dockerfiles/privoxy/Dockerfile

#
# Dockerfile for privoxy
#

FROM alpine
MAINTAINER kev <noreply@datageek.info>

ADD https://github.com/tianon/gosu/releases/download/1.4/gosu-amd64 /usr/sbin/gosu

RUN apk add -U iptables privoxy \
    && chmod +x /usr/sbin/gosu \
    && rm -rf /var/cache/apk/*

RUN sed -i -e '/^listen-address/s/127.0.0.1/0.0.0.0/' \
           -e '/^accept-intercepted-requests/s/0/1/' \
           -e '/^#debug/s/#//' /etc/privoxy/config

VOLUME /etc/privoxy
EXPOSE 8118

CMD iptables -t filter -P OUTPUT DROP \
    && iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT \
    && iptables -t filter -A OUTPUT -p tcp \
                -m multiport --dports 53,80,443,8118 \
                -j ACCEPT \
    && iptables -t filter -A OUTPUT -p tcp \
                -m state --state ESTABLISHED,RELATED \
                -j ACCEPT \
    && iptables -t filter -A OUTPUT -p udp \
                -m state --state ESTABLISHED,RELATED \
                -j ACCEPT \
    && iptables -t filter -A OUTPUT -p tcp \
                -m owner --uid-owner privoxy \
                -j ACCEPT \
    && iptables -t nat -A OUTPUT -p tcp \
                -m multiport --dports 80,443 \
                -m owner ! --uid-owner privoxy \
                -j REDIRECT --to-ports 8118 \
    && gosu privoxy privoxy --no-daemon /etc/privoxy/config
add privoxy 2015-06-29 00:58:36 +08:00			`#`
			`# Dockerfile for privoxy`
			`#`

			`FROM alpine`
			`MAINTAINER kev <noreply@datageek.info>`

update 2015-06-29 01:18:53 +08:00			`ADD https://github.com/tianon/gosu/releases/download/1.4/gosu-amd64 /usr/sbin/gosu`

			`RUN apk add -U iptables privoxy \`
			`&& chmod +x /usr/sbin/gosu \`
add privoxy 2015-06-29 00:58:36 +08:00			`&& rm -rf /var/cache/apk/*`

update 2015-06-29 01:18:53 +08:00			`RUN sed -i -e '/^listen-address/s/127.0.0.1/0.0.0.0/' \`
			`-e '/^accept-intercepted-requests/s/0/1/' \`
update 2015-06-29 01:52:38 +08:00			`-e '/^#debug/s/#//' /etc/privoxy/config`
update 2015-06-29 01:18:53 +08:00
add privoxy 2015-06-29 00:58:36 +08:00			`VOLUME /etc/privoxy`
			`EXPOSE 8118`

update 2015-06-29 03:57:52 +08:00			`CMD iptables -t filter -P OUTPUT DROP \`
			`&& iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT \`
			`&& iptables -t filter -A OUTPUT -p tcp \`
			`-m multiport --dports 53,80,443,8118 \`
			`-j ACCEPT \`
			`&& iptables -t filter -A OUTPUT -p tcp \`
			`-m state --state ESTABLISHED,RELATED \`
			`-j ACCEPT \`
			`&& iptables -t filter -A OUTPUT -p udp \`
			`-m state --state ESTABLISHED,RELATED \`
			`-j ACCEPT \`
			`&& iptables -t filter -A OUTPUT -p tcp \`
			`-m owner --uid-owner privoxy \`
			`-j ACCEPT \`
			`&& iptables -t nat -A OUTPUT -p tcp \`
			`-m multiport --dports 80,443 \`
			`-m owner ! --uid-owner privoxy \`
			`-j REDIRECT --to-ports 8118 \`
update 2015-06-29 01:18:53 +08:00			`&& gosu privoxy privoxy --no-daemon /etc/privoxy/config`