --strict .
build-image:
name: Build the docker image
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: docker build -f ./Dockerfile --tag 3proxy:local .
- run: docker save 3proxy:local > ./docker-image.tar
- uses: actions/upload-artifact@v4
with:
name: docker-image
path: ./docker-image.tar
retention-days: 1
try-to-use:
name: Try to use the docker image (auth ${{ matrix.auth }})
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
auth: [yes, no]
needs: [build-image]
steps:
- uses: actions/download-artifact@v4
with:
name: docker-image
path: .artifact
- working-directory: .artifact
run: docker load < docker-image.tar
- if: matrix.auth != 'yes'
run: docker run --rm -d -p "3128:3128/tcp" -p "1080:1080/tcp" 3proxy:local
- if: matrix.auth == 'yes'
run: docker run --rm -d -p "3128:3128/tcp" -p "1080:1080/tcp" -e "PROXY_LOGIN=evil" -e "PROXY_PASSWORD=live" -e 'EXTRA_ACCOUNTS={"foo":"bar"}' 3proxy:local
- run: sleep 3
- name: Try to use HTTP proxy
if: matrix.auth != 'yes'
run: |
curl -v --fail \
--proxy http://127.0.0.1:3128 \
--connect-timeout 3 \
--max-time 3 \
https://www.cloudflare.com/robots.txt
- name: Try to use SOCKS proxy
if: matrix.auth != 'yes'
run: |
curl -v --fail \
--proxy socks5://127.0.0.1:1080 \
--connect-timeout 3 \
--max-time 3 \
https://www.cloudflare.com/robots.txt
- name: Try to use HTTP proxy (with auth)
if: matrix.auth == 'yes'
run: |
curl -v --fail \
--proxy http://127.0.0.1:3128 \
--proxy-user evil:live \
--connect-timeout 3 \
--max-time 3 \
https://www.cloudflare.com/robots.txt
- name: Try to use HTTP proxy (with auth, extra user)
if: matrix.auth == 'yes'
run: |
curl -v --fail \
--proxy http://127.0.0.1:3128 \
--proxy-user foo:bar \
--connect-timeout 3 \
--max-time 3 \
https://www.cloudflare.com/robots.txt
- name: Try to use SOCKS proxy (with auth)
if: matrix.auth == 'yes'
run: |
curl -v --fail \
--proxy socks5://127.0.0.1:1080 \
--proxy-user evil:live \
--connect-timeout 3 \
--max-time 3 \
https://www.cloudflare.com/robots.txt
- run: docker stop $(docker ps -a --filter ancestor=3proxy:local -q)

