{"id":17661020,"url":"https://github.com/soulteary/docker-nginx-forward-proxy","last_synced_at":"2025-04-15T17:46:51.676Z","repository":{"id":50746908,"uuid":"333098430","full_name":"soulteary/docker-nginx-forward-proxy","owner":"soulteary","description":"For Centrally manage application export traffic, A/B testing, etc. Perhaps the smallest nginx forward proxy server docker images.","archived":false,"fork":false,"pushed_at":"2024-07-25T10:36:12.000Z","size":6,"stargazers_count":31,"open_issues_count":0,"forks_count":10,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-28T23:11:18.978Z","etag":null,"topics":["docker","nginx","nginx-proxy"],"latest_commit_sha":null,"homepage":"https://hub.docker.com/r/soulteary/docker-nginx-forward-proxy","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/soulteary.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-26T13:46:28.000Z","updated_at":"2025-03-11T14:13:03.000Z","dependencies_parsed_at":"2024-12-06T16:49:27.115Z","dependency_job_id":"df31a24b-6e59-4366-84ae-2be871c3ed4d","html_url":"https://github.com/soulteary/docker-nginx-forward-proxy","commit_stats":{"total_commits":6,"total_committers":2,"mean_commits":3.0,"dds":"0.16666666666666663","last_synced_commit":"c9d8434193de728d5aaa95c1673731585426a310"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soulteary%2Fdocker-nginx-forward-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soulteary%2Fdocker-nginx-forward-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soulteary%2Fdocker-nginx-forward-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/soulteary%2Fdocker-nginx-forward-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/soulteary","download_url":"https://codeload.github.com/soulteary/docker-nginx-forward-proxy/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249124281,"owners_count":21216648,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker","nginx","nginx-proxy"],"created_at":"2024-10-23T17:09:55.757Z","updated_at":"2025-04-15T17:46:51.653Z","avatar_url":"https://github.com/soulteary.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Docker Nginx Forward Proxy\n\nFor Centrally manage application export traffic, A/B testing, etc.\n\nPerhaps the smallest nginx forward proxy server docker images.\n\n## Usage\n\nstart nginx server first:\n\n```bash\ndocker run --rm -d -p 8080:80 soulteary/docker-nginx-forward-proxy\n```\n\nRefer to the post for setting environment variables:\n\n- [Set a network range in the no_proxy environment variable](https://unix.stackexchange.com/questions/23452/set-a-network-range-in-the-no-proxy-environment-variable)\n\nFor docker users, you can edit the **docker.service** file:\n\n`/lib/systemd/system/docker.service`\n\n```bash\nEnvironment=\"HTTP_PROXY=http://YOUR_NGX_PROXY_SERVER:8080/\" \"HTTPS_PROXY=https://YOUR_NGX_PROXY_SERVER:8080/\"\n```\n\n## Security\n\nIt is not recommended to use any authentication method like \"Basic Auth\", waste server resources.\n\nA better approach is to use a cloud service provider or our own firewall, and deploy the service on the application intranet.\n\nReduce the possibility that the service can be accessed instead of simply adding a lock that is not too secure.\n\n## Test\n\nTest `http://domain.ltd` :\n\n```bash\ncurl --proxy http://localhost:8080 http://www.baidu.com --include --verbose\n*   Trying ::1...