TinyProxy Server 安裝設定
- 安裝環境 : Alpine 3 + Docker compose
使用 docker compose 方式
- 建立 Tinyproxy 設定檔 tinyproxy.conf
vi tinyproxy.conf
User nobody Group nogroup Port 3128 Listen 0.0.0.0 Timeout 600 LogFile "/var/log/tinyproxy/tinyproxy.log" LogLevel Info PidFile "/var/run/tinyproxy.pid" MaxClients 100 Allow 127.0.0.1 Allow 192.168.0.0/16 Allow 10.0.0.0/8 ViaProxyName "tinyproxy" ConnectPort 443 ConnectPort 563
- 針對實際 Client 的 IP 範圍加入 Allow 項目 Exp.
Allow 172.16.0.0/16
- 針對實際 需要 Fordward Proxy SSL Port 加入 ConnectPort 項目 Exp.
ConnectPort 8006
- 建立 Docker Compose 配置檔 docker-compose.yml 與第一次啟動
vi docker-compose.yml
services: tinyproxy: image: vimagick/tinyproxy hostname: tinyproxy container_name: tinyproxy environment: - TZ=Asia/Taipei ports: - "3128:3128" volumes: - ./tinyproxy.conf:/etc/tinyproxy/tinyproxy.conf:ro - ./logs:/var/log restart: always command: sh -c "mkdir -p /var/log/tinyproxy && chown -R nobody:nogroup /var/log/tinyproxy && tinyproxy -d" watchtower: container_name: watchtower image: containrrr/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock environment: - TZ=Asia/Taipei - WATCHTOWER_SCHEDULE=0 45 23 * * * - WATCHTOWER_CLEANUP=true labels: - "com.centurylinklabs.watchtower.enable=true" restart: unless-stopped
docker compose up -d
- 查看 docker compose 紀錄
docker compose logs -f
- 查看 tinyproxy 紀錄
# tail -f ~/logs/tinyproxy/tinyproxy.log INFO Sep 26 05:48:45.689 [1]: opensock: getaddrinfo returned for 192.168.11.1:80 CONNECT Sep 26 05:48:45.690 [1]: Established connection to host "192.168.11.1" using file descriptor 6. INFO Sep 26 05:48:45.692 [1]: Closed connection between local client (fd:5) and remote client (fd:6) CONNECT Sep 26 05:48:48.630 [1]: Connect (file descriptor 5): 192.168.11.8 CONNECT Sep 26 05:48:48.634 [1]: Request (file descriptor 5): GET http://192.168.11.1/system_status_data.asp HTTP/1.1 INFO Sep 26 05:48:48.635 [1]: No upstream proxy for 192.168.11.1 INFO Sep 26 05:48:48.635 [1]: opensock: opening connection to 192.168.11.1:80 INFO Sep 26 05:48:48.636 [1]: opensock: getaddrinfo returned for 192.168.11.1:80 CONNECT Sep 26 05:48:48.637 [1]: Established connection to host "192.168.11.1" using file descriptor 6. INFO Sep 26 05:48:48.639 [1]: Closed connection between local client (fd:5) and remote client (fd:6) :
常見問題
- Q:如何讓 log 檔只保留一段時間就好 Exp. 一年
- A: 在 host 安裝 logrotate 來進行處理
- 安裝 logrotate
apk add logrotate
- 編輯 /etc/logrotate.d/tinyproxy 設定保留一年
vi /etc/logrotate.d/tinyproxy
/root/logs/tinyproxy/tinyproxy.log { daily rotate 365 compress delaycompress missingok notifempty create 644 root root postrotate docker exec tinyproxy kill -HUP $(docker exec tinyproxy cat /var/run/tinyproxy.pid 2>/dev/null) 2>/dev/null || true endscript }
- 驗證執行
logrotate -d /etc/logrotate.d/tinyproxy