10 KiB
Docker compose guide
Table of content
Setup
-
Install
wgetif not already- Ubuntu based:
sudo apt install -y wget - Fedora based:
sudo yum install -y wget - Arch based:
sudo pacman -Sy wget
- Ubuntu based:
-
Run setup script
bash <(wget -qO- https://github.com/yusing/go-proxy/raw/main/setup-docker.sh)It will setup folder structure and required config files
-
Verify folder structure and then
cd go-proxygo-proxy ├── certs ├── compose.yml └── config ├── config.yml └── providers.yml -
Enable HTTPs (optional)
Mount a folder (to store obtained certs) or (containing existing cert)
services: go-proxy: ... volumes: - ./certs:/app/certsTo use autocert, complete that section in
config.yml, e.g.autocert: email: john.doe@x.y.z # ACME Email domains: # a list of domains for cert registration - x.y.z provider: cloudflare options: - auth_token: c1234565789-abcdefghijklmnopqrst # your zone API tokenTo use existing certificate, set path for cert and key in
config.yml, e.g.autocert: cert_path: /app/certs/cert.crt key_path: /app/certs/priv.key -
Modify
compose.ymlto fit your needs -
Run
docker compose up -dto start the container -
Navigate to Web panel
http://gp.yourdomain.comor use Visual Studio Code (provides schema check) to edit proxy config
Labels
Syntax
| Label | Description | Default |
|---|---|---|
proxy.aliases |
comma separated aliases for subdomain and label matching | container_name |
proxy.<alias>.<field> |
set field for specific alias | N/A |
proxy.*.<field> |
set field for all aliases | N/A |
Fields
| Field | Description | Default | Allowed Values / Syntax |
|---|---|---|---|
scheme |
proxy protocol |
|
http, https, tcp, udp |
host |
proxy host |
|
IP address, hostname |
port |
proxy port (http/s) | first port in ports: |
number in range of 1 - 65535 |
port (required) |
proxy port (tcp/udp) | N/A | x:y
|
no_tls_verify |
whether skip tls verify (https only) | false |
boolean |
path_patterns |
proxy path patterns (http/s only) only requests that matched a pattern will be proxied |
empty (proxy all requests) | yaml style list1 of path patterns (syntax) |
set_headers |
header to set (http/s only) | empty | yaml style key-value mapping2 of header-value pairs |
hide_headers |
header to hide (http/s only) | empty | yaml style list1 of headers |
Key-value mapping example
Docker Compose
services:
nginx:
...
labels:
# values from duplicated header keys will be combined
proxy.nginx.set_headers: | # remember to add the '|'
X-Custom-Header1: value1, value2
X-Custom-Header2: value3
X-Custom-Header2: value4
# X-Custom-Header2 will be "value3, value4"
File Provider
service_a:
host: service_a.internal
set_headers:
# do not duplicate header keys, as it is not allowed in YAML
X-Custom-Header1: value1, value2
X-Custom-Header2: value3
List example
Docker Compose
services:
nginx:
...
labels:
proxy.nginx.path_patterns: | # remember to add the '|'
- GET /
- POST /auth
proxy.nginx.hide_headers: | # remember to add the '|'
- X-Custom-Header1
- X-Custom-Header2
File Provider
service_a:
host: service_a.internal
path_patterns:
- GET /
- POST /auth
hide_headers:
- X-Custom-Header1
- X-Custom-Header2
Troubleshooting
-
Container not showing up in proxies list
Please check that either
portsor labelproxy.<alias>.portis declared, e.g.services: nginx-1: # Option 1 ... ports: - 80 nginx-2: # Option 2 ... container_name: nginx-2 labels: proxy.nginx-2.port: 80 -
Firewall issues
If you are using
ufwwith vpn that drop all inbound traffic except vpn, run below:sudo ufw allow from 172.16.0.0/16 to 100.64.0.0/10Explaination:
Docker network is usually
172.16.0.0/16Tailscale is used as an example,
100.64.0.0/10will be the CIDRYou can also list CIDRs of all docker bridge networks by:
docker network inspect $(docker network ls | awk '$3 == "bridge" { print $1}') | jq -r '.[] | .Name + " " + .IPAM.Config[0].Subnet' -
Docker compose examples
volumes:
adg-work:
adg-conf:
mc-data:
palworld:
nginx:
services:
adg:
image: adguard/adguardhome
restart: unless-stopped
labels:
- proxy.aliases=adg,adg-dns,adg-setup
- proxy.adg.port=80
- proxy.adg-setup.port=3000
- proxy.adg-dns.scheme=udp
- proxy.adg-dns.port=20000:dns
volumes:
- adg-work:/opt/adguardhome/work
- adg-conf:/opt/adguardhome/conf
mc:
image: itzg/minecraft-server
tty: true
stdin_open: true
container_name: mc
restart: unless-stopped
labels:
- proxy.mc.scheme=tcp
- proxy.mc.port=20001:25565
environment:
- EULA=TRUE
volumes:
- mc-data:/data
palworld:
image: thijsvanloef/palworld-server-docker:latest
restart: unless-stopped
container_name: pal
stop_grace_period: 30s
labels:
- proxy.aliases=pal1,pal2
- proxy.*.scheme=udp
- proxy.pal1.port=20002:8211
- proxy.pal2.port=20003:27015
environment: ...
volumes:
- palworld:/palworld
nginx:
image: nginx
container_name: nginx
volumes:
- nginx:/usr/share/nginx/html
ports:
- 80
go-proxy:
image: ghcr.io/yusing/go-proxy:latest
container_name: go-proxy
restart: always
network_mode: host
volumes:
- ./config:/app/config
- /var/run/docker.sock:/var/run/docker.sock:ro
go-proxy-frontend:
image: ghcr.io/yusing/go-proxy-frontend:latest
container_name: go-proxy-frontend
restart: unless-stopped
network_mode: host
labels:
- proxy.aliases=gp
- proxy.gp.port=8888
depends_on:
- go-proxy
Services URLs for above examples
gp.yourdomain.com: go-proxy web paneladg-setup.yourdomain.com: adguard setup (first time setup)adg.yourdomain.com: adguard dashboardnginx.yourdomain.com: nginxyourdomain.com:53: adguard dnsyourdomain.com:25565: minecraft serveryourdomain.com:8211: palworld server