87 lines
2.1 KiB
Markdown
87 lines
2.1 KiB
Markdown
# ht-docker-smartproxy
|
|
|
|
Multi-architecture Docker image for running `@push.rocks/smartproxy` as a daemon.
|
|
|
|
The image wraps SmartProxy with a small Node.js admin API so orchestrators such as Onebox can update routes without embedding the Node/Rust SmartProxy runtime into their own process.
|
|
|
|
## Build
|
|
|
|
```bash
|
|
pnpm install
|
|
pnpm build
|
|
```
|
|
|
|
`tsdocker` builds `linux/amd64` and `linux/arm64` according to `.smartconfig.json`.
|
|
|
|
## Release
|
|
|
|
```bash
|
|
pnpm release:docker
|
|
```
|
|
|
|
The image is pushed as `code.foss.global/host.today/ht-docker-smartproxy`.
|
|
|
|
## Runtime
|
|
|
|
```bash
|
|
docker run --rm \
|
|
-p 80:80 \
|
|
-p 443:443 \
|
|
-p 3000:3000 \
|
|
-v ./config.json:/etc/smartproxy/config.json:ro \
|
|
code.foss.global/host.today/ht-docker-smartproxy:latest
|
|
```
|
|
|
|
Environment variables:
|
|
|
|
- `SMARTPROXY_CONFIG`: config path, default `/etc/smartproxy/config.json`.
|
|
- `SMARTPROXY_ADMIN_HOST`: admin bind host, default `0.0.0.0`.
|
|
- `SMARTPROXY_ADMIN_PORT`: admin bind port, default `3000`.
|
|
- `SMARTPROXY_ADMIN_TOKEN`: optional bearer token for admin endpoints.
|
|
|
|
## Admin API
|
|
|
|
- `GET /health`: health status.
|
|
- `GET /routes`: current raw routes.
|
|
- `PUT /routes`: replace routes with either an array or `{ "routes": [...] }`.
|
|
- `POST /reload`: reload config from `SMARTPROXY_CONFIG` and restart SmartProxy.
|
|
- `POST /security-policy`: update global security policy.
|
|
- `GET /statistics`: SmartProxy runtime statistics.
|
|
- `GET /listening-ports`: currently listening proxy ports.
|
|
|
|
## Config
|
|
|
|
The config is regular `ISmartProxyOptions` JSON with one daemon extension: `httpToHttpsRedirect`.
|
|
|
|
```json
|
|
{
|
|
"httpToHttpsRedirect": {
|
|
"enabled": true,
|
|
"httpPort": 80,
|
|
"httpsPort": 443,
|
|
"statusCode": 301
|
|
},
|
|
"routes": [
|
|
{
|
|
"name": "app-example-com",
|
|
"match": {
|
|
"ports": 443,
|
|
"domains": "app.example.com",
|
|
"protocol": "http"
|
|
},
|
|
"action": {
|
|
"type": "forward",
|
|
"targets": [{ "host": "app", "port": 3000 }],
|
|
"tls": {
|
|
"mode": "terminate",
|
|
"certificate": {
|
|
"key": "-----BEGIN PRIVATE KEY-----\\n...",
|
|
"cert": "-----BEGIN CERTIFICATE-----\\n..."
|
|
}
|
|
}
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|