====== TinyProxy Server 安裝設定 ======
* 安裝環境 : Alpine 3 + Docker compose
====== 使用 docker compose 方式 =====
- 建立 Tinyproxy 設定檔 tinyproxy.conf
vi tinyproxy.conf
User nobody
Group nogroup
Port 3128
Listen 0.0.0.0
Timeout 600
LogFile "/var/log/tinyproxy/tinyproxy.log"
LogLevel Info
PidFile "/var/run/tinyproxy.pid"
MaxClients 100
Allow 127.0.0.1
Allow 192.168.0.0/16
Allow 10.0.0.0/8
ViaProxyName "tinyproxy"
ConnectPort 443
ConnectPort 563
- 針對實際 **Client 的 IP 範圍加入 Allow 項目** Exp. Allow 172.16.0.0/16
- 針對實際 **需要 Fordward Proxy SSL Port 加入 ConnectPort 項目** Exp. ConnectPort 8006
- 建立 Docker Compose 配置檔 docker-compose.yml 與第一次啟動
vi docker-compose.yml
services:
tinyproxy:
image: vimagick/tinyproxy
hostname: tinyproxy
container_name: tinyproxy
environment:
- TZ=Asia/Taipei
ports:
- "3128:3128"
volumes:
- ./tinyproxy.conf:/etc/tinyproxy/tinyproxy.conf:ro
- ./logs:/var/log
restart: always
command: sh -c "mkdir -p /var/log/tinyproxy && chown -R nobody:nogroup /var/log/tinyproxy && tinyproxy -d"
watchtower:
container_name: watchtower
image: containrrr/watchtower
volumes:
- /var/run/docker.sock:/var/run/docker.sock
environment:
- TZ=Asia/Taipei
- WATCHTOWER_SCHEDULE=0 45 23 * * *
- WATCHTOWER_CLEANUP=true
labels:
- "com.centurylinklabs.watchtower.enable=true"
restart: unless-stopped
docker compose up -d
- 查看 docker compose 紀錄
docker compose logs -f
- 查看 tinyproxy 紀錄
# tail -f ~/logs/tinyproxy/tinyproxy.log
INFO Sep 26 05:48:45.689 [1]: opensock: getaddrinfo returned for 192.168.11.1:80
CONNECT Sep 26 05:48:45.690 [1]: Established connection to host "192.168.11.1" using file descriptor 6.
INFO Sep 26 05:48:45.692 [1]: Closed connection between local client (fd:5) and remote client (fd:6)
CONNECT Sep 26 05:48:48.630 [1]: Connect (file descriptor 5): 192.168.11.8
CONNECT Sep 26 05:48:48.634 [1]: Request (file descriptor 5): GET http://192.168.11.1/system_status_data.asp HTTP/1.1
INFO Sep 26 05:48:48.635 [1]: No upstream proxy for 192.168.11.1
INFO Sep 26 05:48:48.635 [1]: opensock: opening connection to 192.168.11.1:80
INFO Sep 26 05:48:48.636 [1]: opensock: getaddrinfo returned for 192.168.11.1:80
CONNECT Sep 26 05:48:48.637 [1]: Established connection to host "192.168.11.1" using file descriptor 6.
INFO Sep 26 05:48:48.639 [1]: Closed connection between local client (fd:5) and remote client (fd:6)
:
===== 常見問題 =====
* Q:如何讓 log 檔只保留一段時間就好 Exp. 一年
* A: 在 host 安裝 logrotate 來進行處理
- 安裝 logrotate apk add logrotate
- 編輯 /etc/logrotate.d/tinyproxy 設定保留一年vi /etc/logrotate.d/tinyproxy
/root/logs/tinyproxy/tinyproxy.log {
daily
rotate 365
compress
delaycompress
missingok
notifempty
create 644 root root
postrotate
docker exec tinyproxy kill -HUP $(docker exec tinyproxy cat /var/run/tinyproxy.pid 2>/dev/null) 2>/dev/null || true
endscript
}
- 驗證執行 logrotate -d /etc/logrotate.d/tinyproxy
* ++看結果|
tinyproxy-235:~# logrotate -d /etc/logrotate.d/tinyproxy
warning: logrotate in debug mode does nothing except printing debug messages! Consider using verbose mode (-v) instead if this is not what you want.
reading config file /etc/logrotate.d/tinyproxy
Reading state from file: /var/lib/logrotate.status
state file /var/lib/logrotate.status does not exist
Allocating hash table for state file, size 64 entries
Handling 1 logs
rotating pattern: /root/logs/tinyproxy/tinyproxy.log after 1 days (365 rotations)
empty log files are not rotated, old logs are removed
considering log /root/logs/tinyproxy/tinyproxy.log
Creating new state
Now: 2024-09-26 17:52
Last rotated at 2024-09-26 17:00
log does not need rotating (log has already been rotated)
++
===== 相關參考資料 =====
* https://claude.ai/
{{tag>squid proxy 安裝}}