Public | Automated Build

Last pushed: 2 years ago
Short Description
Secure Proxy (frontend:nghttpx; backend:squid3)
Full Description

Requirement

  • Docker 1.0
  • A domain and an SSL certificate signed by a trusted CA, (e.g. StartSSL.com)
  • Google Chrome

Installation

  1. Build image (as root)

     $ docker pull catatnight/secureproxy
     $ wget https://raw.githubusercontent.com/catatnight/docker-secureproxy/master/manage.py
     $ chmod +x manage.py
    
  2. Save SSL certs (same directory as where manage.py is)

     $ mkdir -p certs
     $ cp {file.key,file.crt} certs/
    

Usage

  1. Create container and manage it (as root)

    • Uses a RADIUS server for login validation

        $ ./manage.py create -p 1234 --radius_server 6.7.8.9 --radius_secret radpass
      
    • Uses an NCSA-style username and password file

        $ ./manage.py create -p 1234 --ncsa_users user1:pwd1[,user2:pwd2,...]
      
    • General usage

        $ ./manage.py -h
        usage: manage.py [-h] [-p PROXY_PORT] [--radius_server RADIUS_SERVER]
                 [--radius_secret RADIUS_SECRET] [--ncsa_users NCSA_USERS]
                 {create,start,stop,restart,delete}
      
  2. Using a Secure Web Proxy with Chrome by three optional ways

    1. add command-line argument --proxy-server=https://<your.proxy.domain>:<proxy_port>
    2. proxy auto-config (PAC) file

       function FindProxyForURL(url, host) {
           return "HTTPS <your.proxy.domain>:<proxy_port>";
       }
      
    3. chrome extension SwitchyOmega|falcon proxy

Note

  • squid3 needs to use port 3128
  • accounting information (data transfer) will be sent to a RADIUS server everyday by squid2radius
  • swap needed on host machine since docker 0.10 (especially to DigitalOcean user)

Reference

Docker Pull Command
Owner
catatnight
Source Repository

Comments (0)