138
README.md
View File

@@ -1,138 +1,80 @@
# This is a fork of
https://github.com/tarampampam/3proxy-docker
# Docker-Image mit [3proxy][link_3proxy]
3proxy ist ein leistungsstarker und leichtgewichtiger Proxyserver. Dieses Image enthält die stabile Version und lässt sich
einfach über Umgebungsvariablen konfigurieren. Standardmäßig arbeitet es mit anonymen Proxy-Einstellungen und
protokolliert Aktivitäten im JSON-Format.
# Docker image with [3proxy][link_3proxy]
Eine ausführliche Dokumentation zur Verwendung dieses Containers befindet sich im Ordner [`docs/`](docs/verwendung.md).
3proxy is a powerful and lightweight proxy server. This image includes the stable version and can be easily
configured using environment variables. By default, it operates with anonymous proxy settings to hide client
information and logs activity in JSON format.
## TCP-Ports
> Page on `hub.docker.com` can be [found here][link_docker_hub].
| Port | Beschreibung |
|--------|---------------------------------------------------------------------|
| `3128` | [HTTP-Proxy](https://3proxy.org/doc/man8/proxy.8.html) |
| `1080` | [SOCKS-Proxy](https://3proxy.org/doc/man8/socks.8.html) |
TCP ports:
## Umgebungsvariablen
| Port number | Description |
|-------------|---------------------------------------------------------|
| `3128` | [HTTP proxy](https://3proxy.org/doc/man8/proxy.8.html) |
| `1080` | [SOCKS proxy](https://3proxy.org/doc/man8/socks.8.html) |
| Variable | Beschreibung | Beispiel |
|----------------------|----------------------------------------------------------------------------------------------------------------------|-----------------------------------|
| `PROXY_LOGIN` | Benutzername für die Authentifizierung (standardmäßig leer) | `nutzer` |
| `PROXY_PASSWORD` | Passwort für die Authentifizierung (standardmäßig leer) | `geheim` |
| `EXTRA_ACCOUNTS` | Zusätzliche Proxy-Benutzer (JSON-Objekt) | `{"nutzer2":"pass2","gast":"pw"}` |
| `PRIMARY_RESOLVER` | Primärer DNS-Resolver (Standard: `1.0.0.1`) | `8.8.8.8:5353/tcp` |
| `SECONDARY_RESOLVER` | Sekundärer DNS-Resolver (Standard: `8.8.4.4`) | `2001:4860:4860::8844` |
| `MAX_CONNECTIONS` | Maximale Anzahl gleichzeitiger Verbindungen (Standard: `1024`) | `2056` |
| `PROXY_PORT` | HTTP-Proxy-Port (Standard: `3128`) | `8080` |
| `SOCKS_PORT` | SOCKS-Proxy-Port (Standard: `1080`) | `8888` |
| `EXTRA_CONFIG` | Zusätzliche 3proxy-Konfiguration (wird ans Ende der Config, vor `proxy` und `flush`, angehängt) | `# Zeile 1\n# Zeile 2` |
| `LOG_OUTPUT` | Ausgabepfad für Logs (Standard: `/dev/stdout`; `/dev/null` deaktiviert das Logging) | `/tmp/3proxy.log` |
## Supported tags
## Verwendung
| Registry | Image |
|----------------------------------------|------------------------------|
| [GitHub Container Registry][link_ghcr] | `ghcr.io/tarampampam/3proxy` |
| [Docker Hub][link_docker_hub] (mirror) | `tarampampam/3proxy` |
> [!NOTE]
> Its recommended to avoid using the `latest` tag, as **major** upgrades may include breaking changes.
> Instead, use specific tags in `X.Y.Z` format for version consistency.
All supported image tags can be [found here][link_docker_tags].
> Starting with version 1.8.2, the `arm64` architecture is supported (in addition to `amd64`):
```shell
docker run --rm mplatform/mquery ghcr.io/tarampampam/3proxy:1.8.2
Image: ghcr.io/tarampampam/3proxy:1.8.2
* Manifest List: Yes (Image type: application/vnd.docker.distribution.manifest.list.v2+json)
* Supported platforms:
- linux/amd64
- linux/arm64
```
## Supported Environment Variables
| Variable Name | Description | Example |
|----------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------------|
