wip: 🔕 temporary commit

Signed-off-by: Mario Trangoni <mjtrangoni@gmail.com>

.dockerignore

@@ -1,8 +1,6 @@
-.editorconfig
+## Ignore everything
-.git
+*
-.github
+
-.idea
+## Except the following files (and directories)
-.vscode
+!/3proxy.cfg.json
-temp
+!/3proxy.cfg.mustach
-tmp
-LICENSE

.editorconfig

@@ -1,3 +1,5 @@
+# EditorConfig docs: <https://editorconfig.org/>
+
 root = true
 
 [*]
@@ -8,5 +10,6 @@ indent_style = space
 indent_size = 2
 trim_trailing_whitespace = true
 
-[Dockerfile]
+[{*.yml,*.yaml}]
-indent_size = 4
+ij_any_spaces_within_braces = false
+ij_any_spaces_within_brackets = false

.github/dependabot.yml

@@ -1,16 +1,17 @@
-# Docs: <https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/customizing-dependency-updates>
+# yaml-language-server: $schema=https://json.schemastore.org/dependabot-2.0.json
+# docs: https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/customizing-dependency-updates
 
 version: 2
 
 updates:
   - package-ecosystem: github-actions
     directory: /
+    groups: {github-actions: {patterns: ['*']}}
     schedule: {interval: monthly}
-    reviewers: [tarampampam]
     assignees: [tarampampam]
 
   - package-ecosystem: docker
     directory: /
+    groups: {docker: {patterns: ['*']}}
     schedule: {interval: monthly}
-    reviewers: [tarampampam]
     assignees: [tarampampam]

.github/release.yml

@@ -0,0 +1,13 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-release-config.json
+# docs: https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes
+
+changelog:
+  categories:
+    - title: 🛠 Fixes
+      labels: [type:fix, type:bug]
+    - title: 🚀 Features
+      labels: [type:feature, type:feature_request]
+    - title: 📦 Dependency updates
+      labels: [dependencies]
+    - title: Other Changes
+      labels: ['*']

.github/workflows/documentation.yml

@@ -1,4 +1,7 @@
-name: documentation
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+
+name: 📚 Documentation
 
 on:
   push:
@@ -8,11 +11,11 @@ on:
 jobs:
   docker-hub-description:
     name: Docker Hub Description
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
-      - uses: peter-evans/dockerhub-description@v3 # Action page: <https://github.com/peter-evans/dockerhub-description>
+      - uses: peter-evans/dockerhub-description@v4
         with:
           username: ${{ secrets.DOCKER_LOGIN }}
           password: ${{ secrets.DOCKER_USER_PASSWORD }}

.github/workflows/release.yml

@@ -1,42 +1,86 @@
-name: release
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+
+name: 🚀 Release
 
 on:
-  release: # Docs: <https://git.io/JeBz1#release-event-release>
+  release: {types: [published]}
-    types: [published]
+  workflow_dispatch: {}
 
 jobs:
-  docker-image:
+  build-docker-image:
-    name: Build docker image
+    name: Build the docker image
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-      - name: Check out code
+      - uses: actions/checkout@v4
-        uses: actions/checkout@v3
+      - uses: docker/login-action@v3
-
-      - uses: gacts/github-slug@v1
-        id: slug
-
-      - uses: docker/setup-buildx-action@v2
-
-      - name: Login to default Container Registry
-        uses: docker/login-action@v2 # Action page: <https://github.com/docker/login-action>
         with:
           username: ${{ secrets.DOCKER_LOGIN }}
           password: ${{ secrets.DOCKER_PASSWORD }}
-
+      - uses: docker/login-action@v3
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2 # Action page: <https://github.com/docker/login-action>
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
-
+      - {uses: gacts/github-slug@v1, id: slug}
-      - uses: docker/build-push-action@v3 # Action page: <https://github.com/docker/build-push-action>
+      - uses: docker/setup-qemu-action@v3
+      - uses: docker/setup-buildx-action@v3
+      - uses: docker/build-push-action@v6
         with:
           context: .
-          file: Dockerfile
           push: true
+          platforms: linux/amd64,linux/arm64
           tags: |
-            tarampampam/3proxy:${{ steps.slug.outputs.version-semantic }}
-            tarampampam/3proxy:latest
-            ghcr.io/${{ github.actor }}/3proxy:${{ steps.slug.outputs.version-semantic }}
             ghcr.io/${{ github.actor }}/3proxy:latest
+            ghcr.io/${{ github.actor }}/3proxy:${{ steps.slug.outputs.version }}
+            ghcr.io/${{ github.actor }}/3proxy:${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}
+            ghcr.io/${{ github.actor }}/3proxy:${{ steps.slug.outputs.version-major }}
+            docker.io/tarampampam/3proxy:latest
+            docker.io/tarampampam/3proxy:${{ steps.slug.outputs.version }}
+            docker.io/tarampampam/3proxy:${{ steps.slug.outputs.version-major }}.${{ steps.slug.outputs.version-minor }}
+            docker.io/tarampampam/3proxy:${{ steps.slug.outputs.version-major }}
+
+  helm-pack:
+    name: Pack the Helm chart
+    runs-on: ubuntu-latest
+    defaults: {run: {working-directory: ./deployments/helm}}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: azure/setup-helm@v4
+      - {uses: gacts/github-slug@v1, id: slug}
+      - run: |
+          helm package \
+            --app-version "${{ steps.slug.outputs.version }}" \
+            --version "${{ steps.slug.outputs.version }}" .
+      - uses: actions/upload-artifact@v4
+        with:
+          name: helm-chart
+          path: ./deployments/helm/*.tgz
+          if-no-files-found: error
+          retention-days: 1
+
+  helm-publish:
+    name: Put the Helm chart to the GitHub pages branch
+    runs-on: ubuntu-latest
+    needs: [helm-pack]
+    steps:
+      - {uses: actions/checkout@v4, with: {ref: gh-pages}}
+      - uses: azure/setup-helm@v4
+      - uses: actions/download-artifact@v4
+        with: {name: helm-chart, path: ./helm-charts}
+      - name: Update the index.yaml
+        run: |
+          helm repo index \
+            --url https://${{ github.actor }}.github.io/${{ github.event.repository.name }}/helm-charts/ \
+            --merge \
+            ./helm-charts/index.yaml \
+            ./helm-charts
+      - uses: yKicchan/generate-directory-listing-action@v1
+        with: {target: ., ignore: "**/index.html", override: true}
+      - name: Commit and push the changes
+        run: |
+          git config user.name "${{ github.actor }}"
+          git config user.email "${{ github.actor }}@users.noreply.github.com"
+          git add .
+          git commit -m "Helm chart release"
+          git push origin gh-pages

.github/workflows/tests.yml

@@ -1,105 +1,92 @@
-name: tests
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
+
+name: 🧪 Tests
 
 on:
+  workflow_dispatch: {}
   push:
     branches: [master, main]
+    paths-ignore: ['**.md']
     tags-ignore: ['**']
-  pull_request: {}
+  pull_request:
+    paths-ignore: ['**.md']
 
 concurrency:
   group: ${{ github.ref }}
   cancel-in-progress: true
 
-jobs: # Docs: <https://git.io/JvxXE>
+jobs:
   gitleaks:
-    name: Gitleaks
+    name: Check for GitLeaks
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - {uses: actions/checkout@v4, with: {fetch-depth: 0}}
-        with: {fetch-depth: 0}
+      - uses: gacts/gitleaks@v1
 
