Release CI fixed (#3)

.dockerignore

@@ -0,0 +1,8 @@
+.editorconfig
+.git
+.github
+.idea
+.vscode
+temp
+tmp
+LICENSE

.github/CODEOWNERS

@@ -0,0 +1,3 @@
+# @link <https://help.github.com/en/articles/about-code-owners>
+
+* @tarampampam

.github/dependabot.yml

@@ -0,0 +1,21 @@
+# Docs: <https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/customizing-dependency-updates>
+
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    reviewers:
+      - "tarampampam"
+    assignees:
+      - "tarampampam"
+
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    reviewers:
+      - "tarampampam"
+    assignees:
+      - "tarampampam"

.github/labeler.yml

@@ -0,0 +1,21 @@
+docs:
+  - '**/*.md'
+  - '**/*.MD'
+
+.github:
+  - '.github/**/*'
+
+CI:
+  - '.github/workflows/**/*'
+  - '.github/actions/**/*'
+
+docker:
+  - 'Dockerfile'
+  - 'docker/**/*'
+  - '.dockerignore'
+  - 'docker-entrypoint.sh'
+  - '3proxy.cfg'
+
+dev:
+  - '.gitignore'
+  - '.editorconfig'

.github/workflows/labeler.yml

@@ -0,0 +1,12 @@
+name: labeler
+
+on: [pull_request_target]
+
+jobs:
+  triage:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/labeler@v3 # Action page: <https://github.com/actions/labeler>
+        with:
+          repo-token: "${{ secrets.GITHUB_TOKEN }}"
+          sync-labels: true

.github/workflows/release.yml

@@ -7,27 +7,32 @@ on:
 jobs:
   docker-image:
     name: Build docker image
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     steps:
       - name: Check out code
         uses: actions/checkout@v2
 
-      - name: Generate image tag value
+      - name: Set up Docker Buildx
-        run: echo "::set-env name=IMAGE_TAG::${GITHUB_REF##*/[vV]}" # `/refs/tags/v1.2.3` -> `1.2.3`
+        uses: docker/setup-buildx-action@v1 # Action page: <https://github.com/docker/setup-buildx-action>
+        id: buildx
 
-      - name: Make docker login
+      - name: Docker login in default registry
         run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u "${{ secrets.DOCKER_LOGIN }}" --password-stdin &> /dev/null
 
+      - name: Docker login in ghcr.io # Auth docs: <https://git.io/JLDaw>
+        run: echo "${{ secrets.GHCR_PASSWORD }}" | docker login ghcr.io -u tarampampam --password-stdin
+
+      - name: Generate image tag value
+        id: tag
+        run: echo "::set-output name=value::`echo ${GITHUB_REF##*/} | sed -e 's/^[vV ]*//'`" # `/refs/tags/v1.2.3` -> `1.2.3`
+
       - name: Build image
         run: |
-          docker build \
+          docker buildx build \
-            --build-arg "BUILD_DATE=`date -u +'%Y-%m-%dT%H:%M:%SZ'`" \
+            --platform ${{ steps.buildx.outputs.platforms }} \
-            --tag "tarampampam/3proxy:${IMAGE_TAG}" \
+            --tag "tarampampam/3proxy:${{ steps.tag.outputs.value }}" \
             --tag "tarampampam/3proxy:latest" \
-            -f ./Dockerfile .
+            --tag "ghcr.io/tarampampam/3proxy:${{ steps.tag.outputs.value }}" \
-
+            --tag "ghcr.io/tarampampam/3proxy:latest" \
-      - name: Push version image
+            --push \
-        run: docker push "tarampampam/3proxy:${IMAGE_TAG}"
+            .
-
-      - name: Push latest image
-        run: docker push "tarampampam/3proxy:latest"

.github/workflows/tests.yml

@@ -11,75 +11,99 @@ on:
     - cron: '0 0 * * 0' # once in a week, docs: <https://git.io/JvxXE#onschedule>
 
 jobs: # Docs: <https://git.io/JvxXE>
-  docker-image:
+  build-image:
-    name: Build and use docker image
+    name: Build docker image
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     steps:
       - name: Check out code
         uses: actions/checkout@v2
 
       - name: Build docker image
-        run: docker build -f ./Dockerfile --tag image:local .
+        run: docker build -f ./Dockerfile --tag 3proxy:local .
 
