Entrypoint script replaced with mustpl (#24)

Co-authored-by: Renovate Bot <bot@renovateapp.com>

.editorconfig

@@ -5,8 +5,8 @@ charset = utf-8
 end_of_line = lf
 insert_final_newline = true
 indent_style = space
-indent_size = 4
+indent_size = 2
 trim_trailing_whitespace = true
 
-[*.{yml, yaml, sh, conf}]
+[Dockerfile]
-indent_size = 2
+indent_size = 4

.github/labeler.yml

@@ -1,21 +0,0 @@
-docs:
-  - '**/*.md'
-  - '**/*.MD'
-
-.github:
-  - '.github/**/*'
-
-CI:
-  - '.github/workflows/**/*'
-  - '.github/actions/**/*'
-
-docker:
-  - 'Dockerfile'
-  - 'docker/**/*'
-  - '.dockerignore'
-  - 'docker-entrypoint.sh'
-  - '3proxy.cfg'
-
-dev:
-  - '.gitignore'
-  - '.editorconfig'

.github/renovate.json

@@ -0,0 +1,7 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "github>tarampampam/.github//renovate/default",
+    ":rebaseStalePrs"
+  ]
+}

.github/workflows/documentation.yml

@@ -0,0 +1,19 @@
+name: documentation
+
+on:
+  push:
+    branches: [master, main]
+    paths: ['README.md']
+
+jobs:
+  docker-hub-description:
+    name: Docker Hub Description
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: peter-evans/dockerhub-description@v3 # Action page: <https://github.com/peter-evans/dockerhub-description>
+        with:
+          username: ${{ secrets.DOCKER_LOGIN }}
+          password: ${{ secrets.DOCKER_USER_PASSWORD }}
+          repository: tarampampam/3proxy

.github/workflows/labeler.yml

@@ -1,12 +0,0 @@
-name: labeler
-
-on: [pull_request_target]
-
-jobs:
-  triage:
-    runs-on: ubuntu-20.04
-    steps:
-      - uses: actions/labeler@v3 # Action page: <https://github.com/actions/labeler>
-        with:
-          repo-token: "${{ secrets.GITHUB_TOKEN }}"
-          sync-labels: true

.github/workflows/release.yml

@@ -10,27 +10,27 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - name: Check out code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - uses: gacts/github-slug@v1
         id: slug
 
-      - uses: docker/setup-buildx-action@v1
+      - uses: docker/setup-buildx-action@v2
 
       - name: Login to default Container Registry
-        uses: docker/login-action@v1 # Action page: <https://github.com/docker/login-action>
+        uses: docker/login-action@v2 # Action page: <https://github.com/docker/login-action>
         with:
           username: ${{ secrets.DOCKER_LOGIN }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v1 # Action page: <https://github.com/docker/login-action>
+        uses: docker/login-action@v2 # Action page: <https://github.com/docker/login-action>
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
-          password: ${{ secrets.GHCR_PASSWORD }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-      - uses: docker/build-push-action@v2 # Action page: <https://github.com/docker/build-push-action>
+      - uses: docker/build-push-action@v3 # Action page: <https://github.com/docker/build-push-action>
         with:
           context: .
           file: Dockerfile

.github/workflows/tests.yml

@@ -6,25 +6,27 @@ on:
     tags-ignore: ['**']
   pull_request: {}
 
+concurrency:
+  group: ${{ github.ref }}
+  cancel-in-progress: true
+
 jobs: # Docs: <https://git.io/JvxXE>
   gitleaks:
     name: Gitleaks
     runs-on: ubuntu-20.04
     steps:
-      - name: Check out code
+      - uses: actions/checkout@v3
-        uses: actions/checkout@v2
+        with: {fetch-depth: 0}
-        with:
-          fetch-depth: 0
 
       - name: Check for GitLeaks
-        uses: zricethezav/gitleaks-action@v1.6.0 # Action page: <https://github.com/zricethezav/gitleaks-action>
+        uses: gacts/gitleaks@v1 # Action page: <https://github.com/gacts/gitleaks>
 
   build-image:
     name: Build docker image
     runs-on: ubuntu-20.04
     steps:
       - name: Check out code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Build docker image
         run: docker build -f ./Dockerfile --tag 3proxy:local .
@@ -40,7 +42,7 @@ jobs: # Docs: <https://git.io/JvxXE>
         run: docker save 3proxy:local > ./docker-image.tar
 
