mirror of
https://github.com/3proxy/3proxy.git
synced 2026-05-13 13:57:26 +00:00
Dockerfiles updates:
- Build distroless from scratch - Static linking with NOSTDRESOLVE for minimal - SSLPlugin is supported in full, including chroot configuration - No need to specify full path for plugins chroot provides no additional security due to distroless, but is still supported for compatiblity reasons. Plugins, including SSL should work in chroot configuration. --read-only is recommended, no tmp directories are required.
This commit is contained in:
Vladimir Dubrovin
parent
238ed094dd
commit
98f8ec1464
2 changed files with 63 additions and 56 deletions
|
|
@ -1,41 +1,38 @@
|
|||
# dockerfile for "interactive" minimal 3proxy execution, no configuration mounting is required, configuration
|
||||
# is accepted from stdin. Use "end" command to indicate the end of configuration. Use "log" for stdout logging.
|
||||
#
|
||||
# This is busybox based docker with only 3proxy static executable and empty non-writable "run" directory.
|
||||
# Examples are for podman. For docker change 'podman' to 'docker'.
|
||||
#
|
||||
# "plugin" is not supported
|
||||
# This is busybox based docker with only 3proxy static executable.
|
||||
#
|
||||
# Limitations for minimal version:
|
||||
# no support for plugins, IPv6, RADIUS, system resolver.
|
||||
# 'nserver' or 'fakeresolve' are mandatory in configuration.
|
||||
#
|
||||
# Build:
|
||||
#
|
||||
# docker build -f Dockerfile.minimal -t 3proxy.minimal .
|
||||
# podman build -f Dockerfile.minimal -t 3proxy.minimal .
|
||||
#
|
||||
# Run example:
|
||||
#
|
||||
# docker run -i -p 3129:3129 --name 3proxy 3proxy.minimal
|
||||
# podman run --read-only -i -p 3129:3129 --name 3proxy 3proxy.minimal
|
||||
#or
|
||||
# docker start -i 3proxy
|
||||
#<chroot run 65535 65535
|
||||
# podman start -ai 3proxy
|
||||
#<nserver 8.8.8.8
|
||||
#<nscache 65535
|
||||
#<log
|
||||
#<proxy -p3129
|
||||
#<end
|
||||
#
|
||||
# use "chroot run 65536 65536" in config for safe chroot environment. nserver is required for DNS resolutions in chroot.
|
||||
|
||||
|
||||
FROM gcc AS buildenv
|
||||
FROM docker.io/gcc AS buildenv
|
||||
COPY . 3proxy
|
||||
RUN cd 3proxy &&\
|
||||
echo "">>Makefile.Linux &&\
|
||||
echo LDFLAGS = -fPIC -O2 -fno-strict-aliasing -pthread >>Makefile.Linux &&\
|
||||
echo PLUGINS = >>Makefile.Linux &&\
|
||||
echo LIBS = >>Makefile.Linux &&\
|
||||
echo CFLAGS = -g -fPIC -O2 -fno-strict-aliasing -c -pthread -DWITHSPLICE -D_GNU_SOURCE -DGETHOSTBYNAME_R -D_THREAD_SAFE -D_REENTRANT -DNOODBC -DWITH_STD_MALLOC -DFD_SETSIZE=4096 -DWITH_POLL -DWITH_NETFILTER -DNOPLUGINS >>Makefile.Linux &&\
|
||||
make -f Makefile.Linux &&\
|
||||
export "LDFLAGS=-static" &&\
|
||||
export "CFLAGS=-DNOPLUGINS -DNORADIUS -DNOIPV6 -DNOODBC -DNOCRYPT -DNOSTDRESOLVE" &&\
|
||||
make -f Makefile.Linux PLUGINS= LIBS= &&\
|
||||
strip bin/3proxy
|
||||
|
||||
FROM busybox:glibc
|
||||
FROM scratch
|
||||
COPY --from=buildenv 3proxy/bin/3proxy /bin/3proxy
|
||||
RUN mkdir /run && chmod 555 /run
|
||||
CMD ["/bin/3proxy"]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue