2.1 KiB
2.1 KiB
ht-docker-smartproxy
Multi-architecture Docker image for running @push.rocks/smartproxy as a daemon.
The image wraps SmartProxy with a small Node.js admin API so orchestrators such as Onebox can update routes without embedding the Node/Rust SmartProxy runtime into their own process.
Build
pnpm install
pnpm build
tsdocker builds linux/amd64 and linux/arm64 according to .smartconfig.json.
Release
pnpm release:docker
The image is pushed as code.foss.global/host.today/ht-docker-smartproxy.
Runtime
docker run --rm \
-p 80:80 \
-p 443:443 \
-p 3000:3000 \
-v ./config.json:/etc/smartproxy/config.json:ro \
code.foss.global/host.today/ht-docker-smartproxy:latest
Environment variables:
SMARTPROXY_CONFIG: config path, default/etc/smartproxy/config.json.SMARTPROXY_ADMIN_HOST: admin bind host, default0.0.0.0.SMARTPROXY_ADMIN_PORT: admin bind port, default3000.SMARTPROXY_ADMIN_TOKEN: optional bearer token for admin endpoints.
Admin API
GET /health: health status.GET /routes: current raw routes.PUT /routes: replace routes with either an array or{ "routes": [...] }.POST /reload: reload config fromSMARTPROXY_CONFIGand restart SmartProxy.POST /security-policy: update global security policy.GET /statistics: SmartProxy runtime statistics.GET /listening-ports: currently listening proxy ports.
Config
The config is regular ISmartProxyOptions JSON with one daemon extension: httpToHttpsRedirect.
{
"httpToHttpsRedirect": {
"enabled": true,
"httpPort": 80,
"httpsPort": 443,
"statusCode": 301
},
"routes": [
{
"name": "app-example-com",
"match": {
"ports": 443,
"domains": "app.example.com",
"protocol": "http"
},
"action": {
"type": "forward",
"targets": [{ "host": "app", "port": 3000 }],
"tls": {
"mode": "terminate",
"certificate": {
"key": "-----BEGIN PRIVATE KEY-----\\n...",
"cert": "-----BEGIN CERTIFICATE-----\\n..."
}
}
}
}
]
}