       - name: Upload artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: docker-image
           path: ./docker-image.tar
@@ -52,7 +54,7 @@ jobs: # Docs: <https://git.io/JvxXE>
     needs: [build-image]
     steps:
       - name: Download built docker image
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: docker-image
           path: .artifact
@@ -78,7 +80,7 @@ jobs: # Docs: <https://git.io/JvxXE>
     needs: [build-image]
     steps:
       - name: Download builded docker image
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: docker-image
           path: .artifact

3proxy.cfg.json

@@ -0,0 +1,22 @@
+{
+  "log": {
+    "output": "/dev/stdout"
+  },
+  "name_servers": [
+    "${PRIMARY_RESOLVER:-1.0.0.1}",
+    "${SECONDARY_RESOLVER:-8.8.4.4}",
+    "1.1.1.1",
+    "9.9.9.9",
+    "8.8.8.8"
+  ],
+  "name_servers_cache": 65536,
+  "max_connections": "${MAX_CONNECTIONS:-1024}",
+  "auth": {
+    "login": "${PROXY_LOGIN:-}",
+    "password": "${PROXY_PASSWORD:-}"
+  },
+  "ports": {
+    "proxy": "${PROXY_PORT:-3128}",
+    "socks": "${SOCKS_PORT:-1080}"
+  }
+}

3proxy.cfg.mustach

@@ -4,27 +4,30 @@ config /etc/3proxy/3proxy.cfg
 # you may use system to execute some external command if proxy starts
 system "echo `which 3proxy`': Starting 3proxy'"
 
-# We can configure nservers to avoid unsafe gethostbyname() usage
+# We can configure nservers to avoid unsafe gethostbyname() usage (max 5 servers)
-nserver 1.0.0.1
+{{#name_servers}}
-nserver 1.1.1.1
+nserver {{ . }}
-nserver 8.8.4.4
+{{/name_servers}}
-nserver 8.8.8.8
 
 # nscache is good to save speed, traffic and bandwidth
-nscache 65536
+nscache {{ name_servers_cache }}
 
 # Here we can change timeout values
 timeouts 1 5 30 60 180 1800 15 60
 
 # Logging docs: <https://3proxy.org/doc/howtor.html#LOGFORMAT>
-log /dev/stdout
+log {{ log.output }}
 logformat "-\""+_G{""time_unix"":%t, ""proxy"":{""type:"":""%N"", ""port"":%p}, ""error"":{""code"":""%E""}, ""auth"":{""user"":""%U""}, ""client"":{""ip"":""%C"", ""port"":%c}, ""server"":{""ip"":""%R"", ""port"":%r}, ""bytes"":{""sent"":%O, ""received"":%I}, ""request"":{""hostname"":""%n""}, ""message"":""%T""}"
 
-maxconn 1024
+maxconn {{ max_connections }}
 
-#AUTH_SETTINGS
+{{^auth.login=}}{{^auth.password=}}
+users {{ auth.login }}:CL:{{ auth.password }}
+auth strong
+allow {{ auth.login }}
+{{/auth.password=}}{{/auth.login=}}
 
-proxy -a -p3128
+proxy -a -p{{ ports.proxy }}
-socks -a -p1080
+socks -a -p{{ ports.socks }}
 
 flush

CHANGELOG.md

@@ -4,6 +4,27 @@ All notable changes to this package will be documented in this file.
 
 The format is based on [Keep a Changelog][keepachangelog] and this project adheres to [Semantic Versioning][semver].
 