-      - name: Run docker image with default settings
+      - name: Scan image
-        run: |
+        uses: anchore/scan-action@v2 # action page: <https://github.com/anchore/scan-action>
-          docker run --rm -d \
+        with:
-            -p "3128:3128/tcp" \
+          image: 3proxy:local
-            -p "1080:1080/tcp" \
+          fail-build: true
-            image:local
+          severity-cutoff: low # negligible, low, medium, high or critical
+
+      - name: Save docker image
+        run: docker save 3proxy:local > ./docker-image.tar
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v2
+        with:
+          name: docker-image
+          path: ./docker-image.tar
+
+  try-to-use:
+    name: Build and use docker image (auth ${{ matrix.auth }})
+    runs-on: ubuntu-20.04
+    strategy:
+      fail-fast: false
+      matrix:
+        auth: [yes, no]
+    needs: [build-image]
+    steps:
+      - name: Download builded docker image
+        uses: actions/download-artifact@v2
+        with:
+          name: docker-image
+          path: .artifact
+
+      - name: Prepare image to run
+        working-directory: .artifact
+        run: docker load < docker-image.tar
+
+      - name: Start server without auth setup
+        if: matrix.auth != 'yes'
+        run: docker run --rm -d -p "3128:3128/tcp" -p "1080:1080/tcp" 3proxy:local
+
+      - name: Start server with auth setup
+        if: matrix.auth == 'yes'
+        run: docker run --rm -d -p "3128:3128/tcp" -p "1080:1080/tcp" -e "PROXY_LOGIN=evil" -e "PROXY_PASSWORD=live" 3proxy:local
 
       - name: Pause
-        run: sleep 2
+        run: sleep 3
 
       - name: Try to use HTTP proxy
+        if: matrix.auth != 'yes'
         run: |
           curl -v --fail \
             --proxy http://127.0.0.1:3128 \
             --connect-timeout 3 \
             --max-time 3 \
-            https://github.com/robots.txt
+            https://www.cloudflare.com/robots.txt
 
       - name: Try to use SOCKS proxy
+        if: matrix.auth != 'yes'
         run: |
           curl -v --fail \
             --proxy socks5://127.0.0.1:1080 \
             --connect-timeout 3 \
             --max-time 3 \
-            https://github.com/robots.txt
+            https://www.cloudflare.com/robots.txt
 
-      - name: Stop container
+      - name: Try to use HTTP proxy (with auth)
-        run: docker stop $(docker ps -a --filter ancestor=image:local -q)
+        if: matrix.auth == 'yes'
-
-      - name: Run docker image with auth settings
-        run: |
-          docker run --rm -d \
-            -p "3128:3128/tcp" \
-            -p "1080:1080/tcp" \
-            -e "AUTH_REQUIRED=true" \
-            -e "PROXY_LOGIN=evil" \
-            -e "PROXY_PASSWORD=live" \
-            image:local
-
-      - name: Pause
-        run: sleep 2
-
-      - name: Try to use HTTP proxy
         run: |
           curl -v --fail \
             --proxy http://127.0.0.1:3128 \
             --proxy-user evil:live \
             --connect-timeout 3 \
             --max-time 3 \
-            https://github.com/robots.txt
+            https://www.cloudflare.com/robots.txt
 
-      - name: Try to use SOCKS proxy
+      - name: Try to use SOCKS proxy (with auth)
+        if: matrix.auth == 'yes'
         run: |
           curl -v --fail \
             --proxy socks5://127.0.0.1:1080 \
             --proxy-user evil:live \
             --connect-timeout 3 \
             --max-time 3 \
-            https://github.com/robots.txt
+            https://www.cloudflare.com/robots.txt
 
       - name: Stop container
-        run: docker stop $(docker ps -a --filter ancestor=image:local -q)
+        run: docker stop $(docker ps -a --filter ancestor=3proxy:local -q)

3proxy.cfg

@@ -1,4 +1,4 @@
-#!/usr/bin/3proxy
+#!/bin/3proxy
 config /etc/3proxy/3proxy.cfg
 
 # you may use system to execute some external command if proxy starts

CHANGELOG.md

@@ -4,6 +4,22 @@ All notable changes to this package will be documented in this file.
 
 The format is based on [Keep a Changelog][keepachangelog] and this project adheres to [Semantic Versioning][semver].
 