-      - name: Check for GitLeaks
+  filter:
-        uses: gacts/gitleaks@v1 # Action page: <https://github.com/gacts/gitleaks>
+    name: Filter files
+    runs-on: ubuntu-latest
+    permissions: {pull-requests: read}
+    outputs:
+      docker: ${{ steps.filter.outputs.docker }}
+      helm: ${{ steps.filter.outputs.helm }}
+    steps:
+      - uses: dorny/paths-filter@v3
+        id: filter
+        with:
+          filters: |
+            docker: [Dockerfile, '*docker*', '*3proxy*']
+            helm: ['deployments/helm/**', '*kube*']
+
+  lint-charts:
+    name: Lint the chart
+    runs-on: ubuntu-latest
+    needs: [filter]
+    if: needs.filter.outputs.helm == 'true'
+    defaults: {run: {working-directory: ./deployments/helm}}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: azure/setup-helm@v4
+      - run: helm dependency update .
+      - run: helm template . > /dev/null
+      - run: helm lint --strict .
 
   build-image:
-    name: Build docker image
+    name: Build the docker image
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
+    needs: [filter] # since this is the initial step, we can filter out the rest of the jobs right here to skip them
+    if: needs.filter.outputs.docker == 'true'
     steps:
-      - name: Check out code
+      - uses: actions/checkout@v4
-        uses: actions/checkout@v3
+      - run: docker build -f ./Dockerfile --tag 3proxy:local .
-
+      - run: docker save 3proxy:local > ./docker-image.tar
-      - name: Build docker image
+      - uses: actions/upload-artifact@v4
-        run: docker build -f ./Dockerfile --tag 3proxy:local .
-
-      - name: Scan image
-        uses: anchore/scan-action@v3 # action page: <https://github.com/anchore/scan-action>
-        with:
-          image: 3proxy:local
-          fail-build: true
-          severity-cutoff: low # negligible, low, medium, high or critical
-
-      - name: Save docker image
-        run: docker save 3proxy:local > ./docker-image.tar
-
-      - name: Upload artifact
-        uses: actions/upload-artifact@v3
         with:
           name: docker-image
           path: ./docker-image.tar
           retention-days: 1
 
-  scan-image:
-    name: Scan docker image
-    runs-on: ubuntu-20.04
-    needs: [build-image]
-    steps:
-      - name: Download built docker image
-        uses: actions/download-artifact@v3
-        with:
-          name: docker-image
-          path: .artifact
-
-      - name: Prepare image to run
-        working-directory: .artifact
-        run: docker load < docker-image.tar
-
-      - name: Scan image
-        uses: anchore/scan-action@v3 # action page: <https://github.com/anchore/scan-action>
-        with:
-          image: 3proxy:local
-          fail-build: true
-          severity-cutoff: low # negligible, low, medium, high or critical
-
   try-to-use:
-    name: Build and use docker image (auth ${{ matrix.auth }})
+    name: Build and use the docker image (auth ${{ matrix.auth }})
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
         auth: [yes, no]
     needs: [build-image]
     steps:
-      - name: Download built docker image
+      - uses: actions/download-artifact@v4
-        uses: actions/download-artifact@v3
         with:
           name: docker-image
           path: .artifact
-
+      - working-directory: .artifact
-      - name: Prepare image to run
-        working-directory: .artifact
         run: docker load < docker-image.tar
-
+      - if: matrix.auth != 'yes'
-      - name: Start server without auth setup
-        if: matrix.auth != 'yes'
         run: docker run --rm -d -p "3128:3128/tcp" -p "1080:1080/tcp" 3proxy:local
-
+      - if: matrix.auth == 'yes'
-      - name: Start server with auth setup
-        if: matrix.auth == 'yes'
         run: docker run --rm -d -p "3128:3128/tcp" -p "1080:1080/tcp" -e "PROXY_LOGIN=evil" -e "PROXY_PASSWORD=live" -e 'EXTRA_ACCOUNTS={"foo":"bar"}' 3proxy:local
-
+      - run: sleep 3
-      - name: Pause
-        run: sleep 3
-
       - name: Try to use HTTP proxy
         if: matrix.auth != 'yes'
         run: |
@@ -108,7 +95,6 @@ jobs: # Docs: <https://git.io/JvxXE>
             --connect-timeout 3 \
             --max-time 3 \
             https://www.cloudflare.com/robots.txt
-
       - name: Try to use SOCKS proxy
         if: matrix.auth != 'yes'
         run: |
@@ -117,7 +103,6 @@ jobs: # Docs: <https://git.io/JvxXE>
             --connect-timeout 3 \
             --max-time 3 \
             https://www.cloudflare.com/robots.txt
-
       - name: Try to use HTTP proxy (with auth)
         if: matrix.auth == 'yes'
         run: |
@@ -127,7 +112,6 @@ jobs: # Docs: <https://git.io/JvxXE>
             --connect-timeout 3 \
             --max-time 3 \
             https://www.cloudflare.com/robots.txt
-
       - name: Try to use HTTP proxy (with auth, extra user)
         if: matrix.auth == 'yes'
         run: |
@@ -137,7 +121,6 @@ jobs: # Docs: <https://git.io/JvxXE>
             --connect-timeout 3 \
             --max-time 3 \
             https://www.cloudflare.com/robots.txt
-
       - name: Try to use SOCKS proxy (with auth)
         if: matrix.auth == 'yes'
         run: |
@@ -147,6 +130,4 @@ jobs: # Docs: <https://git.io/JvxXE>
             --connect-timeout 3 \
             --max-time 3 \
             https://www.cloudflare.com/robots.txt
-
+      - run: docker stop $(docker ps -a --filter ancestor=3proxy:local -q)
-      - name: Stop container
-        run: docker stop $(docker ps -a --filter ancestor=3proxy:local -q)

3proxy.cfg.json

@@ -1,6 +1,6 @@
 {
   "log": {
-    "output": "/dev/stdout"
+    "output": "${LOG_OUTPUT:-/dev/stdout}"
   },
   "name_servers": [
     "${PRIMARY_RESOLVER:-1.0.0.1}",
@@ -19,5 +19,6 @@
   "ports": {
     "proxy": "${PROXY_PORT:-3128}",
     "socks": "${SOCKS_PORT:-1080}"
-  }
+  },
+  "extra_config": "${EXTRA_CONFIG}"
 }

3proxy.cfg.mustach

@@ -27,6 +27,12 @@ auth strong
 allow {{ auth.login }}{{#auth.extra_accounts.*}},{{ * }}{{/auth.extra_accounts.*}}
 {{/auth.password=}}{{/auth.login=}}
 
+{{^extra_config=}}
+
+# Additional configuration
+{{extra_config}}
+{{/extra_config=}}
+
 proxy -a -p{{ ports.proxy }}
 socks -a -p{{ ports.socks }}
 