+## v1.7.0
+
+### Added
+
+- The following environment variables are supported now: `MAX_CONNECTIONS`, `PROXY_PORT`, `SOCKS_PORT`
+
+### Changed
+
+- Entrypoint script (`bash`) replaced with [`mustpl`](https://github.com/tarampampam/mustpl)
+- The result docker image `busybox:1.34.1-glibc` replaced with `busybox:stable-glibc`
+
+### Removed
+
+- Dockerfile healthcheck
+
+## v1.6.0
+
+### Added
+
+- Possibility of changing DNS resolvers using environment variables `PRIMARY_RESOLVER` (primary) and `SECONDARY_RESOLVER` (secondary)
+
 ## v1.5.0
 
 ### Fixed

Dockerfile

@@ -1,12 +1,12 @@
 # Image page: <https://hub.docker.com/_/gcc>
-FROM gcc:11.2.0 as builder
+FROM gcc:12.1.0 as builder
 
-# e.g.: `docker build --build-arg "VERSION=0.9.4" .`
+# renovate: source=github-tags name=z3APA3A/3proxy
-ARG VERSION="0.9.4"
+ARG Z3PROXY_VERSION=0.9.4
 
 # Fetch 3proxy sources
 RUN set -x \
-    && git clone --branch "${VERSION}" https://github.com/z3APA3A/3proxy.git /tmp/3proxy
+    && git -c advice.detachedHead=false clone --depth 1 --branch "${Z3PROXY_VERSION}" https://github.com/z3APA3A/3proxy.git /tmp/3proxy
 
 WORKDIR /tmp/3proxy
 
@@ -34,7 +34,7 @@ RUN set -x \
     && strip ./bin/SSLPlugin.ld.so
 
 # Prepare filesystem for 3proxy running
-FROM busybox:1.34.0-glibc as buffer
+FROM busybox:stable-glibc as buffer
 
 # create a directory for the future root filesystem
 WORKDIR /tmp/rootfs
@@ -47,16 +47,17 @@ RUN set -x \
     && wget -O ./bin/dumb-init "https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64" \
     && chmod +x ./bin/dumb-init
 
-# Copy binaries
 COPY --from=builder /lib/x86_64-linux-gnu/libdl.so.* ./lib/
 COPY --from=builder /tmp/3proxy/bin/3proxy ./bin/3proxy
 COPY --from=builder /tmp/3proxy/bin/*.ld.so ./usr/local/3proxy/libexec/
-COPY 3proxy.cfg ./etc/3proxy/3proxy.cfg
+COPY --from=ghcr.io/tarampampam/mustpl:0.1.0 /bin/mustpl ./bin/mustpl
-COPY docker-entrypoint.sh ./docker-entrypoint.sh
+COPY 3proxy.cfg.json ./etc/3proxy/3proxy.cfg.json
+COPY 3proxy.cfg.mustach ./etc/3proxy/3proxy.cfg.mustach
 
 RUN chown -R 10001:10001 ./etc/3proxy
 
-FROM busybox:1.34.0-glibc
+# Merge into a single layer
+FROM busybox:stable-glibc
 
 LABEL \
     org.opencontainers.image.title="3proxy" \
@@ -72,10 +73,12 @@ COPY --from=buffer /tmp/rootfs /
 # Use an unprivileged user
 USER 3proxy:3proxy
 
-# Docs: <https://docs.docker.com/engine/reference/builder/#healthcheck>
+ENTRYPOINT [ \
-HEALTHCHECK --interval=5s --timeout=2s --retries=2 --start-period=2s CMD \
+    "/bin/mustpl", \
-    netstat -ltn | grep 3128 && netstat -ltn | grep 1080
+    "-f", "/etc/3proxy/3proxy.cfg.json", \
+    "-o", "/etc/3proxy/3proxy.cfg", \
+    "/etc/3proxy/3proxy.cfg.mustach", \
+    "--", "/bin/dumb-init" \
+]
 
-ENTRYPOINT ["/bin/dumb-init", "--"]
+CMD ["/bin/3proxy", "/etc/3proxy/3proxy.cfg"]
-
-CMD ["/docker-entrypoint.sh", "/bin/3proxy", "/etc/3proxy/3proxy.cfg"]

README.md

@@ -18,23 +18,31 @@
 
 TCP ports:
 
-Port number | Description
+| Port number | Description                                             |
------------ | -----------
+|-------------|---------------------------------------------------------|
-`3128`      | [HTTP proxy](https://3proxy.org/doc/man8/proxy.8.html)
+| `3128`      | [HTTP proxy](https://3proxy.org/doc/man8/proxy.8.html)  |
-`1080`      | [SOCKS proxy](https://3proxy.org/doc/man8/socks.8.html)
+| `1080`      | [SOCKS proxy](https://3proxy.org/doc/man8/socks.8.html) |
 
