TyleoDvDelaware3217/GoDoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2025-05-20 12:42:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
GoDoxy/docs/docker.md

6.2 KiB
Raw Blame History

Docker container guide

Table of content

Setup

  1. Install wget if not already

  2. Run setup script

    bash <(wget -qO- https://github.com/yusing/go-proxy/raw/main/setup-docker.sh)

    What it does:

    • Create required directories
    • Setup config.yml and compose.yml

  3. Verify folder structure and then cd go-proxy

    go-proxy
├── certs
├── compose.yml
└── config
    ├── config.yml
    └── providers.yml

  4. Enable HTTPs (optional)

    • To use autocert feature

      • completing autocert section in config/config.yml
      • mount certs/ to /app/certs to store obtained certs

    • To use existing certificate

      mount your wildcard (*.y.z) SSL cert

      • cert / chain / fullchain -> /app/certs/cert.crt
      • private key -> /app/certs/priv.key

  5. Modify compose.yml fit your needs

    Add networks to make sure it is in the same network with other containers, or make sure proxy.<alias>.host is reachable

  6. Run docker compose up -d to start the container

  7. Start editing config files in http://<ip>:8080

🔼Back to top

Labels

  • proxy.aliases: comma separated aliases for subdomain matching

    • default: container name

  • proxy.*.<field>: wildcard label for all aliases

Labels below should have a proxy.<alias>. prefix.

i.e. proxy.nginx.scheme: http

  • scheme: proxy protocol

    • default:
      • if port is like x:y: tcp
      • if port is a number: http
    • allowed: http, https, tcp, udp

  • host: proxy host

    • default: container_name
    • allowed: IP address, hostname

  • port: proxy port

    • default: first port in ports:
    • http(s): number in range og 0 - 65535
    • tcp, udp: x:y

  • no_tls_verify: whether skip tls verify when scheme is https

    • default: false

  • path: proxy path (http(s) proxy only)

    • default: empty

  • path_mode: mode for path handling

    • default: empty

    • allowed: empty, forward

      • empty: remove path prefix from URL when proxying
        1. apps.y.z/webdav -> webdav:80
        2. apps.y.z./webdav/path/to/file -> webdav:80/path/to/file
      • forward: path remain unchanged
        1. apps.y.z/webdav -> webdav:80/webdav
        2. apps.y.z./webdav/path/to/file -> webdav:80/webdav/path/to/file

  • set_headers: a list of header to set, (key:value, one by line)

    Duplicated keys will be treated as multiple-value headers

    labels:
  proxy.app.set_headers: |
    X-Custom-Header1: value1
    X-Custom-Header1: value2
    X-Custom-Header2: value2

  • hide_headers: comma seperated list of headers to hide

  • load_balance: enable load balance

    • allowed: 1, true

🔼Back to top

Troubleshooting

  • Firewall issues

    If you are using ufw with vpn that drop all inbound traffic except vpn, run below:

    sudo ufw allow from 172.16.0.0/16 to 100.64.0.0/10

    Explaination:

    Docker network is usually 172.16.0.0/16

    Tailscale is used as an example, 100.64.0.0/10 will be the CIDR

    You can also list CIDRs of all docker bridge networks by:

    docker network inspect $(docker network ls | awk '$3 == "bridge" { print $1}') | jq -r '.[] | .Name + " " + .IPAM.Config[0].Subnet' -

🔼Back to top

Docker compose examples

Local docker provider in bridge network

volumes:
  adg-work:
  adg-conf:
  mc-data:
  palworld:
  nginx:
services:
  adg:
    image: adguard/adguardhome
    restart: unless-stopped
    labels:
      - proxy.aliases=adg,adg-dns,adg-setup
      - proxy.adg.port=80
      - proxy.adg-setup.port=3000
      - proxy.adg-dns.scheme=udp
      - proxy.adg-dns.port=20000:dns
    volumes:
      - adg-work:/opt/adguardhome/work
      - adg-conf:/opt/adguardhome/conf
  mc:
    image: itzg/minecraft-server
    tty: true
    stdin_open: true
    container_name: mc
    restart: unless-stopped
    labels:
      - proxy.mc.scheme=tcp
      - proxy.mc.port=20001:25565
    environment:
      - EULA=TRUE
    volumes:
      - mc-data:/data
  palworld:
    image: thijsvanloef/palworld-server-docker:latest
    restart: unless-stopped
    container_name: pal
    stop_grace_period: 30s
    labels:
      - proxy.aliases=pal1,pal2
      - proxy.*.scheme=udp
      - proxy.pal1.port=20002:8211
      - proxy.pal2.port=20003:27015
    environment: ...
    volumes:
      - palworld:/palworld
  nginx:
    image: nginx
    container_name: nginx
    volumes:
      - nginx:/usr/share/nginx/html
  go-proxy:
    image: ghcr.io/yusing/go-proxy:latest
    container_name: go-proxy
    restart: always
    network_mode: host
    volumes:
      - ./config:/app/config
      - /var/run/docker.sock:/var/run/docker.sock:ro
  go-proxy-frontend:
    image: ghcr.io/yusing/go-proxy-frontend:latest
    container_name: go-proxy-frontend
    restart: unless-stopped
    network_mode: host
    labels:
      - proxy.*.aliases=gp
    depends_on:
      - go-proxy

🔼Back to top

Proxy setup

go-proxy:
  image: ghcr.io/yusing/go-proxy
  container_name: go-proxy
  restart: always
  network_mode: host
  volumes:
    - ./config:/app/config
    - /var/run/docker.sock:/var/run/docker.sock:ro
  labels:
    - proxy.aliases=gp
    - proxy.gp.port=8080

🔼Back to top

Services URLs for above examples

  • gp.yourdomain.com: go-proxy web panel
  • adg-setup.yourdomain.com: adguard setup (first time setup)
  • adg.yourdomain.com: adguard dashboard
  • nginx.yourdomain.com: nginx
  • yourdomain.com:53: adguard dns
  • yourdomain.com:25565: minecraft server
  • yourdomain.com:8211: palworld server

🔼Back to top