CHANGELOG.md

@@ -1,93 +0,0 @@
-# Changelog
-
-All notable changes to this package will be documented in this file.
-
-The format is based on [Keep a Changelog][keepachangelog] and this project adheres to [Semantic Versioning][semver].
-
-## v1.8.0
-
-### Added
-
-- `EXTRA_ACCOUNTS` environment variable is supported now [#28]
-
-[#28]:https://github.com/tarampampam/3proxy-docker/issues/28
-
-## v1.7.0
-
-### Added
-
-- The following environment variables are supported now: `MAX_CONNECTIONS`, `PROXY_PORT`, `SOCKS_PORT`
-
-### Changed
-
-- Entrypoint script (`bash`) replaced with [`mustpl`](https://github.com/tarampampam/mustpl)
-- The result docker image `busybox:1.34.1-glibc` replaced with `busybox:stable-glibc`
-
-### Removed
-
-- Dockerfile healthcheck
-
-## v1.6.0
-
-### Added
-
-- Possibility of changing DNS resolvers using environment variables `PRIMARY_RESOLVER` (primary) and `SECONDARY_RESOLVER` (secondary)
-
-## v1.5.0
-
-### Fixed
-
-- Docker image building optimized
-
-### Added
-
-- Healthcheck in the dockerfile
-
-## v1.4.0
-
-### Changed
-
-- 3proxy updated from `0.9.3` up to `0.9.4`
-
-## v1.3.0
-
-### Changed
-
-- Logging in JSON format
-
-## v1.2.0
-
-### Changed
-
-- 3proxy updated from `0.8.13` up to `0.9.3`
-
-## v1.1.0
-
-### Removed
-
-- Environment variable `AUTH_REQUIRED` support
-
-### Changed
-
-- Proxy error pages a little bit styled
-
-## v1.0.0
-
-### Fixed
-
-- Dockerfile and docker entry-point script cleanup
-
-## v0.1.1
-
-### Fixed
-
-- Docker entry-point script clean
-
-## v0.1.0
-
-### Changed
-
-- First project release
-
-[keepachangelog]:https://keepachangelog.com/en/1.0.0/
-[semver]:https://semver.org/spec/v2.0.0.html

Dockerfile

@@ -1,5 +1,6 @@
-# Image page: <https://hub.docker.com/_/gcc>
+# syntax=docker/dockerfile:1
-FROM gcc:12.2.0 as builder
+
+FROM gcc:13.3.0 AS builder
 
 # renovate: source=github-tags name=z3APA3A/3proxy
 ARG Z3PROXY_VERSION=0.9.4
@@ -14,10 +15,12 @@ WORKDIR /tmp/3proxy
 RUN set -x \
     && echo '#define ANONYMOUS 1' >> ./src/3proxy.h \
     # proxy.c source: <https://github.com/z3APA3A/3proxy/blob/0.9.3/src/proxy.c>
-    && sed -i 's~\(<\/head>\)~<style>html,body{background-color:#222526;color:#fff;font-family:sans-serif;\
+    && sed -i 's~\(<\/head>\)~<style>:root{--color-bg-primary:#fff;--color-text-primary:#131313;--color-text-secondary:#232323}\
-text-align:center;display:flex;flex-direction:column;justify-content:center}h1,h2{margin-bottom:0;font-size:2.5em}\
+@media (prefers-color-scheme: dark){:root{--color-bg-primary:#212121;--color-text-primary:#fafafa;--color-text-secondary:#bbb}}\
-h2::before{content:'"'"'Proxy error'"'"';display:block;font-size:0.4em;color:#bbb;font-weight:100}\
+html,body{height:100%;font-family:sans-serif;background-color:var(--color-bg-primary);color:var(--color-text-primary);margin:0;\
-h3,p{color:#bbb}</style>\1~' ./src/proxy.c \
+padding:0;text-align:center}body{align-items:center;display:flex;justify-content:center;flex-direction:column;height:100vh}\
+h1,h2{margin-bottom:0;font-size:2.5em}h2::before{content:'"'"'Proxy error'"'"';display:block;font-size:.4em;\
+color:var(--color-text-secondary);font-weight:100}h3,p{color:var(--color-text-secondary)}</style>\1~' ./src/proxy.c \
     && cat ./src/proxy.c | grep '</head>'
 
 # And compile
@@ -34,7 +37,7 @@ RUN set -x \
     && strip ./bin/SSLPlugin.ld.so
 
 # Prepare filesystem for 3proxy running
-FROM busybox:stable-glibc as buffer
+FROM alpine:latest AS buffer
 
 # create a directory for the future root filesystem
 WORKDIR /tmp/rootfs
@@ -44,13 +47,16 @@ RUN set -x \
     && mkdir -p ./etc ./bin ./usr/local/3proxy/libexec ./etc/3proxy \
     && echo '3proxy:x:10001:10001::/nonexistent:/sbin/nologin' > ./etc/passwd \
     && echo '3proxy:x:10001:' > ./etc/group \
-    && wget -O ./bin/dumb-init "https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64" \
+    && apk add --no-cache --virtual .build-deps curl ca-certificates \
-    && chmod +x ./bin/dumb-init
+    && update-ca-certificates \
+    && curl -SsL -o ./bin/dumb-init "https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_$(arch)" \
+    && chmod +x ./bin/dumb-init \
+    && apk del .build-deps
 
-COPY --from=builder /lib/x86_64-linux-gnu/libdl.so.* ./lib/
+COPY --from=builder /lib/*-linux-gnu/libdl.so.* ./lib/
 COPY --from=builder /tmp/3proxy/bin/3proxy ./bin/3proxy
 COPY --from=builder /tmp/3proxy/bin/*.ld.so ./usr/local/3proxy/libexec/
-COPY --from=ghcr.io/tarampampam/mustpl:0.1.0 /bin/mustpl ./bin/mustpl
+COPY --from=ghcr.io/tarampampam/mustpl:0.1.1 /bin/mustpl ./bin/mustpl
 COPY 3proxy.cfg.json ./etc/3proxy/3proxy.cfg.json
 COPY 3proxy.cfg.mustach ./etc/3proxy/3proxy.cfg.mustach
 

README.md

@@ -1,18 +1,25 @@
 <p align="center">
-  <img src="https://hsto.org/webt/kp/e1/ud/kpe1udvcjss_-wtmrws-w9radke.png" width="96" alt="" />
+  <a href="https://github.com/tarampampam/3proxy-docker#readme">
+    <picture>
+      <source media="(prefers-color-scheme: dark)" srcset="https://socialify.git.ci/tarampampam/3proxy-docker/image?description=1&font=Raleway&forks=1&issues=1&logo=https%3A%2F%2Fgithub.com%2Fuser-attachments%2Fassets%2F023186cf-b153-459c-8417-038fd87a2065&owner=1&pulls=1&pattern=Solid&stargazers=1&theme=Dark">
+      <img align="center" src="https://socialify.git.ci/tarampampam/3proxy-docker/image?description=1&font=Raleway&forks=1&issues=1&logo=https%3A%2F%2Fgithub.com%2Fuser-attachments%2Fassets%2F023186cf-b153-459c-8417-038fd87a2065&owner=1&pulls=1&pattern=Solid&stargazers=1&theme=Light">
+    </picture>
+  </a>
+</p>
+
+<p align="center">
+  <a href="https://github.com/tarampampam/3proxy-docker/actions"><img src="https://img.shields.io/github/actions/workflow/status/tarampampam/3proxy-docker/tests.yml?branch=master&maxAge=30&label=tests&logo=github&style=flat-square" alt="" /></a>
+  <a href="https://github.com/tarampampam/3proxy-docker/actions"><img src="https://img.shields.io/github/actions/workflow/status/tarampampam/3proxy-docker/release.yml?maxAge=30&label=release&logo=github&style=flat-square" alt="" /></a>
+  <a href="https://hub.docker.com/r/tarampampam/3proxy"><img src="https://img.shields.io/docker/pulls/tarampampam/3proxy.svg?maxAge=30&label=pulls&logo=docker&logoColor=white&style=flat-square" alt="" /></a>
+  <a href="https://hub.docker.com/r/tarampampam/3proxy"><img src="https://img.shields.io/docker/image-size/tarampampam/3proxy/latest?maxAge=30&label=size&logo=docker&logoColor=white&style=flat-square" alt="" /></a>
+  <a href="https://github.com/tarampampam/3proxy-docker/blob/master/LICENSE"><img src="https://img.shields.io/github/license/tarampampam/3proxy-docker.svg?maxAge=30&style=flat-square" alt="" /></a>
 </p>
 