 ## Supported tags
 
-[![image stats](https://dockeri.co/image/tarampampam/3proxy)][link_docker_tags]
+| Registry                               | Image                        |
+|----------------------------------------|------------------------------|
+| [GitHub Container Registry][link_ghcr] | `ghcr.io/tarampampam/3proxy` |
+| [Docker Hub][link_docker_hub]          | `tarampampam/3proxy`         |
 
 All supported image tags [can be found here][link_docker_tags].
 
 ## Supported environment variables
 
-Variable name    | Description                               | Example
+| Variable name        | Description                                               | Example                |
----------------- | ----------------------------------------- | ---------------
+|----------------------|-----------------------------------------------------------|------------------------|
-`PROXY_LOGIN`    | Authorization login                       | `username`
+| `PROXY_LOGIN`        | Authorization login (empty by default)                    | `username`             |
-`PROXY_PASSWORD` | Authorization password                    | `password`
+| `PROXY_PASSWORD`     | Authorization password (empty by default)                 | `password`             |
+| `PRIMARY_RESOLVER`   | Primary nameserver (dns resolver; `1.0.0.1` by default)   | `8.8.8.8:5353/tcp`     |
+| `SECONDARY_RESOLVER` | Secondary nameserver (dns resolver; `8.8.4.4` by default) | `2001:4860:4860::8844` |
+| `MAX_CONNECTIONS`    | Maximal connections count (`1024` by default)             | `2056`                 |
+| `PROXY_PORT`         | HTTP proxy port number (`3128` by default)                | `8080`                 |
+| `SOCKS_PORT`         | SOCKS proxy port number (`1080` by default)               | `8888`                 |
 
 ## How can I use this?
 
@@ -47,7 +55,7 @@ $ docker run --rm -d \
     tarampampam/3proxy:latest
 ```
 
-Or with auth settings:
+Or with auth & resolver settings:
 
 ```bash
 $ docker run --rm -d \
@@ -55,6 +63,7 @@ $ docker run --rm -d \
     -p "1080:1080/tcp" \
     -e "PROXY_LOGIN=evil" \
     -e "PROXY_PASSWORD=live" \
+    -e "PRIMARY_RESOLVER=2001:4860:4860::8888" \
     tarampampam/3proxy:latest
 ```
 
@@ -78,7 +87,7 @@ Changes log can be [found here][link_changes_log].
 [![Issues][badge_issues]][link_issues]
 [![Issues][badge_pulls]][link_pulls]
 
-If you will find any package errors, please, [make an issue][link_create_issue] in current repository.
+If you find any errors, please, [make an issue][link_create_issue] in current repository.
 
 ## License
 
@@ -103,4 +112,5 @@ WTFPL. Use anywhere for your pleasure.
 [link_license]:https://github.com/tarampampam/3proxy-docker/blob/master/LICENSE
 [link_docker_tags]:https://hub.docker.com/r/tarampampam/3proxy/tags
 [link_docker_hub]:https://hub.docker.com/r/tarampampam/3proxy/
+[link_ghcr]:https://github.com/tarampampam/3proxy-docker/pkgs/container/3proxy
 [link_3proxy]:https://github.com/z3APA3A/3proxy

docker-entrypoint.sh

@@ -1,12 +0,0 @@
-#!/bin/sh
-set -e
-
-PROXY_LOGIN=${PROXY_LOGIN:-} # string
-PROXY_PASSWORD=${PROXY_PASSWORD:-} # string
-
-if [ -n "$PROXY_LOGIN" ] && [ -n "$PROXY_PASSWORD" ]; then
-  echo "$0: setup '${PROXY_LOGIN}:${PROXY_PASSWORD}' as proxy user";
-  sed -i "s~#AUTH_SETTINGS~users ${PROXY_LOGIN}:CL:${PROXY_PASSWORD}\nauth strong\nallow ${PROXY_LOGIN}~" /etc/3proxy/3proxy.cfg
-fi;
-
-exec "$@"