顯示頁面舊版反向連結Fold/unfold all回到頁頂 本頁是唯讀的,您可以看到原始碼,但不能更動它。您如果覺得它不應被鎖上,請詢問管理員。 ====== TinyProxy Server 安裝設定 ====== * 安裝環境 : Alpine 3 + Docker compose ====== 使用 docker compose 方式 ===== - 建立 Tinyproxy 設定檔 tinyproxy.conf <cli> vi tinyproxy.conf </cli><file> User nobody Group nogroup Port 3128 Listen 0.0.0.0 Timeout 600 LogFile "/var/log/tinyproxy/tinyproxy.log" LogLevel Info PidFile "/var/run/tinyproxy.pid" MaxClients 100 Allow 127.0.0.1 Allow 192.168.0.0/16 Allow 10.0.0.0/8 ViaProxyName "tinyproxy" ConnectPort 443 ConnectPort 563 </file> - 針對實際 **Client 的 IP 範圍加入 Allow 項目** Exp. <cli>Allow 172.16.0.0/16</cli> - 針對實際 **需要 Fordward Proxy SSL Port 加入 ConnectPort 項目** Exp. <cli>ConnectPort 8006</cli> - 建立 Docker Compose 配置檔 docker-compose.yml 與第一次啟動<cli> vi docker-compose.yml</cli><file> services: tinyproxy: image: vimagick/tinyproxy hostname: tinyproxy container_name: tinyproxy environment: - TZ=Asia/Taipei ports: - "3128:3128" volumes: - ./tinyproxy.conf:/etc/tinyproxy/tinyproxy.conf:ro - ./logs:/var/log restart: always command: sh -c "mkdir -p /var/log/tinyproxy && chown -R nobody:nogroup /var/log/tinyproxy && tinyproxy -d" watchtower: container_name: watchtower image: containrrr/watchtower volumes: - /var/run/docker.sock:/var/run/docker.sock environment: - TZ=Asia/Taipei - WATCHTOWER_SCHEDULE=0 45 23 * * * - WATCHTOWER_CLEANUP=true labels: - "com.centurylinklabs.watchtower.enable=true" restart: unless-stopped </file><cli> docker compose up -d </cli> - 查看 docker compose 紀錄<cli> docker compose logs -f </cli> - 查看 tinyproxy 紀錄<cli> # tail -f ~/logs/tinyproxy/tinyproxy.log INFO Sep 26 05:48:45.689 [1]: opensock: getaddrinfo returned for 192.168.11.1:80 CONNECT Sep 26 05:48:45.690 [1]: Established connection to host "192.168.11.1" using file descriptor 6. INFO Sep 26 05:48:45.692 [1]: Closed connection between local client (fd:5) and remote client (fd:6) CONNECT Sep 26 05:48:48.630 [1]: Connect (file descriptor 5): 192.168.11.8 CONNECT Sep 26 05:48:48.634 [1]: Request (file descriptor 5): GET http://192.168.11.1/system_status_data.asp HTTP/1.1 INFO Sep 26 05:48:48.635 [1]: No upstream proxy for 192.168.11.1 INFO Sep 26 05:48:48.635 [1]: opensock: opening connection to 192.168.11.1:80 INFO Sep 26 05:48:48.636 [1]: opensock: getaddrinfo returned for 192.168.11.1:80 CONNECT Sep 26 05:48:48.637 [1]: Established connection to host "192.168.11.1" using file descriptor 6. INFO Sep 26 05:48:48.639 [1]: Closed connection between local client (fd:5) and remote client (fd:6) : </cli> ===== 常見問題 ===== * Q:如何讓 log 檔只保留一段時間就好 Exp. 一年 * A: 在 host 安裝 logrotate 來進行處理 - 安裝 logrotate <cli>apk add logrotate</cli> - 編輯 /etc/logrotate.d/tinyproxy 設定保留一年<cli>vi /etc/logrotate.d/tinyproxy</cli><file> /root/logs/tinyproxy/tinyproxy.log { daily rotate 365 compress delaycompress missingok notifempty create 644 root root postrotate docker exec tinyproxy kill -HUP $(docker exec tinyproxy cat /var/run/tinyproxy.pid 2>/dev/null) 2>/dev/null || true endscript } </file> - 驗證執行 <cli>logrotate -d /etc/logrotate.d/tinyproxy</cli> * ++看結果|<cli> tinyproxy-235:~# logrotate -d /etc/logrotate.d/tinyproxy warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want. reading config file /etc/logrotate.d/tinyproxy Reading state from file: /var/lib/logrotate.status state file /var/lib/logrotate.status does not exist Allocating hash table for state file, size 64 entries Handling 1 logs rotating pattern: /root/logs/tinyproxy/tinyproxy.log after 1 days (365 rotations) empty log files are not rotated, old logs are removed considering log /root/logs/tinyproxy/tinyproxy.log Creating new state Now: 2024-09-26 17:52 Last rotated at 2024-09-26 17:00 log does not need rotating (log has already been rotated) </cli>++ ===== 相關參考資料 ===== * https://claude.ai/ {{tag>squid proxy 安裝}} tech/tinyproxy.txt 上一次變更: 2024/09/26 17:53由 jonathan