 # Docker image with [3proxy][link_3proxy]
 
-[![Build Status][badge_build_status]][link_build_status]
+3proxy is a powerful and lightweight proxy server. This image includes the stable version and can be easily
-[![Release Status][badge_release_status]][link_build_status]
+configured using environment variables. By default, it operates with anonymous proxy settings to hide client
-[![Image size][badge_size_latest]][link_docker_hub]
+information and logs activity in JSON format.
-[![Docker Pulls][badge_docker_pulls]][link_docker_hub]
-[![License][badge_license]][link_license]
-
-## Why this image created?
-
-3proxy is awesome and lightweight proxy-server. This image contains stable version with it and can be configured using environment variables. By default, it uses anonymous (information about client hiding) proxy settings. Logging in JSON format.
 
 > Page on `hub.docker.com` can be [found here][link_docker_hub].
 
@@ -28,89 +35,116 @@ TCP ports:
 | Registry                               | Image                        |
 |----------------------------------------|------------------------------|
 | [GitHub Container Registry][link_ghcr] | `ghcr.io/tarampampam/3proxy` |
-| [Docker Hub][link_docker_hub]          | `tarampampam/3proxy`         |
+| [Docker Hub][link_docker_hub] (mirror) | `tarampampam/3proxy`         |
 
-All supported image tags [can be found here][link_docker_tags].
+> [!NOTE]
+> It’s recommended to avoid using the `latest` tag, as **major** upgrades may include breaking changes.
+> Instead, use specific tags in `X.Y.Z` format for version consistency.
 
-## Supported environment variables
+All supported image tags can be [found here][link_docker_tags].
 
-| Variable name        | Description                                               | Example                           |
+> Starting with version 1.8.2, the `arm64` architecture is supported (in addition to `amd64`):
-|----------------------|-----------------------------------------------------------|-----------------------------------|
-| `PROXY_LOGIN`        | Authorization login (empty by default)                    | `username`                        |
-| `PROXY_PASSWORD`     | Authorization password (empty by default)                 | `password`                        |
-| `EXTRA_ACCOUNTS`     | Additional proxy users                                    | `{"evil":"live", "guest":"pass"}` |
-| `PRIMARY_RESOLVER`   | Primary nameserver (dns resolver; `1.0.0.1` by default)   | `8.8.8.8:5353/tcp`                |
-| `SECONDARY_RESOLVER` | Secondary nameserver (dns resolver; `8.8.4.4` by default) | `2001:4860:4860::8844`            |
-| `MAX_CONNECTIONS`    | Maximal connections count (`1024` by default)             | `2056`                            |
-| `PROXY_PORT`         | HTTP proxy port number (`3128` by default)                | `8080`                            |
-| `SOCKS_PORT`         | SOCKS proxy port number (`1080` by default)               | `8888`                            |
 
-## How can I use this?
+```shell
+docker run --rm mplatform/mquery ghcr.io/tarampampam/3proxy:1.8.2
 
-For example:
+Image: ghcr.io/tarampampam/3proxy:1.8.2
-
+ * Manifest List: Yes (Image type: application/vnd.docker.distribution.manifest.list.v2+json)
-```bash
+ * Supported platforms:
-$ docker run --rm -d \
+   - linux/amd64
-    -p "3128:3128/tcp" \
+   - linux/arm64
-    -p "1080:1080/tcp" \
-    tarampampam/3proxy:latest
 ```
 
-Or with auth & resolver settings:
+## Supported Environment Variables
+
+| Variable Name        | Description                                                                                                           | Example                           |
+|----------------------|-----------------------------------------------------------------------------------------------------------------------|-----------------------------------|
+| `PROXY_LOGIN`        | Authorization login (empty by default)                                                                                | `username`                        |
+| `PROXY_PASSWORD`     | Authorization password (empty by default)                                                                             | `password`                        |
+| `EXTRA_ACCOUNTS`     | Additional proxy users (JSON object format)                                                                           | `{"evil":"live", "guest":"pass"}` |
+| `PRIMARY_RESOLVER`   | Primary DNS resolver (`1.0.0.1` by default)                                                                           | `8.8.8.8:5353/tcp`                |
+| `SECONDARY_RESOLVER` | Secondary DNS resolver (`8.8.4.4` by default)                                                                         | `2001:4860:4860::8844`            |
+| `MAX_CONNECTIONS`    | Maximum number of connections (`1024` by default)                                                                     | `2056`                            |
+| `PROXY_PORT`         | HTTP proxy port (`3128` by default)                                                                                   | `8080`                            |
+| `SOCKS_PORT`         | SOCKS proxy port (`1080` by default)                                                                                  | `8888`                            |
+| `EXTRA_CONFIG`       | Additional 3proxy configuration (appended to the **end** of the config file, but before `proxy` and `flush`)          | `# line 1\n# line 2`              |
+| `LOG_OUTPUT`         | Path for log output (`/dev/stdout` by default; set to `/dev/null` to disable logging)                                 | `/tmp/3proxy.log`                 |
+
+## Helm Chart
+
+To install it on Kubernetes (K8s), please use the Helm chart from [ArtifactHUB][artifact-hub].
+
+[artifact-hub]:https://artifacthub.io/packages/helm/proxy-3proxy/proxy-3proxy
+
+## How to Use This Image
+
+Example usage:
 