\n* TCP_NODELAY set\n* Connected to localhost (::1) port 8080 (#0)\n\u003e GET http://www.baidu.com/ HTTP/1.1\n\u003e Host: www.baidu.com\n\u003e User-Agent: curl/7.64.1\n\u003e Accept: */*\n\u003e Proxy-Connection: Keep-Alive\n\u003e \n\n\u003c HTTP/1.1 200 OK\nHTTP/1.1 200 OK\n\u003c Server: nginx\nServer: nginx\n\u003c Date: Tue, 26 Jan 2021 16:08:20 GMT\nDate: Tue, 26 Jan 2021 16:08:20 GMT\n\u003c Content-Type: text/html\nContent-Type: text/html\n\u003c Content-Length: 2381\nContent-Length: 2381\n\u003c Connection: keep-alive\nConnection: keep-alive\n\u003c Accept-Ranges: bytes\nAccept-Ranges: bytes\n\u003c Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform\nCache-Control: private, no-cache, no-store, proxy-revalidate, no-transform\n\u003c Etag: \"588604ec-94d\"\nEtag: \"588604ec-94d\"\n\u003c Last-Modified: Mon, 23 Jan 2017 13:28:12 GMT\nLast-Modified: Mon, 23 Jan 2017 13:28:12 GMT\n\u003c Pragma: no-cache\nPragma: no-cache\n\u003c Set-Cookie: BDORZ=27315; max-age=86400; domain=.baidu.com; path=/\nSet-Cookie: BDORZ=27315; max-age=86400; domain=.baidu.com; path=/\n\n\u003c \n\u003c!DOCTYPE html\u003e\n....\n```\n\nTest `http://domain.ltd` with https redirect:\n\n```bash\ncurl --proxy http://localhost:8080 http://www.alibaba.com --include --verbose\n\n*   Trying ::1...\n* TCP_NODELAY set\n* Connected to localhost (::1) port 8080 (#0)\n\u003e GET http://www.alibaba.com/ HTTP/1.1\n\u003e Host: www.alibaba.com\n\u003e User-Agent: curl/7.64.1\n\u003e Accept: */*\n\u003e Proxy-Connection: Keep-Alive\n\u003e \n\u003c HTTP/1.1 301 Moved Permanently\nHTTP/1.1 301 Moved Permanently\n\u003c Server: nginx\nServer: nginx\n\u003c Date: Tue, 26 Jan 2021 16:09:07 GMT\nDate: Tue, 26 Jan 2021 16:09:07 GMT\n\u003c Content-Type: text/html\nContent-Type: text/html\n\u003c Content-Length: 239\nContent-Length: 239\n\u003c Connection: keep-alive\nConnection: keep-alive\n\u003c Location: https://www.alibaba.com/\nLocation: https://www.alibaba.com/\n\u003c Timing-Allow-Origin: *\nTiming-Allow-Origin: *\n\u003c EagleId: 0bb1292216116773475272349ef29f\nEagleId: 0bb1292216116773475272349ef29f\n\u003c server-timing: rt;dur=0.000,eagleid;desc=0bb1292216116773475272349ef29f\nserver-timing: rt;dur=0.000,eagleid;desc=0bb1292216116773475272349ef29f\n\n\u003c \n\u003c!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\u003ctitle\u003e301 Moved Permanently\u003c/title\u003e\u003c/head\u003e\n\u003cbody\u003e\n\u003ccenter\u003e\u003ch1\u003e301 Moved Permanently\u003c/h1\u003e\u003c/center\u003e\n\u003chr/\u003ePowered by Tengine\u003chr\u003e\u003ccenter\u003etengine\u003c/center\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n* Connection #0 to host localhost left intact\n* Closing connection 0\n```\n\nTest `https://domain.ltd`:\n\n```bash\n curl --proxy http://localhost:8080 https://www.tencent.com --include --verbose\n\n*   Trying ::1...\n* TCP_NODELAY set\n* Connected to localhost (::1) port 8080 (#0)\n* allocate connect buffer!\n* Establish HTTP proxy tunnel to www.tencent.com:443\n\u003e CONNECT www.tencent.com:443 HTTP/1.1\n\u003e Host: www.tencent.com:443\n\u003e User-Agent: curl/7.64.1\n\u003e Proxy-Connection: Keep-Alive\n\u003e \n\u003c HTTP/1.1 200 Connection Established\nHTTP/1.1 200 Connection Established\n\u003c Proxy-agent: nginx\nProxy-agent: nginx\n\u003c \n\n* Proxy replied 200 to CONNECT request\n* CONNECT phase completed!\n* ALPN, offering h2\n* ALPN, offering http/1.1\n* successfully set certificate verify locations:\n*   CAfile: /etc/ssl/cert.pem\n  CApath: none\n* TLSv1.2 (OUT), TLS handshake, Client hello (1):\n* CONNECT phase completed!\n* CONNECT phase completed!