+## v1.2.0
+
+### Changed
+
+- 3proxy updated from `0.8.13` up to `0.9.3`
+
+## v1.1.0
+
+### Removed
+
+- Environment variable `AUTH_REQUIRED` support
+
+### Changed
+
+- Proxy error pages a little bit styled
+
 ## v1.0.0
 
 ### Fixed

Dockerfile

@@ -1,41 +1,48 @@
 # Image page: <https://hub.docker.com/_/alpine>
-FROM alpine:latest as builder
+FROM gcc:9.3 as builder
 
-# e.g.: `docker build --build-arg "VERSION=0.8.13" .`
+# e.g.: `docker build --build-arg "VERSION=0.9.3" .`
-ARG VERSION="0.8.13"
+ARG VERSION="0.9.3"
 
+# Fetch 3proxy sources
 RUN set -x \
-    && apk add --no-cache \
+    && git clone --branch "${VERSION}" https://github.com/z3APA3A/3proxy.git /tmp/3proxy
-        linux-headers \
-        build-base \
-        git \
-    && git clone --branch ${VERSION} https://github.com/z3APA3A/3proxy.git /tmp/3proxy \
-    && cd /tmp/3proxy \
-    && echo '#define ANONYMOUS 1' >> /tmp/3proxy/src/3proxy.h \
-    && make -f Makefile.Linux
 
-FROM alpine:latest
+WORKDIR /tmp/3proxy
-
-# e.g.: `docker build --build-arg "BUILD_DATE=`date -u +'%Y-%m-%dT%H:%M:%SZ'`" .`
-ARG BUILD_DATE
-
-LABEL \
-    org.label-schema.name="3proxy" \
-    org.label-schema.description="Tiny free proxy server" \
-    org.label-schema.url="https://github.com/tarampampam/3proxy-docker" \
-    org.label-schema.vcs-url="https://github.com/tarampampam/3proxy-docker" \
-    org.label-schema.docker.cmd="docker run --rm -d -p \"3128:3128/tcp\" -p \"1080:1080/tcp\" this_image" \
-    org.label-schema.vendor="tarampampam" \
-    org.label-schema.build-date="$BUILD_DATE" \
-    org.label-schema.license="WTFPL" \
-    org.label-schema.schema-version="1.0"
-
-COPY 3proxy.cfg /etc/3proxy/3proxy.cfg
-COPY docker-entrypoint.sh /docker-entrypoint.sh
-COPY --from=builder /tmp/3proxy/src/3proxy /usr/bin/3proxy
 
+# Patch sources
+RUN set -x \
+    && echo '#define ANONYMOUS 1' >> ./src/3proxy.h \
+    # proxy.c source: <https://github.com/z3APA3A/3proxy/blob/0.9.3/src/proxy.c>
+    && sed -i 's~\(<\/head>\)~<style>html,body{background-color:#222526;color:#fff;font-family:sans-serif;\
+text-align:center;display:flex;flex-direction:column;justify-content:center}h1,h2{margin-bottom:0;font-size:2.5em}\
+h2::before{content:'"'"'Proxy error'"'"';display:block;font-size:0.4em;color:#bbb;font-weight:100}\
+h3,p{color:#bbb}</style>\1~' ./src/proxy.c \
+    && cat ./src/proxy.c | grep '</head>'
+
+# And compile
+RUN set -x \
+    && echo "" >> ./Makefile.Linux \
+    && echo "PLUGINS = StringsPlugin TrafficPlugin PCREPlugin TransparentPlugin SSLPlugin" >> ./Makefile.Linux \
+    && echo "LIBS = -l:libcrypto.a -l:libssl.a -ldl" >> ./Makefile.Linux \
+    && make -f Makefile.Linux \
+    && strip ./bin/3proxy \
+    && strip ./bin/StringsPlugin.ld.so \
+    && strip ./bin/TrafficPlugin.ld.so \
+    && strip ./bin/PCREPlugin.ld.so \
+    && strip ./bin/TransparentPlugin.ld.so \
+    && strip ./bin/SSLPlugin.ld.so
+
+# Prepare filesystem for 3proxy running
+FROM busybox:1.32-glibc as buffer
+
+# Copy binaries
+COPY --from=builder /lib/x86_64-linux-gnu/libdl.so.* /lib/
+COPY --from=builder /tmp/3proxy/bin/3proxy /bin/
+COPY --from=builder /tmp/3proxy/bin/*.ld.so /usr/local/3proxy/libexec/
+
+# Create unprivileged user
 RUN set -x \
-    # Unprivileged user creation <https://stackoverflow.com/a/55757473/12429735RUN>
     && adduser \
         --disabled-password \
         --gecos "" \
@@ -43,12 +50,38 @@ RUN set -x \
         --shell /sbin/nologin \
         --no-create-home \
         --uid 10001 \
-        3proxy \
+        3proxy
-    && chown 3proxy:3proxy -R /etc/3proxy
+
+# Prepare files and directories
+RUN set -x \
+    && chown -R 10001:10001 /usr/local/3proxy \
+    && chmod -R 550 /usr/local/3proxy \
+    && chmod -R 555 /usr/local/3proxy/libexec \
+    && chown -R root /usr/local/3proxy/libexec \
+    && mkdir /etc/3proxy \
+    && chown -R 10001:10001 /etc/3proxy
+
+# Copy our config and entrypoint script
+COPY 3proxy.cfg /etc/3proxy/3proxy.cfg
+COPY docker-entrypoint.sh /docker-entrypoint.sh
+
+# Split all buffered layers into one
+FROM scratch
+
+LABEL \
+    org.opencontainers.image.title="3proxy" \
+    org.opencontainers.image.description="Tiny free proxy server" \
+    org.opencontainers.image.url="https://github.com/tarampampam/3proxy-docker" \
+    org.opencontainers.image.source="https://github.com/tarampampam/3proxy-docker" \
+    org.opencontainers.image.vendor="Tarampampam" \
+    org.opencontainers.image.licenses="WTFPL"
+
+# Import from builder
+COPY --from=buffer / /
 