 ```bash
-$ docker run --rm -d \
+docker run --rm -d \
+  -p "3128:3128/tcp" \
+  -p "1080:1080/tcp" \
+  ghcr.io/tarampampam/3proxy:latest
+```
+
+With authentication and custom resolver settings:
+
+```bash
+docker run --rm -d \
   -p "3128:3128/tcp" \
   -p "1080:1080/tcp" \
   -e "PROXY_LOGIN=evil" \
   -e "PROXY_PASSWORD=live" \
   -e "PRIMARY_RESOLVER=2001:4860:4860::8888" \
-    tarampampam/3proxy:latest
+  ghcr.io/tarampampam/3proxy:latest
+```
+
+Docker compose example:
+
+```yaml
+services:
+  3proxy:
+    image: ghcr.io/tarampampam/3proxy:latest
+    environment:
+      PROXY_LOGIN: evil
+      PROXY_PASSWORD: live
+      MAX_CONNECTIONS: 10000
+      PROXY_PORT: 8000
+      SOCKS_PORT: 8001
+      PRIMARY_RESOLVER: 77.88.8.8
+      SECONDARY_RESOLVER: 8.8.8.8
+    ports:
+      - '8000:8000/tcp'
+      - '8001:8001/tcp'
 ```
 
 ## Releasing
 
-New versions publishing is very simple - just make required changes in this repository, update [changelog file](CHANGELOG.md) and "publish" new release using repo releases page.
+Publishing a new version is straightforward:
 
-Docker images will be build and published automatically.
+1. Make the necessary changes in this repository.
+2. "Publish" a new release on the repository's releases page.
 
-> New release will overwrite the `latest` docker image tag in both registers.
+Docker images will be automatically built and published.
 
-## Changes log
+> Note: The `latest` tag will be overwritten in both registries when a new release is published.
-
-[![Release date][badge_release_date]][link_releases]
-[![Commits since latest release][badge_commits_since_release]][link_commits]
-
-Changes log can be [found here][link_changes_log].
 
 ## Support
 
 [![Issues][badge_issues]][link_issues]
 [![Issues][badge_pulls]][link_pulls]
 
-If you find any errors, please, [make an issue][link_create_issue] in current repository.
+If you encounter any issues, please [open an issue][link_create_issue] in this repository.
 
 ## License
 
-WTFPL. Use anywhere for your pleasure.
+This project is licensed under the WTFPL. Use it freely and enjoy!
 
-[badge_build_status]:https://img.shields.io/github/workflow/status/tarampampam/3proxy-docker/tests/master?logo=github&label=build
-[badge_release_status]:https://img.shields.io/github/workflow/status/tarampampam/3proxy-docker/release?logo=github&label=release
-[badge_release_date]:https://img.shields.io/github/release-date/tarampampam/3proxy-docker.svg?style=flat-square&maxAge=180
-[badge_commits_since_release]:https://img.shields.io/github/commits-since/tarampampam/3proxy-docker/latest.svg?style=flat-square&maxAge=180
 [badge_issues]:https://img.shields.io/github/issues/tarampampam/3proxy-docker.svg?style=flat-square&maxAge=180
 [badge_pulls]:https://img.shields.io/github/issues-pr/tarampampam/3proxy-docker.svg?style=flat-square&maxAge=180
-[badge_license]:https://img.shields.io/github/license/tarampampam/3proxy-docker.svg?longCache=true
-[badge_size_latest]:https://img.shields.io/docker/image-size/tarampampam/3proxy/latest?maxAge=30
-[badge_docker_pulls]:https://img.shields.io/docker/pulls/tarampampam/3proxy.svg
-[link_releases]:https://github.com/tarampampam/3proxy-docker/releases
-[link_commits]:https://github.com/tarampampam/3proxy-docker/commits
-[link_changes_log]:https://github.com/tarampampam/3proxy-docker/blob/master/CHANGELOG.md
 [link_issues]:https://github.com/tarampampam/3proxy-docker/issues
 [link_pulls]:https://github.com/tarampampam/3proxy-docker/pulls
-[link_build_status]:https://github.com/tarampampam/3proxy-docker/actions
 [link_create_issue]:https://github.com/tarampampam/3proxy-docker/issues/new
-[link_license]:https://github.com/tarampampam/3proxy-docker/blob/master/LICENSE
 [link_docker_tags]:https://hub.docker.com/r/tarampampam/3proxy/tags
 [link_docker_hub]:https://hub.docker.com/r/tarampampam/3proxy/
 [link_ghcr]:https://github.com/tarampampam/3proxy-docker/pkgs/container/3proxy

deployments/helm/Chart.yaml

@@ -0,0 +1,11 @@
+# yaml-language-server: $schema=https://json.schemastore.org/chart.json
+
+apiVersion: v2
+name: proxy-3proxy
+description: Powerful and lightweight proxy server, written in pure C
+
+type: application
+version: 0.0.0 # will be replaced by the release workflow
+appVersion: 0.0.0 # will be replaced by the release workflow
+icon: https://github.com/user-attachments/assets/023186cf-b153-459c-8417-038fd87a2065
+sources: [https://github.com/tarampampam/3proxy-docker]

deployments/helm/README.md

@@ -0,0 +1,35 @@
+# 3proxy
+
+Important note: Since the chart is released together with the app under the same version (i.e., the chart version
+matches the app version), its versioning is not compatible with semantic versioning (SemVer). I will do my best to
+avoid non-backward-compatible changes in the chart, but due to Murphy's Law, I cannot guarantee that they will
+never occur.
+
+Also, this chart does not include Ingress configuration. If you need it, please, create it manually.
+
+## Usage
+
+```shell
+helm repo add tarampampam https://tarampampam.github.io/3proxy-docker/helm-charts
+helm repo update
+
+helm install proxy-3proxy tarampampam/proxy-3proxy
+```
+
+Alternatively, add the following lines to your `Chart.yaml`:
+
+```yaml
+dependencies:
+  - name: proxy-3proxy
+    version: <version>
+    repository: https://tarampampam.github.io/proxy-3proxy/helm-charts
+```
+
+And override the default values in your `values.yaml`:
+
+```yaml
+proxy-3proxy:
+  # ...
+  service: {port: 8800}
+  # ...
+```

deployments/helm/templates/_helpers.tpl

@@ -0,0 +1,52 @@
+{{/* Define namespace of chart, useful for multi-namespace deployments */}}
+{{- define "proxy-3proxy.namespace" -}}
+  {{- if .Values.namespaceOverride }}
+    {{- .Values.namespaceOverride }}
+  {{- else }}
+    {{- .Release.Namespace }}
+  {{- end }}
+{{- end }}
+
+{{/* Expand the name of the chart */}}
+{{- define "proxy-3proxy.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "proxy-3proxy.fullname" -}}
+  {{- if .Values.fullnameOverride }}
+    {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+  {{- else }}
+    {{- $name := default .Chart.Name .Values.nameOverride }}
+    {{- if contains $name .Release.Name }}
+      {{- .Release.Name | trunc 63 | trimSuffix "-" }}
+    {{- else }}
+      {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+    {{- end }}
+  {{- end }}
+{{- end }}
+
+{{/* Create chart name and version as used by the chart label */}}
+{{- define "proxy-3proxy.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/* Common labels */}}
+{{- define "proxy-3proxy.commonLabels" -}}
+helm.sh/chart: {{ include "proxy-3proxy.chart" . }}
+{{ include "proxy-3proxy.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/* Selector labels */}}
+{{- define "proxy-3proxy.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "proxy-3proxy.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}

deployments/helm/templates/deployment.yaml

@@ -0,0 +1,194 @@
+{{- if .Values.deployment.enabled }}
+apiVersion: apps/v1
+kind: {{ .Values.deployment.kind | default "Deployment" }}
+
+metadata:
+  name: {{ include "proxy-3proxy.fullname" . }}
+  namespace: {{ template "proxy-3proxy.namespace" . }}
+  labels:
+    {{- include "proxy-3proxy.commonLabels" . | nindent 4 }}
+
+spec:
+  {{- with .Values.deployment }}
+  replicas: {{ .replicas | default 1 }}
+  selector:
+    matchLabels:
+      {{- include "proxy-3proxy.selectorLabels" $ | nindent 6 }}
+  template:
+    metadata:
+      {{- with .podAnnotations }}
+      annotations:
+        {{- tpl (toYaml .) $ | nindent 8 }}
+      {{- end }}
+      labels:
+        {{- include "proxy-3proxy.commonLabels" $ | nindent 8 }}
+        {{- with .labels }}
+        {{- tpl (toYaml .) $ | nindent 8 }}
+        {{- end }}
+    spec:
+      automountServiceAccountToken: false
