add docker

devnullvoid · devnullvoid · commit f9f4f9cb85f1 · 2025-04-28T05:06:50.000-04:00
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,27 @@
+# Git
+.git
+.gitignore
+
+# Build artifacts
+build/
+
+# Docker files
+Dockerfile
+docker-compose.yml
+.dockerignore
+README.docker.md
+
+# Editor files
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# Temporary files
+*.tmp
+*.temp
+*.log
+
+# OS specific files
+.DS_Store
+Thumbs.db
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,52 @@
+FROM golang:1.24-alpine AS builder
+
+# Set working directory
+WORKDIR /app
+
+# Copy go.mod and go.sum files
+COPY go.mod ./
+
+# Download dependencies
+RUN go mod download
+
+# Copy the source code
+COPY . .
+
+# Build the application
+RUN CGO_ENABLED=0 GOOS=linux go build -o reverse-soxy ./cmd/reverse-soxy
+
+# Create a minimal image for running the application
+FROM alpine:latest
+
+# Install ca-certificates for HTTPS connections
+RUN apk --no-cache add ca-certificates
+
+# Create a non-root user
+RUN addgroup -S appgroup && adduser -S appuser -G appgroup
+
+# Set working directory
+WORKDIR /app
+
+# Copy the binary from the builder stage
+COPY --from=builder /app/reverse-soxy .
+
+# Create a directory for configuration files
+RUN mkdir -p /app/config && \
+    chown -R appuser:appgroup /app
+
+# Switch to non-root user
+USER appuser
+
+# Expose ports
+# SOCKS5 proxy port
+EXPOSE 1080
+# Tunnel listen port
+EXPOSE 9000
+# Relay listen port
+EXPOSE 9000
+
+# Set the entrypoint
+ENTRYPOINT ["/app/reverse-soxy"]
+
+# Default command (can be overridden)
+CMD ["--proxy-listen-addr", "0.0.0.0:1080", "--tunnel-listen-port", "9000", "--secret", "changeme"]
diff --git a/README.docker.md b/README.docker.md
@@ -0,0 +1,130 @@
+# Docker Setup for Reverse-SOXY
+
+This document provides instructions for running Reverse-SOXY in Docker containers.
+
+## Prerequisites
+
+- [Docker](https://docs.docker.com/get-docker/)
+- [Docker Compose](https://docs.docker.com/compose/install/) (optional, for running multi-container setups)
+
+## Building the Docker Image
+
+To build the Docker image:
+
+```bash
+docker build -t reverse-soxy .
+```
+
+## Running with Docker
+
+### Proxy Mode
+
+```bash
+docker run -p 1080:1080 -p 9000:9000 reverse-soxy --proxy-listen-addr 0.0.0.0:1080 --tunnel-listen-port 9000 --secret yourSecretHere
+```
+
+### Agent Mode
+
+```bash
+docker run reverse-soxy --tunnel-addr proxy.host:9000 --secret yourSecretHere
+```
+
+### Relay Mode
+
+```bash
+docker run -p 9000:9000 reverse-soxy --mode relay --relay-listen-port 9000 --secret yourSecretHere
+```
+
+### Proxy via Relay Mode
+
+```bash
+docker run -p 1080:1080 reverse-soxy --mode proxy --register --relay-addr relay.host:9000 --proxy-listen-addr 0.0.0.0:1080 --secret yourSecretHere
+```
+
+### Agent via Relay Mode
+
+```bash
+docker run reverse-soxy --mode agent --relay-addr relay.host:9000 --secret yourSecretHere
+```
+
+## Running with Docker Compose
+
+The included `docker-compose.yml` file provides configurations for all modes of operation.
