Public | Automated Build

Last pushed: 2 years ago
Short Description
Secure Proxy (frontend:nghttpx; backend:squid3)
Full Description


  • Docker 1.0
  • A domain and an SSL certificate signed by a trusted CA, (e.g.
  • Google Chrome


  1. Build image (as root)

     $ docker pull catatnight/secureproxy
     $ wget
     $ chmod +x
  2. Save SSL certs (same directory as where is)

     $ mkdir -p certs
     $ cp {file.key,file.crt} certs/


  1. Create container and manage it (as root)

    • Uses a RADIUS server for login validation

        $ ./ create -p 1234 --radius_server --radius_secret radpass
    • Uses an NCSA-style username and password file

        $ ./ create -p 1234 --ncsa_users user1:pwd1[,user2:pwd2,...]
    • General usage

        $ ./ -h
        usage: [-h] [-p PROXY_PORT] [--radius_server RADIUS_SERVER]
                 [--radius_secret RADIUS_SECRET] [--ncsa_users NCSA_USERS]
  2. Using a Secure Web Proxy with Chrome by three optional ways

    1. add command-line argument --proxy-server=https://<your.proxy.domain>:<proxy_port>
    2. proxy auto-config (PAC) file

       function FindProxyForURL(url, host) {
           return "HTTPS <your.proxy.domain>:<proxy_port>";
    3. chrome extension SwitchyOmega|falcon proxy


  • squid3 needs to use port 3128
  • accounting information (data transfer) will be sent to a RADIUS server everyday by squid2radius
  • swap needed on host machine since docker 0.10 (especially to DigitalOcean user)


Docker Pull Command
Source Repository