+      {{- with .imagePullSecrets }}
+      imagePullSecrets:
+        {{- tpl (toYaml .) $ | nindent 8 }}
+      {{- end }}
+      containers:
+        - name: {{ include "proxy-3proxy.fullname" $ }}
+
+          {{- with .securityContext }}
+          securityContext:
+            {{- toYaml . | nindent 12 }}
+            readOnlyRootFilesystem: false
+          {{- end }}
+
+          {{- with $.Values.image }}
+          image: "{{ .repository }}:{{ .tag | default $.Chart.AppVersion }}"
+          imagePullPolicy: {{ .pullPolicy | default "IfNotPresent" }}
+          {{- end }}
+          ports:
+            - name: http
+              containerPort: 3128
+              protocol: TCP
+            - name: socks
+              containerPort: 1080
+              protocol: TCP
+          env:
+            - {name: PROXY_PORT, value: "3128"}
+            - {name: SOCKS_PORT, value: "1080"}
+          {{- with $.Values.config }}
+            {{- with .log }}
+            {{- $logOutputEnvName := "LOG_OUTPUT" }}
+            {{- if eq .enabled false }}
+            - {name: {{ $logOutputEnvName }}, value: "/dev/null"}
+            {{- else if .output }}
+            - {name: {{ $logOutputEnvName }}, value: "{{ .output }}"}
+            {{- end }}
+            {{- end }}
+
+            {{- with .auth.login }}
+            {{- $authLoginEnvName := "PROXY_LOGIN" }}
+            {{- if .plain }}
+            - {name: {{ $authLoginEnvName }}, value: "{{ .plain }}"}
+            {{- else if .fromSecret.enabled }}
+            - name: {{ $authLoginEnvName }}
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ tpl (toYaml .fromSecret.secretName) $ }}"
+                  key: "{{ tpl (toYaml .fromSecret.secretKey) $ }}"
+            {{- else if .fromConfigMap.enabled }}
+            - name: {{ $authLoginEnvName }}
+              valueFrom:
+                configMapKeyRef:
+                  name: "{{ tpl (toYaml .fromConfigMap.configMapName) $ }}"
+                  key: "{{ tpl (toYaml .fromConfigMap.configMapKey) $ }}"
+            {{- end }}
+            {{- end }}
+
+            {{- with .auth.password }}
+            {{- $authPasswordEnvName := "PROXY_PASSWORD" }}
+            {{- if .plain }}
+            - {name: {{ $authPasswordEnvName }}, value: "{{ .plain }}"}
+            {{- else if .fromSecret.enabled }}
+            - name: {{ $authPasswordEnvName }}
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ tpl (toYaml .fromSecret.secretName) $ }}"
+                  key: "{{ tpl (toYaml .fromSecret.secretKey) $ }}"
+            {{- else if .fromConfigMap.enabled }}
+            - name: {{ $authPasswordEnvName }}
+              valueFrom:
+                configMapKeyRef:
+                  name: "{{ tpl (toYaml .fromConfigMap.configMapName) $ }}"
+                  key: "{{ tpl (toYaml .fromConfigMap.configMapKey) $ }}"
+            {{- end }}
+            {{- end }}
+
+            {{- with .auth.extraAccounts }}
+            {{- $extraAuthAccountsEnvName := "EXTRA_ACCOUNTS" }}
+            {{- if .plain }}
+            - name: {{ $extraAuthAccountsEnvName }}
+              value: >-
+                {{ .plain | toJson }}
+            {{- else if .fromSecret.enabled }}
+            - name: {{ $extraAuthAccountsEnvName }}
+              valueFrom:
+                secretKeyRef:
+                  name: "{{ tpl (toYaml .fromSecret.secretName) $ }}"
+                  key: "{{ tpl (toYaml .fromSecret.secretKey) $ }}"
+            {{- else if .fromConfigMap.enabled }}
+            - name: {{ $extraAuthAccountsEnvName }}
+              valueFrom:
+                configMapKeyRef:
+                  name: "{{ tpl (toYaml .fromConfigMap.configMapName) $ }}"
+                  key: "{{ tpl (toYaml .fromConfigMap.configMapKey) $ }}"
+            {{- end }}
+            {{- end }}
+
+            {{- if .dns.primaryResolver }}
+            - {name: PRIMARY_RESOLVER, value: "{{ .dns.primaryResolver }}"}
+            {{- end }}
+
+            {{- if .dns.secondaryResolver }}
+            - {name: SECONDARY_RESOLVER, value: "{{ .dns.secondaryResolver }}"}
+            {{- end }}
+
+            {{- if ne .limits.maxConnections nil }}
+            - {name: MAX_CONNECTIONS, value: "{{ .limits.maxConnections }}"}
+            {{- end }}
+
+            {{- if .extraConfig }}
+            - name: EXTRA_CONFIG
+              value: >-
+                {{ .extraConfig }}
+            {{- end }}
+            {{- with $.Values.deployment.env }}
+            {{- tpl (toYaml .) $ | nindent 12 }}
+            {{- end }}
+          {{- end }}
+
+          {{- with .args }}
+          args:
+            {{- tpl (toYaml .) $ | nindent 12 }}
+          {{- end }}
+
+          {{- with .probe }}
+          livenessProbe:
+            tcpSocket: {port: "{{ .port }}"}
+            periodSeconds: {{ .interval }}
+            initialDelaySeconds: {{ .initialDelay }}
+          readinessProbe:
+            tcpSocket: {port: "{{ .port }}"}
+            periodSeconds: {{ .interval }}
+            initialDelaySeconds: {{ .initialDelay }}
+          {{- end }}
+
+          {{- with .resources }}
+          resources:
+            {{- toYaml . | nindent 12 }}
+          {{- end }}
+
+          {{- with .volumeMounts }}
+          volumeMounts:
+            {{- tpl (toYaml .) $ | nindent 12 }}
+          {{- end }}
+
+      {{- with .volumes }}
+      volumes:
+        {{- tpl (toYaml .) $ | nindent 8 }}
+      {{- end }}
+
+      {{- with .nodeSelector }}
+      nodeSelector:
+        {{- tpl (toYaml .) $ | nindent 8 }}
+      {{- end }}
+
+      {{- with .affinity }}
+      affinity:
+        {{- tpl (toYaml .) $ | nindent 8 }}
+      {{- end }}
+
+      {{- with .tolerations }}
+      tolerations:
+        {{- tpl (toYaml .) $ | nindent 8 }}
+      {{- end }}
+  {{- end }}
+{{- end }}

deployments/helm/templates/service.yaml

@@ -0,0 +1,29 @@
+{{- if .Values.service.enabled }}
+apiVersion: v1
+kind: Service
+
+metadata:
+  name: {{ include "proxy-3proxy.fullname" . }}
+  namespace: {{ template "proxy-3proxy.namespace" . }}
+  labels:
+    {{- include "proxy-3proxy.commonLabels" . | nindent 4 }}
+
+spec:
+  {{- with .Values.service }}
+  type: {{ .type }}
+  {{- with .externalName }}
+  externalName: {{ . }}
+  {{- end }}
+  ports:
+    - name: http
+      port: {{ .ports.http }}
+      targetPort: http
+      protocol: TCP
+    - name: http
+      port: {{ .ports.socks }}
+      targetPort: socks
+      protocol: TCP
+  selector:
+    {{- include "proxy-3proxy.selectorLabels" $ | nindent 4 }}
+  {{- end }}
+{{- end }}

deployments/helm/values.schema.json

@@ -0,0 +1,367 @@
+{
+  "$schema": "https://json-schema.org/draft-07/schema#",
+  "type": "object",
+  "properties": {
+    "nameOverride": {
+      "oneOf": [
+        {"type": "string", "minLength": 1},
+        {"type": "null"}
+      ]
+    },
+    "fullnameOverride": {
+      "oneOf": [
+        {"type": "string", "minLength": 1},
+        {"type": "null"}
+      ]
+    },
+    "namespaceOverride": {
+      "oneOf": [
+        {"type": "string", "minLength": 1},
+        {"type": "null"}
+      ]
+    },
+    "image": {
+      "type": "object",
+      "properties": {
+        "repository": {"type": "string", "minLength": 1},
+        "tag": {
+          "oneOf": [
+            {"type": "string", "minLength": 1},
+            {"type": "null"}
+          ]
+        },
+        "pullPolicy": {
+          "oneOf": [
+            {"type": "string", "enum": ["Always", "IfNotPresent", "Never"]},
+            {"type": "null"}
+          ]
+        }
+      }
+    },
+    "deployment": {
+      "type": "object",
+      "properties": {
+        "enabled": {"type": "boolean"},
+        "kind": {"type": "string"},
+        "replicas": {"type": "integer"},