| `PROXY_LOGIN` | Authorization login (empty by default) | `username` |
| `PROXY_PASSWORD` | Authorization password (empty by default) | `password` |
| `EXTRA_ACCOUNTS` | Additional proxy users (JSON object format) | `{"evil":"live", "guest":"pass"}` |
| `PRIMARY_RESOLVER` | Primary DNS resolver (`1.0.0.1` by default) | `8.8.8.8:5353/tcp` |
| `SECONDARY_RESOLVER` | Secondary DNS resolver (`8.8.4.4` by default) | `2001:4860:4860::8844` |
| `MAX_CONNECTIONS` | Maximum number of connections (`1024` by default) | `2056` |
| `PROXY_PORT` | HTTP proxy port (`3128` by default) | `8080` |
| `SOCKS_PORT` | SOCKS proxy port (`1080` by default) | `8888` |
| `EXTRA_CONFIG` | Additional 3proxy configuration (appended to the **end** of the config file, but before `proxy` and `flush`) | `# line 1\n# line 2` |
| `LOG_OUTPUT` | Path for log output (`/dev/stdout` by default; set to `/dev/null` to disable logging) | `/tmp/3proxy.log` |
## Helm Chart
To install it on Kubernetes (K8s), please use the Helm chart from [ArtifactHUB][artifact-hub].
[artifact-hub]:https://artifacthub.io/packages/helm/proxy-3proxy/proxy-3proxy
## How to Use This Image
Example usage:
Einfaches Starten ohne Authentifizierung:
```bash
docker run --rm -d \
-p "3128:3128/tcp" \
-p "1080:1080/tcp" \
ghcr.io/tarampampam/3proxy:1
ghcr.io/tarampampam/3proxy:latest
```
With authentication and custom resolver settings:
Mit Authentifizierung und benutzerdefiniertem DNS-Resolver:
```bash
docker run --rm -d \
-p "3128:3128/tcp" \
-p "1080:1080/tcp" \
-e "PROXY_LOGIN=evil" \
-e "PROXY_PASSWORD=live" \
-e "PROXY_LOGIN=nutzer" \
-e "PROXY_PASSWORD=geheim" \
-e "PRIMARY_RESOLVER=2001:4860:4860::8888" \
ghcr.io/tarampampam/3proxy:1
ghcr.io/tarampampam/3proxy:latest
```
Docker compose example:
Docker Compose Beispiel:
```yaml
services:
3proxy:
image: ghcr.io/tarampampam/3proxy:1
image: ghcr.io/tarampampam/3proxy:latest
restart: unless-stopped
environment:
PROXY_LOGIN: evil
PROXY_PASSWORD: live
PROXY_LOGIN: nutzer
PROXY_PASSWORD: geheim
MAX_CONNECTIONS: 10000
PROXY_PORT: 8000
SOCKS_PORT: 8001
PRIMARY_RESOLVER: 77.88.8.8
PRIMARY_RESOLVER: 1.1.1.1
SECONDARY_RESOLVER: 8.8.8.8
ports:
- '8000:8000/tcp'
- '8001:8001/tcp'
```
## Releasing
## Lizenz
Publishing a new version is straightforward:
Dieses Projekt steht unter der WTFPL-Lizenz freie Nutzung ohne Einschränkungen.
1. Make the necessary changes in this repository.
2. "Publish" a new release on the repository's releases page.
Docker images will be automatically built and published.
> Note: The `latest` tag will be overwritten in both registries when a new release is published.
## Support
[![Issues][badge_issues]][link_issues]
[![Issues][badge_pulls]][link_pulls]
If you encounter any issues, please [open an issue][link_create_issue] in this repository.
## License
This project is licensed under the WTFPL. Use it freely and enjoy!
[badge_issues]:https://img.shields.io/github/issues/tarampampam/3proxy-docker.svg?style=flat-square&maxAge=180
[badge_pulls]:https://img.shields.io/github/issues-pr/tarampampam/3proxy-docker.svg?style=flat-square&maxAge=180
[link_issues]:https://github.com/tarampampam/3proxy-docker/issues
[link_pulls]:https://github.com/tarampampam/3proxy-docker/pulls
[link_create_issue]:https://github.com/tarampampam/3proxy-docker/issues/new
[link_docker_tags]:https://hub.docker.com/r/tarampampam/3proxy/tags
[link_docker_hub]:https://hub.docker.com/r/tarampampam/3proxy/
[link_ghcr]:https://github.com/tarampampam/3proxy-docker/pkgs/container/3proxy
[link_3proxy]:https://github.com/3proxy/3proxy
> **Dies ist ein Fork von https://github.com/tarampampam/3proxy-docker**