+
+### Setting a Secure Secret
+
+Before running, set a secure secret:
+
+```bash
+export SECRET=yourSecretHere
+```
+
+### Running Different Setups
+
+#### Direct Proxy and Agent
+
+```bash
+# Start the proxy
+docker-compose up proxy
+
+# In another terminal, start the agent
+docker-compose up agent
+```
+
+#### Relay Server with Proxy and Agent
+
+```bash
+# Start the relay server
+docker-compose up relay
+
+# In another terminal, start the proxy via relay
+docker-compose up proxy-via-relay
+
+# In another terminal, start the agent via relay
+docker-compose up agent-via-relay
+```
+
+## Configuration
+
+### Environment Variables
+
+- `SECRET`: The shared secret for encryption/authentication
+- `PROXY_HOST`: The hostname of the proxy (for agent mode)
+- `RELAY_HOST`: The hostname of the relay server (for proxy-via-relay and agent-via-relay modes)
+
+### Custom Configuration File
+
+You can mount a custom YAML configuration file:
+
+```bash
+docker run -v /path/to/your/config.yml:/app/config/config.yml reverse-soxy --config /app/config/config.yml --secret yourSecretHere
+```
+
+## Security Considerations
+
+- Always use a strong, unique secret for each deployment
+- Consider using Docker secrets or environment variables for the secret in production
+- The default configuration exposes ports to all interfaces (0.0.0.0) within the container, so be careful with port mappings
+- In production, consider using a non-root user in the container
+
+## Troubleshooting
+
+### Debugging
+
+Add the `--debug` flag to enable debug logging:
+
+```bash
+docker run reverse-soxy --secret yourSecretHere --debug
+```
+
+### Checking Container Logs
+
+```bash
+docker logs <container_id>
+```
+
+### Inspecting a Running Container
+
+```bash
+docker exec -it <container_id> /bin/sh
+```
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,74 @@
+version: '3'
+
+services:
+  # Proxy mode service
+  proxy:
+    build: .
+    ports:
+      - "1080:1080"  # SOCKS5 proxy port
+      - "9000:9000"  # Tunnel listen port
+    environment:
+      - SECRET=changeme  # Change this to a secure secret
+    command: >
+      --proxy-listen-addr 0.0.0.0:1080
+      --tunnel-listen-port 9000
+      --secret ${SECRET:-changeme}
+      --debug
+
+  # Agent mode service
+  agent:
+    build: .
+    environment:
+      - SECRET=changeme  # Change this to a secure secret
+      - PROXY_HOST=proxy  # Change this to your proxy host if not using docker-compose networking
+    command: >
+      --tunnel-addr ${PROXY_HOST:-proxy}:9000
+      --secret ${SECRET:-changeme}
+      --debug
+    depends_on:
+      - proxy
+
+  # Relay mode service
+  relay:
+    build: .
+    ports:
+      - "9000:9000"  # Relay listen port
+    environment:
+      - SECRET=changeme  # Change this to a secure secret
+    command: >
+      --mode relay
+      --relay-listen-port 9000
+      --secret ${SECRET:-changeme}
+      --debug
+
+  # Proxy via Relay mode service
+  proxy-via-relay:
+    build: .
+    ports:
+      - "1080:1080"  # SOCKS5 proxy port
+    environment:
+      - SECRET=changeme  # Change this to a secure secret
+      - RELAY_HOST=relay  # Change this to your relay host if not using docker-compose networking
+    command: >
+      --mode proxy
+      --register
+      --relay-addr ${RELAY_HOST:-relay}:9000
+      --proxy-listen-addr 0.0.0.0:1080
+      --secret ${SECRET:-changeme}
+      --debug
+    depends_on:
+      - relay
+
+  # Agent via Relay mode service
+  agent-via-relay:
+    build: .
+    environment:
+      - SECRET=changeme  # Change this to a secure secret
+      - RELAY_HOST=relay  # Change this to your relay host if not using docker-compose networking
+    command: >
+      --mode agent
+      --relay-addr ${RELAY_HOST:-relay}:9000
+      --secret ${SECRET:-changeme}
+      --debug
+    depends_on:
+      - relay