+        "podAnnotations": {
+          "type": "object",
+          "additionalProperties": {"type": "string", "minLength": 1}
+        },
+        "labels": {
+          "type": "object",
+          "additionalProperties": {"type": "string", "minLength": 1}
+        },
+        "imagePullSecrets": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "name": {"type": "string"}
+            },
+            "minProperties": 1
+          }
+        },
+        "securityContext": {
+          "type": "object",
+          "properties": {
+            "runAsNonRoot": {"type": "boolean"},
+            "runAsUser": {"type": "integer"},
+            "runAsGroup": {"type": "integer"}
+          }
+        },
+        "probe": {
+          "type": "object",
+          "properties": {
+            "port": {"type": "string", "enum": ["http", "socks"]},
+            "interval": {"type": "integer"},
+            "initialDelay": {"type": "integer"}
+          }
+        },
+        "resources": {
+          "type": "object",
+          "properties": {
+            "requests": {
+              "type": "object",
+              "properties": {
+                "cpu": {"type": "string"},
+                "memory": {"type": "string"}
+              }
+            },
+            "limits": {
+              "type": "object",
+              "properties": {
+                "cpu": {"type": "string"},
+                "memory": {"type": "string"}
+              }
+            }
+          }
+        },
+        "volumes": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "name": {"type": "string"},
+              "configMap": {
+                "type": "object",
+                "properties": {
+                  "name": {"type": "string"}
+                }
+              },
+              "secret": {
+                "type": "object",
+                "properties": {
+                  "secretName": {"type": "string"}
+                }
+              },
+              "persistentVolumeClaim": {
+                "type": "object",
+                "properties": {
+                  "claimName": {"type": "string"}
+                }
+              }
+            }
+          }
+        },
+        "volumeMounts": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "name": {"type": "string"},
+              "mountPath": {"type": "string"},
+              "subPath": {"type": "string"},
+              "readOnly": {"type": "boolean"}
+            }
+          }
+        },
+        "nodeSelector": {
+          "type": "object",
+          "additionalProperties": {"type": "string", "minLength": 1}
+        },
+        "affinity": {
+          "type": "object",
+          "properties": {
+            "nodeAffinity": {"type": "object"},
+            "podAffinity": {"type": "object"},
+            "podAntiAffinity": {"type": "object"}
+          }
+        },
+        "tolerations": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "key": {"type": "string"},
+              "operator": {"type": "string"},
+              "value": {"type": "string"},
+              "effect": {"type": "string"}
+            }
+          }
+        },
+        "env": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "name": {"type": "string"},
+              "value": {"type": "string"},
+              "valueFrom": {"type": "object"}
+            }
+          }
+        },
+        "args": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "minLength": 1
+          }
+        }
+      }
+    },
+    "service": {
+      "type": "object",
+      "properties": {
+        "enabled": {"type": "boolean"},
+        "type": {
+          "type": "string",
+          "enum": ["ClusterIP", "NodePort", "LoadBalancer", "ExternalName"]
+        },
+        "externalName": {
+          "oneOf": [
+            {"type": "string", "minLength": 1},
+            {"type": "null"}
+          ]
+        },
+        "ports": {
+          "type": "object",
+          "properties": {
+            "http": {"type": "integer", "minimum": 1, "maximum": 65535},
+            "socks": {"type": "integer", "minimum": 1, "maximum": 65535}
+          }
+        }
+      }
+    },
+    "ingress": {
+      "type": "object",
+      "properties": {
+        "enabled": {"type": "boolean"},
+        "className": {
+          "oneOf": [
+            {"type": "string", "minLength": 1},
+            {"type": "null"}
+          ]
+        },
+        "annotations": {
+          "type": "object",
+          "additionalProperties": {"type": "string", "minLength": 1}
+        },
+        "hosts": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "host": {"type": "string", "minLength": 1},
+              "paths": {
+                "type": "array",
+                "items": {
+                  "type": "object",
+                  "properties": {
+                    "path": {"type": "string", "minLength": 1},
+                    "pathType": {"type": "string", "minLength": 1}
+                  }
+                }
+              }
+            }
+          }
+        },
+        "tls": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "hosts": {"type": "array"},
+              "secretName": {"type": "string"}
+            }
+          }
+        }
+      }
+    },
+    "config": {
+      "type": "object",
+      "properties": {
+        "log": {
+          "type": "object",
+          "properties": {
+            "enabled": {"type": "boolean"},
+            "output": {
+              "oneOf": [
+                {"type": "string", "minLength": 2, "examples": ["/dev/stdout"]},
+                {"type": "null"}
+              ]
+            }
+          }
+        },
+        "auth": {
+          "type": "object",
+          "properties": {
+            "login": {
+              "type": "object",
+              "properties": {
+                "plain": {
+                  "oneOf": [
+                    {"type": "string", "minLength": 1},
+                    {"type": "null"}
+                  ]
+                },
+                "fromSecret": {
+                  "type": "object",
+                  "properties": {
+                    "enabled": {"type": "boolean"},
+                    "secretName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
+                    "secretKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
+                  }
+                },
+                "fromConfigMap": {
+                  "type": "object",
+                  "properties": {
+                    "enabled": {"type": "boolean"},
+                    "configMapName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
+                    "configMapKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
+                  }
+                }
+              }
+            },
+            "password": {
+              "type": "object",
+              "properties": {
+                "plain": {
+                  "oneOf": [
+                    {"type": "string", "minLength": 1},
+                    {"type": "null"}
+                  ]
+                },
+                "fromSecret": {
+                  "type": "object",
+                  "properties": {
+                    "enabled": {"type": "boolean"},
+                    "secretName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
+                    "secretKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
+                  }
+                },
+                "fromConfigMap": {
+                  "type": "object",
+                  "properties": {
+                    "enabled": {"type": "boolean"},
+                    "configMapName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
+                    "configMapKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
+                  }