13
deployments/helm/Chart.yaml
View File

@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://json.schemastore.org/chart.json
apiVersion: v2
name: proxy-3proxy
description: Powerful and lightweight proxy server, written in pure C
type: application
version: 0.0.0 # will be replaced by the release workflow
appVersion: 0.0.0 # will be replaced by the release workflow
icon: https://github.com/user-attachments/assets/023186cf-b153-459c-8417-038fd87a2065
home: https://github.com/3proxy/3proxy
sources: [https://github.com/tarampampam/3proxy-docker]
keywords: [proxy, 3proxy, http, socks]

35
deployments/helm/README.md
View File

@@ -1,35 +0,0 @@
# 3proxy
Important note: Since the chart is released together with the app under the same version (i.e., the chart version
matches the app version), its versioning is not compatible with semantic versioning (SemVer). I will do my best to
avoid non-backward-compatible changes in the chart, but due to Murphy's Law, I cannot guarantee that they will
never occur.
Also, this chart does not include Ingress configuration. If you need it, please, create it manually.
## Usage
```shell
helm repo add proxy-3proxy https://tarampampam.github.io/3proxy-docker/helm-charts
helm repo update
helm install my-3proxy proxy-3proxy/proxy-3proxy --version <version_here>
```
Alternatively, add the following lines to your `Chart.yaml`:
```yaml
dependencies:
- name: proxy-3proxy
version: <version_here>
repository: https://tarampampam.github.io/3proxy-docker/helm-charts
```
And override the default values in your `values.yaml`:
```yaml
proxy-3proxy:
# ...
service: {ports: {http: 3128}}
# ...
```

52
deployments/helm/templates/_helpers.tpl
View File

@@ -1,52 +0,0 @@
{{/* Define namespace of chart, useful for multi-namespace deployments */}}
{{- define "proxy-3proxy.namespace" -}}
{{- if .Values.namespaceOverride }}
{{- .Values.namespaceOverride }}
{{- else }}
{{- .Release.Namespace }}
{{- end }}
{{- end }}
{{/* Expand the name of the chart */}}
{{- define "proxy-3proxy.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "proxy-3proxy.fullname" -}}
{{- if .Values.fullnameOverride }}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- $name := default .Chart.Name .Values.nameOverride }}
{{- if contains $name .Release.Name }}
{{- .Release.Name | trunc 63 | trimSuffix "-" }}
{{- else }}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
{{- end }}
{{- end }}
{{- end }}
{{/* Create chart name and version as used by the chart label */}}
{{- define "proxy-3proxy.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
{{- end }}
{{/* Common labels */}}
{{- define "proxy-3proxy.commonLabels" -}}
helm.sh/chart: {{ include "proxy-3proxy.chart" . }}
{{ include "proxy-3proxy.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end }}
{{/* Selector labels */}}
{{- define "proxy-3proxy.selectorLabels" -}}
app.kubernetes.io/name: {{ include "proxy-3proxy.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end }}

