diff --git a/privoxy/Dockerfile b/privoxy/Dockerfile index 5861bdd..1a30976 100644 --- a/privoxy/Dockerfile +++ b/privoxy/Dockerfile @@ -5,10 +5,11 @@ FROM alpine MAINTAINER kev -ADD https://github.com/tianon/gosu/releases/download/1.4/gosu-amd64 /usr/sbin/gosu - -RUN apk add -U iptables privoxy \ +RUN set -xe \ + && apk add -U curl privoxy \ + && curl -sSL https://github.com/tianon/gosu/releases/download/1.9/gosu-amd64 > /usr/sbin/gosu \ && chmod +x /usr/sbin/gosu \ + && apk del curl \ && rm -rf /var/cache/apk/* RUN sed -i -e '/^listen-address/s/127.0.0.1/0.0.0.0/' \ @@ -17,26 +18,7 @@ RUN sed -i -e '/^listen-address/s/127.0.0.1/0.0.0.0/' \ -e '/^#debug/s/#//' /etc/privoxy/config VOLUME /etc/privoxy + EXPOSE 8118 -CMD echo "{+block{self}}" >> /etc/privoxy/user.action \ - && ip a s eth0 | grep -w inet | awk '{print $2}' | cut -d/ -f1 >> /etc/privoxy/user.action \ - && ip r s | grep default | awk '{print $3}' >> /etc/privoxy/user.action \ - && iptables -t filter -P OUTPUT DROP \ - && iptables -t filter -A OUTPUT -p udp --dport 53 -j ACCEPT \ - && iptables -t filter -A OUTPUT -p tcp \ - -m multiport --dports 53,80,443,8118 \ - -j ACCEPT \ - && iptables -t filter -A OUTPUT -p tcp \ - -m state --state ESTABLISHED,RELATED \ - -j ACCEPT \ - && iptables -t filter -A OUTPUT -p udp \ - -m state --state ESTABLISHED,RELATED \ - -j ACCEPT \ - && iptables -t filter -A OUTPUT -p tcp \ - -m owner --uid-owner privoxy \ - -j ACCEPT \ - && iptables -t nat -A OUTPUT -p tcp --dport 80 \ - -m owner ! --uid-owner privoxy \ - -j REDIRECT --to-ports 8118 \ - && gosu privoxy privoxy --no-daemon /etc/privoxy/config +CMD gosu privoxy privoxy --no-daemon /etc/privoxy/config diff --git a/privoxy/README.md b/privoxy/README.md index 7dcb3eb..576c33b 100644 --- a/privoxy/README.md +++ b/privoxy/README.md @@ -1,9 +1,9 @@ privoxy ======= -[![](https://badge.imagelayers.io/vimagick/privoxy:latest.svg)](https://imagelayers.io/?images=vimagick/privoxy:latest) +![](https://badge.imagelayers.io/vimagick/privoxy:latest.svg) -`Privoxy` is a non-caching web proxy with advanced filtering capabilities for +[Privoxy][1] is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and @@ -22,7 +22,7 @@ networks. file: docker-compose.yml -``` +```yaml privoxy: image: vimagick/privoxy ports: @@ -43,12 +43,11 @@ file: user.action {+block} 127.0.0.1 -104.156.239.190 +45.32.57.113 .easypi.info - ``` -> Make sure you block ip/domain which point to server itself. +> :warning: Make sure you block ip/domain which point to server itself. file: user.filter @@ -59,7 +58,7 @@ s|||gisU ## server -``` +```bash $ cd ~/fig/privoxy/ $ docker-compose up -d $ docker-compose logs @@ -78,9 +77,11 @@ privoxy_1 | 2015-06-28 17:48:53.069 7ff17bff3ab0 Request: www.example.org/ ## client -``` +```bash $ http_proxy=127.0.0.1:8118 wget -O- http://www.example.org $ docker run --rm --net container:privoxy_privoxy_1 alpine wget -O- http://www.example.org ``` In both cases, you will see `` in output. + +[1]: https://www.privoxy.org/