+                }
+              }
+            },
+            "extraAccounts": {
+              "type": "object",
+              "properties": {
+                "plain": {
+                  "type": "object",
+                  "additionalProperties": {"type": "string", "minLength": 1}
+                },
+                "fromSecret": {
+                  "type": "object",
+                  "properties": {
+                    "enabled": {"type": "boolean"},
+                    "secretName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
+                    "secretKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
+                  }
+                },
+                "fromConfigMap": {
+                  "type": "object",
+                  "properties": {
+                    "enabled": {"type": "boolean"},
+                    "configMapName": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
+                    "configMapKey": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
+                  }
+                }
+              }
+            }
+          }
+        },
+        "dns": {
+          "type": "object",
+          "properties": {
+            "primaryResolver": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]},
+            "secondaryResolver": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
+          }
+        },
+        "limits": {
+          "type": "object",
+          "properties": {
+            "maxConnections": {"oneOf": [{"type": "integer", "minimum": 1}, {"type": "null"}]}
+          }
+        },
+        "extraConfig": {"oneOf": [{"type": "string", "minLength": 1}, {"type": "null"}]}
+      }
+    }
+  }
+}

deployments/helm/values.yaml

@@ -0,0 +1,149 @@
+# -- The name of the Helm release
+fullnameOverride: null
+# -- This is to override the chart name
+nameOverride: null
+# -- Override the default Release Namespace for Helm
+namespaceOverride: null
+
+image:
+  # -- The image repository to pull from
+  repository: ghcr.io/tarampampam/3proxy
+  # -- Defines the image pull policy
+  pullPolicy: IfNotPresent
+  # -- Overrides the image tag whose default is the chart appVersion
+  tag: null
+
+deployment:
+  # -- Enable deployment
+  enabled: true
+  # -- The deployment kind
+  kind: Deployment
+  # -- How many replicas to run
+  replicas: 1
+  # -- Additional pod annotations (e.g. for mesh injection or prometheus scraping)
+  #    It supports templating. One can set it with values like some/name: '{{ template "some.name" . }}'
+  #    For more information checkout: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
+  podAnnotations: {} # supports templating
+  # -- Additional deployment labels (e.g. for filtering deployment by custom labels)
+  labels: {} # supports templating
+  # -- This is for the secretes for pulling an image from a private repository more information can be found
+  #    here: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
+  imagePullSecrets: [] # supports templating
+  # -- Security context for the pod, more information can be found here:
+  #    https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#security-context-1
+  securityContext:
+    runAsNonRoot: true
+    runAsUser: 10001  # as defined in the Dockerfile
+    runAsGroup: 10001 # as defined in the Dockerfile
+  probe:
+    # -- The port to probe (containerPort, "http" or "socks")
+    port: http
+    # -- How often (in seconds) to perform the probe
+    interval: 10
+    # -- Number of seconds after the container has started before liveness probes are initiated
+    initialDelay: 2
+  # -- Resource limits and requests, more information can be found here:
+  #    https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
+  resources:
+    requests: {memory: 16Mi}
+    limits: {memory: 128Mi}
+  # -- Additional volumes to add to the pod, more information can be found here:
+  #    https://kubernetes.io/docs/concepts/storage/volumes/
+  volumes: [] # supports templating
+  # -- Additional volumeMounts to add to the container (for instance when using fs storage driver)
+  volumeMounts: [] # supports templating
+  # -- Node selector for pod assignment, more information can be found here:
+  #    https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
+  nodeSelector: {} # supports templating
+  # -- Affinity for pod assignment, more information can be found here:
+  #    https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/
+  affinity: {} # supports templating
+  # -- Tolerations for pod assignment, more information can be found here:
+  #    https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/
+  tolerations: [] # supports templating
+  # -- The list of additional environment variables to set in the container
+  env: [] # supports templating
+  # -- The list of additional arguments to pass to the container
+  args: [] # supports templating
+
+service:
+  # -- Enable service
+  enabled: true
+  # -- Sets the service type more information can be found here:
+  #    https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types
+  type: ClusterIP
+  # -- External name for the service (for type=ExternalName)
+  externalName: null
+  # -- Sets the port, more information can be found here:
+  #    https://kubernetes.io/docs/concepts/services-networking/service/#field-spec-ports
+  ports:
+    # -- The port number for the proxy to listen on
+    http: 3128
+    # -- The same, but for socks proxy
+    socks: 1080
+
+config:
+  log:
+    # -- Enable logging (set to false to disable)
+    enabled: true
+    # -- The output log file
+    # @default /dev/stdout
+    output: null
+
+  auth:
+    login:
+      # -- Username (login) for proxy authentication, provided as a plain value
+      plain: null
+      fromSecret:
+        # -- Enable getting the username from a secret
+        enabled: false
+        secretName: null # supports templating
+        secretKey: null  # supports templating
+      fromConfigMap:
+        # -- Enable getting the username from a config map
+        enabled: false
+        configMapName: null # supports templating
+        configMapKey: null  # supports templating
+    password:
+      # -- Password for proxy authentication, provided as a plain value
+      plain: null
+      fromSecret:
+        # -- Enable getting the password from a secret
+        enabled: false
+        secretName: null # supports templating
+        secretKey: null  # supports templating
+      fromConfigMap:
+        # -- Enable getting the password from a config map
+        enabled: false
+        configMapName: null # supports templating
+        configMapKey: null  # supports templating
+    extraAccounts:
+      # -- The list of additional accounts to add to the configuration (a hashmap of username:password)
+      plain: {}
+      fromSecret:
+        # -- Enable getting the extra accounts from a secret (the value should be a JSON object)
+        enabled: false
+        secretName: null # supports templating
+        secretKey: null  # supports templating
+      fromConfigMap:
+        # -- Enable getting the extra accounts from a config map (the value should be a JSON object)
+        enabled: false
+        configMapName: null # supports templating
+        configMapKey: null  # supports templating
+
+  dns:
+    # -- Primary DNS server
+    # @default 1.0.0.1 (Cloudflare)
+    primaryResolver: null
+    # -- Secondary DNS server
+    # @default 8.8.4.4 (Google)
+    secondaryResolver: null
+
+  limits:
+    # -- The maximum number of connections
+    # @default 1024
+    maxConnections: null
+
+  # -- Additional 3proxy configuration (appended to the end of the config file, but before `proxy` and `flush`),
+  #    new lines should be separated by `\n`, i.e.: "# line 1\n# line 2"
+  extraConfig: null