194
deployments/helm/templates/deployment.yaml
View File

@@ -1,194 +0,0 @@
{{- if .Values.deployment.enabled }}
apiVersion: apps/v1
kind: {{ .Values.deployment.kind | default "Deployment" }}
metadata:
name: {{ include "proxy-3proxy.fullname" . }}
namespace: {{ template "proxy-3proxy.namespace" . }}
labels:
{{- include "proxy-3proxy.commonLabels" . | nindent 4 }}
spec:
{{- with .Values.deployment }}
replicas: {{ .replicas | default 1 }}
selector:
matchLabels:
{{- include "proxy-3proxy.selectorLabels" $ | nindent 6 }}
template:
metadata:
{{- with .podAnnotations }}
annotations:
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
labels:
{{- include "proxy-3proxy.commonLabels" $ | nindent 8 }}
{{- with .labels }}
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
spec:
automountServiceAccountToken: false
{{- with .imagePullSecrets }}
imagePullSecrets:
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
containers:
- name: {{ include "proxy-3proxy.fullname" $ }}
{{- with .securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
readOnlyRootFilesystem: false
{{- end }}
{{- with $.Values.image }}
image: "{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}"
imagePullPolicy: {{ .pullPolicy | default "IfNotPresent" }}
{{- end }}
ports:
- name: http
containerPort: 3128
protocol: TCP
- name: socks
containerPort: 1080
protocol: TCP
env:
- {name: PROXY_PORT, value: "3128"}
- {name: SOCKS_PORT, value: "1080"}
{{- with $.Values.config }}
{{- with .log }}
{{- $logOutputEnvName := "LOG_OUTPUT" }}
{{- if eq .enabled false }}
- {name: {{ $logOutputEnvName }}, value: "/dev/null"}
{{- else if .output }}
- {name: {{ $logOutputEnvName }}, value: "{{ .output }}"}
{{- end }}
{{- end }}
{{- with .auth.login }}
{{- $authLoginEnvName := "PROXY_LOGIN" }}
{{- if .plain }}
- {name: {{ $authLoginEnvName }}, value: "{{ .plain }}"}
{{- else if .fromSecret.enabled }}
- name: {{ $authLoginEnvName }}
valueFrom:
secretKeyRef:
name: {{ tpl .fromSecret.secretName $ | quote }}
key: {{ tpl .fromSecret.secretKey $ | quote }}
{{- else if .fromConfigMap.enabled }}
- name: {{ $authLoginEnvName }}
valueFrom:
configMapKeyRef:
name: {{ tpl .fromConfigMap.configMapName $ | quote }}
key: {{ tpl .fromConfigMap.configMapKey $ | quote }}
{{- end }}
{{- end }}
{{- with .auth.password }}
{{- $authPasswordEnvName := "PROXY_PASSWORD" }}
{{- if .plain }}
- {name: {{ $authPasswordEnvName }}, value: "{{ .plain }}"}
{{- else if .fromSecret.enabled }}
- name: {{ $authPasswordEnvName }}
valueFrom:
secretKeyRef:
name: {{ tpl .fromSecret.secretName $ | quote }}
key: {{ tpl .fromSecret.secretKey $ | quote }}
{{- else if .fromConfigMap.enabled }}
- name: {{ $authPasswordEnvName }}
valueFrom:
configMapKeyRef:
name: {{ tpl .fromConfigMap.configMapName $ | quote }}
key: {{ tpl .fromConfigMap.configMapKey $ | quote }}
{{- end }}
{{- end }}
{{- with .auth.extraAccounts }}
{{- $extraAuthAccountsEnvName := "EXTRA_ACCOUNTS" }}
{{- if .plain }}
- name: {{ $extraAuthAccountsEnvName }}
value: >-
{{ .plain | toJson }}
{{- else if .fromSecret.enabled }}
- name: {{ $extraAuthAccountsEnvName }}
valueFrom:
secretKeyRef:
name: {{ tpl .fromSecret.secretName $ | quote }}
key: {{ tpl .fromSecret.secretKey $ | quote }}
{{- else if .fromConfigMap.enabled }}
- name: {{ $extraAuthAccountsEnvName }}
valueFrom:
configMapKeyRef:
name: {{ tpl .fromConfigMap.configMapName $ | quote }}
key: {{ tpl .fromConfigMap.configMapKey $ | quote }}
{{- end }}
{{- end }}
{{- if .dns.primaryResolver }}
- {name: PRIMARY_RESOLVER, value: "{{ .dns.primaryResolver }}"}
{{- end }}
{{- if .dns.secondaryResolver }}
- {name: SECONDARY_RESOLVER, value: "{{ .dns.secondaryResolver }}"}
{{- end }}
{{- if ne .limits.maxConnections nil }}
- {name: MAX_CONNECTIONS, value: "{{ .limits.maxConnections }}"}
{{- end }}
{{- if .extraConfig }}
- name: EXTRA_CONFIG
value: >-
{{ .extraConfig }}
{{- end }}
{{- with $.Values.deployment.env }}
{{- tpl (toYaml .) $ | nindent 12 }}
{{- end }}
{{- end }}
{{- with .args }}
args:
{{- tpl (toYaml .) $ | nindent 12 }}
{{- end }}
{{- with .probe }}
livenessProbe:
tcpSocket: {port: "{{ .port }}"}
periodSeconds: {{ .interval }}
initialDelaySeconds: {{ .initialDelay }}
readinessProbe:
tcpSocket: {port: "{{ .port }}"}
periodSeconds: {{ .interval }}
initialDelaySeconds: {{ .initialDelay }}
{{- end }}
{{- with .resources }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .volumeMounts }}
volumeMounts:
{{- tpl (toYaml .) $ | nindent 12 }}
{{- end }}
{{- with .volumes }}
volumes:
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .nodeSelector }}
nodeSelector:
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .affinity }}
affinity:
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- with .tolerations }}
tolerations:
{{- tpl (toYaml .) $ | nindent 8 }}
{{- end }}
{{- end }}
{{- end }}

