Home Proxy Docker Image
This image configures a Nginx instance to play the role of a web gateway for your home LAN.
It also creates a SSH tunnel through a given server so that we can give an access to our LAN through the internet without the need to configure any port in your NAT.
On your server, you have to configure the SSH server so that reverse ssh tunnel are possible.
You have to add this setting in your /etc/ssh/sshd_config:
It's also preferable to disable TCPKeepAlive and keep the connection with ClientAlive* options:
SSH tunnel user
On the server, create a user tha will create the tunnel. For that we will create a user that can only login using SSH keys.
$ adduser --sytem --no-create-home --disabled-password --shell /bin/false sshtunnel
Docker Image volumes
The image will share two volumes with the host to share some files.
The first one is "/config" and contains the keys to connect to the sshtunnel account, the domain name of the server and other configuration files concerning the local websites behind this gateway.
key.private: the file containing the private key for the sshtunnel user (should be readable only by the owner or the sshtunnel will complain)
key.public: the file containing the public key for th sshtunnel user (should be copied on the authorized_keys file on the server) (should be readable only by the owner or the sshtunnel will complain)
known_hosts: server ssh key fingerprint, if you don't give that, the tunnel will block waiting for the user to accept the fingerprint, which will never happen...
nginx_variables: a file that is included in the Nginx configuration to set variables
sites : a directory containing configuration files for your local websites
remote : sites visible from the outside world
local: sites visible only from the insided (useful if you use a local DNS)
How to launch this image
docker run -d --restart=always -v /path/to/config:/config -v /path/to/www:/var/www -p 80:80 haelty/homeproxy