A proxy server that redirects based on the
Host header (HTTP) or Server Name
Identification header (HTTPS) present in the request.
Most aspects of
sniproxy are configured in environment variables. This is in
contrast to many
sniproxy containers seen which either hardcode configurations
or expect to be provided with a hand-crafted configuration file.
The following are global settings for
sniproxy, these should not need
modification but are listed for documentation purposes:
nobody): The user
sniproxyruns as after binding
SNIPROXY_PIDFILE: The PID file to write the
sniproxy will use the configuration in
also incorporates its own resolver and can make decisions based on that.
DNS servers are specified using parameters
increments starting at 0. These specify individual nameservers to try.
DNS domain search order is specified using parameters
n incrementing from 0.
Finally, you can specify
SNIPROXY_NS_MODE to dictate the resolution mode:
ipv4_only: Only resolve IPv4 addresses
ipv6_only: Only resolve IPv6 addresses
ipv4_first: Resolve both IPv4 and IPv6 but try IPv4 first
ipv6_first: Resolve both IPv4 and IPv6 but try IPv6 first
Listening socket configuration
The port numbers used by
sniproxy, protocol types and redirection tables are
defined using the following parameters. In all of these, the
n is an integer
that increments from 0 for each socket being configured.
Protocol in use, either
SNIPROXY_LISTENn_PORT: (Required) TCP port number to use.
SNIPROXY_LISTENn_ADDR: (Optional) Bind address for socket. Default is to
bind to all possible addresses. (aka
0.0.0.0on IPv4 or
SNIPROXY_LISTENn_FALLBACK: (Optional) Address and port number of a server
to direct clients to in the event that
sniproxycan't figure out what server
SNIPROXY_LISTENn_SOURCE: (Optional) Source IP to use for requests to the
SNIPROXY_LISTENn_TABLE: (Optional) Redirection table to use for this socket.
By default, the default table is used. This should be the name of a table
given in the proxy table configuration.
Proxy table configuration
The actual source/destination mapping tables are defined here. Table
hard-coded as being the "default" table, all tables following
0 must be named
explicitly using the parameter
The source hostname pattern and destination address/port is specified using
SNIPROXY_TABLEn_SRCm (source pattern) and
SNIPROXY_TABLEn_DESTm (destination address).
SNIPROXY_USER presently has no effect as
supervisord requires we run
sniproxy in the foreground and
sniproxy does not allow us to drop privileges
and remain in the foreground. This issue has been raised