29
deployments/helm/templates/service.yaml
View File

@@ -1,29 +0,0 @@
{{- if .Values.service.enabled }}
apiVersion: v1
kind: Service
metadata:
name: {{ include "proxy-3proxy.fullname" . }}
namespace: {{ template "proxy-3proxy.namespace" . }}
labels:
{{- include "proxy-3proxy.commonLabels" . | nindent 4 }}
spec:
{{- with .Values.service }}
type: {{ .type }}
{{- with .externalName }}
externalName: {{ . }}
{{- end }}
ports:
- name: http
port: {{ .ports.http }}
targetPort: http
protocol: TCP
- name: socks
port: {{ .ports.socks }}
targetPort: socks
protocol: TCP
selector:
{{- include "proxy-3proxy.selectorLabels" $ | nindent 4 }}
{{- end }}
{{- end }}

367
deployments/helm/values.schema.json
View File

@@ -1,367 +0,0 @@
{
"$schema": "https://json-schema.org/draft-07/schema#",
"type": "object",
"properties": {
"nameOverride": {
"oneOf": [
{"type": "string", "minLength": 1},
{"type": "null"}
]
},
"fullnameOverride": {
"oneOf": [
{"type": "string", "minLength": 1},
{"type": "null"}
]
},
"namespaceOverride": {
"oneOf": [
{"type": "string", "minLength": 1},
{"type": "null"}
]
},
"image": {
"type": "object",
"properties": {
"repository": {"type": "string", "minLength": 1},
"tag": {
"oneOf": [
{"type": "string", "minLength": 1},
{"type": "null"}
]
},
"pullPolicy": {
"oneOf": [
{"type": "string", "enum": ["Always", "IfNotPresent", "Never"]},
{"type": "null"}
]
}
}
},
"deployment": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"kind": {"type": "string"},
"replicas": {"type": "integer"},
"podAnnotations": {
"type": "object",
"additionalProperties": {"type": "string", "minLength": 1}
},
"labels": {
"type": "object",
"additionalProperties": {"type": "string", "minLength": 1}
},
"imagePullSecrets": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {"type": "string"}
},
"minProperties": 1
}
},
"securityContext": {
"type": "object",
"properties": {
"runAsNonRoot": {"type": "boolean"},
"runAsUser": {"type": "integer"},
"runAsGroup": {"type": "integer"}
}
},
"probe": {
"type": "object",
"properties": {
"port": {"type": "string", "enum": ["http", "socks"]},
"interval": {"type": "integer"},
"initialDelay": {"type": "integer"}
}
},
"resources": {
"type": "object",
"properties": {
"requests": {
"type": "object",
"properties": {
"cpu": {"type": "string"},
"memory": {"type": "string"}
}
},
"limits": {
"type": "object",
"properties": {
"cpu": {"type": "string"},
"memory": {"type": "string"}
}
}
}
},
"volumes": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {"type": "string"},
"configMap": {
"type": "object",
"properties": {
"name": {"type": "string"}
}
},
"secret": {
"type": "object",
"properties": {
"secretName": {"type": "string"}
}
},
"persistentVolumeClaim": {
"type": "object",
"properties": {
"claimName": {"type": "string"}
}
}
}
}
},
"volumeMounts": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {"type": "string"},
"mountPath": {"type": "string"},
"subPath": {"type": "string"},
"readOnly": {"type": "boolean"}
}
}
},
"nodeSelector": {
"type": "object",
"additionalProperties": {"type": "string", "minLength": 1}
},
"affinity": {
"type": "object",
"properties": {
"nodeAffinity": {"type": "object"},
"podAffinity": {"type": "object"},
"podAntiAffinity": {"type": "object"}
}
},
"tolerations": {
"type": "array",
"items": {
"type": "object",
"properties": {
"key": {"type": "string"},
"operator": {"type": "string"},
"value": {"type": "string"},
"effect": {"type": "string"}
}
}
},
"env": {
"type": "array",
"items": {
"type": "object",
"properties": {
"name": {"type": "string"},
"value": {"type": "string"},
"valueFrom": {"type": "object"}
}
}
},
"args": {
"type": "array",
"items": {
"type": "string",
"minLength": 1
}
}
}
},
"service": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"type": {
"type": "string",
"enum": ["ClusterIP", "NodePort", "LoadBalancer", "ExternalName"]
},
"externalName": {
"oneOf": [
{"type": "string", "minLength": 1},
{"type": "null"}
]
},
"ports": {
"type": "object",
"properties": {
"http": {"type": "integer", "minimum": 1, "maximum": 65535},
"socks": {"type": "integer", "minimum": 1, "maximum": 65535}
}
}
}
},
"ingress": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"className": {
"oneOf": [
{"type": "string", "minLength": 1},
{"type": "null"}
]
},
"annotations": {
"type": "object",
"additionalProperties": {"type": "string", "minLength": 1}
},
"hosts": {
"type": "array",
"items": {
"type": "object",
"properties": {
"host": {"type": "string", "minLength": 1},
"paths": {
"type": "array",
"items": {
"type": "object",
"properties": {
"path": {"type": "string", "minLength": 1},
"pathType": {"type": "string", "minLength": 1}
}
}
}
}
}
},
"tls": {
"type": "array",
"items": {
"type": "object",
"properties": {
"hosts": {"type": "array"},
"secretName": {"type": "string"}
}
}
}
}
},
"config": {
"type": "object",
"properties": {
"log": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"output": {
"oneOf": [
{"type": "string", "minLength": 2, "examples": ["/dev/stdout"]},
{"type": "null"}
]
}
}
},
"auth": {
"type": "object",
"properties": {
"login": {
"type": "object",
"properties": {
"plain": {
"oneOf": [
{"type": "string", "minLength": 1},
{"type": "null"}
]
},
"fromSecret": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"secretName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
"secretKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
}
},
"fromConfigMap": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"configMapName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
"configMapKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
}
}
}
},
"password": {
"type": "object",
"properties": {
"plain": {
"oneOf": [
{"type": "string", "minLength": 1},
{"type": "null"}
]
},
"fromSecret": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"secretName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
"secretKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
}
},
"fromConfigMap": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"configMapName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
"configMapKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
}
}
}
},
"extraAccounts": {
"type": "object",
"properties": {
"plain": {
"type": "object",
"additionalProperties": {"type": "string", "minLength": 1}
},
"fromSecret": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"secretName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
"secretKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
}
},
"fromConfigMap": {
"type": "object",
"properties": {
"enabled": {"type": "boolean"},
"configMapName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
"configMapKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
}
}
}
}
}
},
"dns": {
"type": "object",
"properties": {
"primaryResolver": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
"secondaryResolver": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
}
},
"limits": {
"type": "object",
"properties": {
"maxConnections": {"oneOf": [{"type": "integer", "minimum": 1}, {"type": "null"}]}
}
},
"extraConfig": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
}
}
}
}