\n* TLSv1.2 (IN), TLS handshake, Server hello (2):\n* TLSv1.2 (IN), TLS handshake, Certificate (11):\n* TLSv1.2 (IN), TLS handshake, Server key exchange (12):\n* TLSv1.2 (IN), TLS handshake, Server finished (14):\n* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):\n* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):\n* TLSv1.2 (OUT), TLS handshake, Finished (20):\n* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):\n* TLSv1.2 (IN), TLS handshake, Finished (20):\n* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256\n* ALPN, server accepted to use h2\n* Server certificate:\n*  subject: C=CN; ST=Guangdong Province; L=Shenzhen; O=Shenzhen Tencent Computer Systems Company Limited; OU=R\u0026D; CN=tencent.com\n*  start date: Apr 24 00:00:00 2020 GMT\n*  expire date: Jun 20 12:00:00 2021 GMT\n*  subjectAltName: host \"www.tencent.com\" matched cert's \"www.tencent.com\"\n*  issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Secure Site CA G2\n*  SSL certificate verify ok.\n* Using HTTP2, server supports multi-use\n* Connection state changed (HTTP/2 confirmed)\n* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0\n* Using Stream ID: 1 (easy handle 0x7fc1c700e800)\n\u003e GET / HTTP/2\n\u003e Host: www.tencent.com\n\u003e User-Agent: curl/7.64.1\n\u003e Accept: */*\n\u003e \n* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!\n\u003c HTTP/2 200 \nHTTP/2 200 \n\u003c date: Tue, 26 Jan 2021 16:09:59 GMT\ndate: Tue, 26 Jan 2021 16:09:59 GMT\n\u003c content-type: text/html; charset=UTF-8\ncontent-type: text/html; charset=UTF-8\n\u003c content-length: 32744\ncontent-length: 32744\n\u003c server: nginx\nserver: nginx\n\u003c cache-control: private, max-age=600\ncache-control: private, max-age=600\n\u003c expires: Tue, 26 Jan 2021 16:19:59 GMT\nexpires: Tue, 26 Jan 2021 16:19:59 GMT\n\u003c last-modified: Tue, 26 Jan 2021 16:00:00 GMT\nlast-modified: Tue, 26 Jan 2021 16:00:00 GMT\n\u003c x-verify-code: 01f3329c249d6407ff4c4156c7a6313e\nx-verify-code: 01f3329c249d6407ff4c4156c7a6313e\n\u003c x-nws-uuid-verify: 3eb6a9e6eca0f2aed35c510a517e572d\nx-nws-uuid-verify: 3eb6a9e6eca0f2aed35c510a517e572d\n\u003c x-xss-protection: 0\nx-xss-protection: 0\n\u003c x-nws-log-uuid: 6a6d09e3-0577-44a8-9878-13e56eeff188\nx-nws-log-uuid: 6a6d09e3-0577-44a8-9878-13e56eeff188\n\u003c x-cache-lookup: Hit From Upstream\nx-cache-lookup: Hit From Upstream\n\u003c x-cache-lookup: Hit From Upstream\nx-cache-lookup: Hit From Upstream\n\u003c x-daa-tunnel: hop_count=1\nx-daa-tunnel: hop_count=1\n\u003c x-cache-lookup: Hit From Upstream\nx-cache-lookup: Hit From Upstream\n\n\u003c \n\u003c!DOCTYPE html\u003e\n\u003chtml lang=\"zh-CN\"\u003e\n\u003chead\u003e\n  \u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" /\u003e\n...\n```\n\n## Resource\n\n- [chobits/ngx_http_proxy_connect_module](https://github.com/chobits/ngx_http_proxy_connect_module)\n    - Nginx HTTP Proxy Connect Module Project, used by Tengine.\n- [DockerHub Repo](https://hub.docker.com/r/soulteary/docker-nginx-forward-proxy)\n    - Build image of this project base Nginx Offical Images.\n- [hinata/nginx-forward-proxy](https://github.com/hinata/nginx-forward-proxy)\n    - Thanks for pointing out the specified proxy client version.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsoulteary%2Fdocker-nginx-forward-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsoulteary%2Fdocker-nginx-forward-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsoulteary%2Fdocker-nginx-forward-proxy/lists"}