 # Use an unprivileged user
 USER 3proxy:3proxy
 
 ENTRYPOINT ["/docker-entrypoint.sh"]
 
-CMD ["/usr/bin/3proxy", "/etc/3proxy/3proxy.cfg"]
+CMD ["/bin/3proxy", "/etc/3proxy/3proxy.cfg"]

README.md

@@ -12,7 +12,7 @@
 
 ## Why this image created?
 
-3proxy is awesome and lightweight proxy-server. This image contains stable version with it and can be configured using environment variables. By default, it uses anonymous (hide information about client) proxy settings.
+3proxy is awesome and lightweight proxy-server. This image contains stable version with it and can be configured using environment variables. By default, it uses anonymous (information about client hiding) proxy settings.
 
 > Page on `hub.docker.com` can be [found here][link_docker_hub].
 
@@ -33,7 +33,6 @@ All supported image tags [can be found here][link_docker_tags].
 
 Variable name    | Description                               | Example
 ---------------- | ----------------------------------------- | ---------------
-`AUTH_REQUIRED`  | Require authorization? (default: `false`) | `true`, `false`
 `PROXY_LOGIN`    | Authorization login                       | `username`
 `PROXY_PASSWORD` | Authorization password                    | `password`
 
@@ -54,7 +53,6 @@ Or with auth settings:
 $ docker run --rm -d \
     -p "3128:3128/tcp" \
     -p "1080:1080/tcp" \
-    -e "AUTH_REQUIRED=true" \
     -e "PROXY_LOGIN=evil" \
     -e "PROXY_PASSWORD=live" \
     tarampampam/3proxy:latest
@@ -92,7 +90,7 @@ WTFPL. Use anywhere for your pleasure.
 [link_changes_log]:https://github.com/tarampampam/3proxy-docker/blob/master/CHANGELOG.md
 [link_issues]:https://github.com/tarampampam/3proxy-docker/issues
 [link_pulls]:https://github.com/tarampampam/3proxy-docker/pulls
-[link_build_status]:https://travis-ci.org/tarampampam/3proxy-docker
+[link_build_status]:https://github.com/tarampampam/3proxy-docker/actions
 [link_create_issue]:https://github.com/tarampampam/3proxy-docker/issues/new
 [link_license]:https://github.com/tarampampam/3proxy-docker/blob/master/LICENSE
 [link_docker_tags]:https://hub.docker.com/r/tarampampam/3proxy/tags

docker-entrypoint.sh

@@ -1,19 +1,10 @@
-#!/usr/bin/env sh
+#!/bin/sh
 set -e
 
-AUTH_REQUIRED=${AUTH_REQUIRED:-false} # true|false
 PROXY_LOGIN=${PROXY_LOGIN:-} # string
 PROXY_PASSWORD=${PROXY_PASSWORD:-} # string
 
-if [ "$AUTH_REQUIRED" = "true" ]; then
+if [ -n "$PROXY_LOGIN" ] && [ -n "$PROXY_PASSWORD" ]; then
-  if [ -z "$PROXY_LOGIN" ]; then
-    (>&2 echo "$0: environment variable 'PROXY_LOGIN' is not specified!"); exit 1;
-  fi;
-
-  if [ -z "$PROXY_PASSWORD" ]; then
-    (>&2 echo "$0: environment variable 'PROXY_PASSWORD' is not specified!"); exit 1;
-  fi;
-
   echo "$0: setup '${PROXY_LOGIN}:${PROXY_PASSWORD}' as proxy user";
   sed -i "s~#AUTH_SETTINGS~users ${PROXY_LOGIN}:CL:${PROXY_PASSWORD}\nauth strong\nallow ${PROXY_LOGIN}~" /etc/3proxy/3proxy.cfg
 fi;