149
deployments/helm/values.yaml
View File

@@ -1,149 +0,0 @@
# -- The name of the Helm release
fullnameOverride: null
# -- This is to override the chart name
nameOverride: null
# -- Override the default Release Namespace for Helm
namespaceOverride: null
image:
# -- The image repository to pull from
repository: ghcr.io/tarampampam/3proxy
# -- Defines the image pull policy
pullPolicy: IfNotPresent
# -- Overrides the image tag whose default is the chart appVersion
tag: null
deployment:
# -- Enable deployment
enabled: true
# -- The deployment kind
kind: Deployment
# -- How many replicas to run
replicas: 1
# -- Additional pod annotations (e.g. for mesh injection or prometheus scraping)
# It supports templating. One can set it with values like some/name: '{{ template "some.name" . }}'
# For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
podAnnotations: {} # supports templating
# -- Additional deployment labels (e.g. for filtering deployment by custom labels)
labels: {} # supports templating
# -- This is for the secretes for pulling an image from a private repository more information can be found
# here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
imagePullSecrets: [] # supports templating
# -- Security context for the pod, more information can be found here:
# https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1
securityContext:
runAsNonRoot: true
runAsUser: 10001 # as defined in the Dockerfile
runAsGroup: 10001 # as defined in the Dockerfile
probe:
# -- The port to probe (containerPort, "http" or "socks")
port: http
# -- How often (in seconds) to perform the probe
interval: 10
# -- Number of seconds after the container has started before liveness probes are initiated
initialDelay: 2
# -- Resource limits and requests, more information can be found here:
# https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
resources:
requests: {memory: 16Mi}
limits: {memory: 128Mi}
# -- Additional volumes to add to the pod, more information can be found here:
# https://kubernetes.io/docs/concepts/storage/volumes/
volumes: [] # supports templating
# -- Additional volumeMounts to add to the container (for instance when using fs storage driver)
volumeMounts: [] # supports templating
# -- Node selector for pod assignment, more information can be found here:
# https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
nodeSelector: {} # supports templating
# -- Affinity for pod assignment, more information can be found here:
# https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
affinity: {} # supports templating
# -- Tolerations for pod assignment, more information can be found here:
# https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
tolerations: [] # supports templating
# -- The list of additional environment variables to set in the container
env: [] # supports templating
# -- The list of additional arguments to pass to the container
args: [] # supports templating
service:
# -- Enable service
enabled: true
# -- Sets the service type more information can be found here:
# https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
type: ClusterIP
# -- External name for the service (for type=ExternalName)
externalName: null
# -- Sets the port, more information can be found here:
# https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
ports:
# -- The port number for the proxy to listen on
http: 3128
# -- The same, but for socks proxy
socks: 1080
config:
log:
# -- Enable logging (set to false to disable)
enabled: true
# -- The output log file
# @default /dev/stdout
output: null
auth:
login:
# -- Username (login) for proxy authentication, provided as a plain value
plain: null
fromSecret:
# -- Enable getting the username from a secret
enabled: false
secretName: null # supports templating
secretKey: null # supports templating
fromConfigMap:
# -- Enable getting the username from a config map
enabled: false
configMapName: null # supports templating
configMapKey: null # supports templating
password:
# -- Password for proxy authentication, provided as a plain value
plain: null
fromSecret:
# -- Enable getting the password from a secret
enabled: false
secretName: null # supports templating
secretKey: null # supports templating
fromConfigMap:
# -- Enable getting the password from a config map
enabled: false
configMapName: null # supports templating
configMapKey: null # supports templating
extraAccounts:
# -- The list of additional accounts to add to the configuration (a hashmap of username:password)
plain: {}
fromSecret:
# -- Enable getting the extra accounts from a secret (the value should be a JSON object)
enabled: false
secretName: null # supports templating
secretKey: null # supports templating
fromConfigMap:
# -- Enable getting the extra accounts from a config map (the value should be a JSON object)
enabled: false
configMapName: null # supports templating
configMapKey: null # supports templating
dns:
# -- Primary DNS server
# @default 1.0.0.1 (Cloudflare)
primaryResolver: null
# -- Secondary DNS server
# @default 8.8.4.4 (Google)
secondaryResolver: null
limits:
# -- The maximum number of connections
# @default 1024
maxConnections: null
# -- Additional 3proxy configuration (appended to the end of the config file, but before `proxy` and `flush`),
# new lines should be separated by `\n`, i.e.: "# line 1\n# line 2"
extraConfig: null

5
docs/README.md Normal file
View File

@@ -0,0 +1,5 @@
# Dokumentation
| Dokument | Beschreibung |
|----------|--------------|
| [verwendung.md](verwendung.md) | Ausführliche Anleitung zur Verwendung des 3proxy Docker Containers |

