feat: add SmartProxy Docker image
This commit is contained in:
@@ -0,0 +1,86 @@
|
||||
# ht-docker-smartproxy
|
||||
|
||||
Multi-architecture Docker image for running `@push.rocks/smartproxy` as a daemon.
|
||||
|
||||
The image wraps SmartProxy with a small Node.js admin API so orchestrators such as Onebox can update routes without embedding the Node/Rust SmartProxy runtime into their own process.
|
||||
|
||||
## Build
|
||||
|
||||
```bash
|
||||
pnpm install
|
||||
pnpm build
|
||||
```
|
||||
|
||||
`tsdocker` builds `linux/amd64` and `linux/arm64` according to `.smartconfig.json`.
|
||||
|
||||
## Release
|
||||
|
||||
```bash
|
||||
pnpm release:docker
|
||||
```
|
||||
|
||||
The image is pushed as `code.foss.global/host.today/ht-docker-smartproxy`.
|
||||
|
||||
## Runtime
|
||||
|
||||
```bash
|
||||
docker run --rm \
|
||||
-p 80:80 \
|
||||
-p 443:443 \
|
||||
-p 3000:3000 \
|
||||
-v ./config.json:/etc/smartproxy/config.json:ro \
|
||||
code.foss.global/host.today/ht-docker-smartproxy:latest
|
||||
```
|
||||
|
||||
Environment variables:
|
||||
|
||||
- `SMARTPROXY_CONFIG`: config path, default `/etc/smartproxy/config.json`.
|
||||
- `SMARTPROXY_ADMIN_HOST`: admin bind host, default `0.0.0.0`.
|
||||
- `SMARTPROXY_ADMIN_PORT`: admin bind port, default `3000`.
|
||||
- `SMARTPROXY_ADMIN_TOKEN`: optional bearer token for admin endpoints.
|
||||
|
||||
## Admin API
|
||||
|
||||
- `GET /health`: health status.
|
||||
- `GET /routes`: current raw routes.
|
||||
- `PUT /routes`: replace routes with either an array or `{ "routes": [...] }`.
|
||||
- `POST /reload`: reload config from `SMARTPROXY_CONFIG` and restart SmartProxy.
|
||||
- `POST /security-policy`: update global security policy.
|
||||
- `GET /statistics`: SmartProxy runtime statistics.
|
||||
- `GET /listening-ports`: currently listening proxy ports.
|
||||
|
||||
## Config
|
||||
|
||||
The config is regular `ISmartProxyOptions` JSON with one daemon extension: `httpToHttpsRedirect`.
|
||||
|
||||
```json
|
||||
{
|
||||
"httpToHttpsRedirect": {
|
||||
"enabled": true,
|
||||
"httpPort": 80,
|
||||
"httpsPort": 443,
|
||||
"statusCode": 301
|
||||
},
|
||||
"routes": [
|
||||
{
|
||||
"name": "app-example-com",
|
||||
"match": {
|
||||
"ports": 443,
|
||||
"domains": "app.example.com",
|
||||
"protocol": "http"
|
||||
},
|
||||
"action": {
|
||||
"type": "forward",
|
||||
"targets": [{ "host": "app", "port": 3000 }],
|
||||
"tls": {
|
||||
"mode": "terminate",
|
||||
"certificate": {
|
||||
"key": "-----BEGIN PRIVATE KEY-----\\n...",
|
||||
"cert": "-----BEGIN CERTIFICATE-----\\n..."
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
Reference in New Issue
Block a user