docker-proxy-socks

A docker image for proxy sock5 with autossh and sshpass.

What is a Proxy Socks ?

From Wikipedia:

SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.

• SSH documentation : https://man.openbsd.org/ssh
• OpenSSH Official Website : https://www.openssh.com

How to use these images

All the lines commented in the examples below should be adapted to your environment.

Note: --user $(id -u):$(id -g) should work out of the box on linux systems. If your docker host run on windows or if you want specify an other user id and group id just replace with the appropriates values.

With Docker

docker run \
    --detach \
    --interactive \
    --name proxy \
    --user $(id -u):$(id -g) \
    #--publish 7890:7890 \
    #--env REMOTEHOST=remote_ssh_host \
    #--env REMOTEUSER=remote_ssh_user \
    #--env REMOTEPWD=remote_ssh_password \
    #--env REMOTEPORT=remote_ssh_port \
    #--env LOCALPORT=7890 \
    #--env TZ=Europe/Paris \
    --volume /etc/localtime:/etc/localtime:ro \
    #--volume ./config:/config \
    ghcr.io/jee-r/proxy-socks:latest

With Docker Compose

docker-compose can help with defining the docker run config in a repeatable way rather than ensuring you always pass the same CLI arguments.

Here's an example docker-compose.yml config:

version: '3'

services:
  beets:
    image: ghcr.io/jee-r/proxy-socks:latest
    container_name: proxy-socks
    restart: unless-stopped
    user: $(id -u):$(id -g)
    #ports:
      # - 7890:7890
    #environment:
      #- REMOTEHOST=remote_ssh_host
      #- REMOTEUSER=remote_ssh_user
      #- REMOTEPWD=remote_ssh_password
      #- REMOTEPORT=remote_ssh_port
      #- LOCALPORT=7890
      #- TZ=Europe/Paris
    volumes:
      #- ./config:/config
      - /etc/localtime:/etc/localtime:ro
    healthcheck:
      test: ["CMD", "curl", "-Ss", "--socks5", "127.0.0.1:7890", "--connect-timeout", "100", "--max-time", "119", "https://ifconfig.co"]
      interval: 240s
      timeout: 120s

Volume mounts

Due to the ephemeral nature of Docker containers these images provide a number of optional volume mounts to persist data outside of the container:

• /config contain :
  • key: private ssh key (600).
  • key.pub: public ssh key (755)
• /etc/localtime: This directory allow to have the same time in the container as on the host.

You should create directory before run the container otherwise directories are created by the docker deamon and owned by the root user

Environment variables

• REMOTEHOST: Remote SSH host can be an IPV4 or a FQDN .
• REMOTEUSER: Remote SSH user.
• REMOTEPWD: Remote SSH passord.
• REMOTEPORT: Remote SSH port.
• LOCALPORT: Local forwarded port (default: 7890).
• TZ: To change the timezone of the container set the TZ environment variable. The full list of available options can be found on Wikipedia.

Ports

• 7890: Default local forwarded port

Troubleshooting

• No user exists for uid <uid> :

  copy passwd file edit the line below with the appropriate UID and GID

  abc:x:<UID>:<GID>:abc:/config:/bin/ash
  

  and mount it as a volume

  • docker-compose.yaml

  ...
  volumes:
      - ./config:/config
      - /etc/localtime:/etc/localtime:ro
      - ./passwd:/etc/passwd:ro
  ...
  

License

This project is under the GNU Generic Public License v3 to allow free use while ensuring it stays open.