196
docs/verwendung.md Normal file
View File

@@ -0,0 +1,196 @@
# Dokumentation: 3proxy Docker Container
## Inhaltsverzeichnis
- [Übersicht](#übersicht)
- [Voraussetzungen](#voraussetzungen)
- [Schnellstart](#schnellstart)
- [Umgebungsvariablen](#umgebungsvariablen)
- [Ports](#ports)
- [Authentifizierung](#authentifizierung)
- [Mehrere Benutzer](#mehrere-benutzer)
- [Docker Compose](#docker-compose)
- [Erweiterte Konfiguration](#erweiterte-konfiguration)
- [Logging](#logging)
- [Lizenz](#lizenz)
---
## Übersicht
Dieser Container stellt einen leichtgewichtigen Proxyserver auf Basis von [3proxy](https://github.com/3proxy/3proxy) bereit.
Er unterstützt sowohl **HTTP-Proxy** als auch **SOCKS5-Proxy** (inkl. IPv6) und lässt sich vollständig über
Umgebungsvariablen konfigurieren.
Das Image basiert auf dem ursprünglichen Projekt von [tarampampam/3proxy-docker](https://github.com/tarampampam/3proxy-docker)
und wurde in einem Fork weiterentwickelt.
---
## Voraussetzungen
- Docker (>= 20.10) oder eine kompatible Container-Runtime
- Optional: Docker Compose oder Kubernetes/Helm für komplexere Setups
---
## Schnellstart
```bash
docker run -d \
-p 3128:3128 \
-p 1080:1080 \
ghcr.io/tarampampam/3proxy:latest
```
Der Container startet sofort ohne Authentifizierung. HTTP-Proxy ist auf Port `3128`, SOCKS5-Proxy auf Port `1080` erreichbar.
---
## Umgebungsvariablen
Alle Konfigurationsparameter werden über Umgebungsvariablen gesteuert:
| Variable | Beschreibung | Standardwert | Beispiel |
|-----------------------|--------------------------------------------------------------------------------------------------------------|------------------|-----------------------------------|
| `PROXY_LOGIN` | Benutzername für die Proxy-Authentifizierung (leer = keine Authentifizierung) | *(leer)* | `nutzer` |
| `PROXY_PASSWORD` | Passwort für die Proxy-Authentifizierung (leer = keine Authentifizierung) | *(leer)* | `geheim` |
| `EXTRA_ACCOUNTS` | Zusätzliche Proxy-Benutzer im JSON-Format | `{}` | `{"nutzer2":"pass2","gast":"pw"}` |
| `PRIMARY_RESOLVER` | Primärer DNS-Resolver | `1.0.0.1` | `8.8.8.8:5353/tcp` |
| `SECONDARY_RESOLVER` | Sekundärer DNS-Resolver | `8.8.4.4` | `2001:4860:4860::8844` |
| `MAX_CONNECTIONS` | Maximale Anzahl gleichzeitiger Verbindungen | `1024` | `5000` |
| `PROXY_PORT` | Port des HTTP-Proxys | `3128` | `8080` |
| `SOCKS_PORT` | Port des SOCKS5-Proxys | `1080` | `8888` |
| `EXTRA_CONFIG` | Zusätzliche 3proxy-Konfigurationszeilen (werden ans Ende der Config, vor `proxy` und `flush`, angehängt) | *(leer)* | `# Kommentar\nnserver 1.1.1.1` |
| `LOG_OUTPUT` | Ausgabepfad für Logs (`/dev/null` deaktiviert das Logging) | `/dev/stdout` | `/tmp/3proxy.log` |
---
## Ports
| Port | Protokoll | Beschreibung |
|--------|-----------|----------------------|
| `3128` | TCP | HTTP-Proxy |
| `1080` | TCP | SOCKS5-Proxy |
Beide Ports unterstützen IPv4 und IPv6.
---
## Authentifizierung
Wird `PROXY_LOGIN` **und** `PROXY_PASSWORD` gesetzt, aktiviert der Container automatisch die Authentifizierung.
Verbindungen ohne gültige Zugangsdaten werden abgelehnt.
```bash
docker run -d \
-p 3128:3128 \
-p 1080:1080 \
-e PROXY_LOGIN=nutzer \
-e PROXY_PASSWORD=geheim \
ghcr.io/tarampampam/3proxy:latest
```
---
## Mehrere Benutzer
Über `EXTRA_ACCOUNTS` können weitere Benutzer als JSON-Objekt hinterlegt werden.
`PROXY_LOGIN`/`PROXY_PASSWORD` definiert dabei den primären Benutzer, `EXTRA_ACCOUNTS` fügt weitere hinzu:
```bash
docker run -d \
-p 3128:3128 \
-e PROXY_LOGIN=admin \
-e PROXY_PASSWORD=adminpass \
-e EXTRA_ACCOUNTS='{"nutzer2":"pass2","gast":"gastpass"}' \
ghcr.io/tarampampam/3proxy:latest
```
---
## Docker Compose
Empfohlene Methode für den produktiven Einsatz:
```yaml
services:
3proxy:
image: ghcr.io/tarampampam/3proxy:latest
restart: unless-stopped
environment:
PROXY_LOGIN: nutzer
PROXY_PASSWORD: geheim
MAX_CONNECTIONS: 2048
PROXY_PORT: 8080
SOCKS_PORT: 8888
PRIMARY_RESOLVER: 1.1.1.1
ports:
- "8080:8080/tcp"
- "8888:8888/tcp"
```
Starten mit:
```bash
docker compose up -d
```
---
## Erweiterte Konfiguration
Über `EXTRA_CONFIG` können beliebige 3proxy-Direktiven ergänzt werden.
Der Inhalt wird direkt in die Konfigurationsdatei eingefügt, bevor die `proxy`- und `socks`-Direktiven gesetzt werden.
Beispiel benutzerdefinierten DNS-Server hinzufügen:
```bash
docker run -d \
-p 3128:3128 \
-e EXTRA_CONFIG="nserver 9.9.9.9" \
ghcr.io/tarampampam/3proxy:latest
```
Mehrere Zeilen können mit `\n` getrennt werden:
```bash
-e EXTRA_CONFIG="# eigene Regel\nnserver 9.9.9.9"
```
---
## Logging
Standardmäßig werden Logs im JSON-Format auf `stdout` ausgegeben. Das Format enthält u. a.:
- Zeitstempel
- Proxy-Typ und Port
- Fehlercode
- Authentifizierter Benutzer
- Client-IP und Port
- Server-IP und Port
- Übertragene Bytes (gesendet/empfangen)
- Angeforderter Hostname
Logging deaktivieren:
```bash
-e LOG_OUTPUT=/dev/null
```
Logs in eine Datei schreiben (Bind-Mount erforderlich):
```bash
docker run -d \
-p 3128:3128 \
-e LOG_OUTPUT=/var/log/3proxy.log \
-v /host/pfad/logs:/var/log \
ghcr.io/tarampampam/3proxy:latest
```
---
## Lizenz
Dieses Projekt steht unter der [WTFPL](../LICENSE) freie Nutzung ohne Einschränkungen.